Privacy Policy
CuraSuite β Healthcare SaaS Platform
Last Updated: April 2025
π Table of Contents
1. INTRODUCTION
This Privacy Policy explains how PhoneixRise Interactive Pvt. Ltd. (βCompanyβ, βweβ, βourβ, or βusβ) collects, uses, processes, and protects data when you use CuraSuite, our healthcare SaaS platform.
π By accessing or using CuraSuite, you agree to this Privacy Policy.
2. ABOUT US
PhoneixRise Interactive Pvt. Ltd.
Owner and operator of CuraSuite
π Registered Address: 801, Pearl Business Park, Andheri East, Mumbai - 400093, India
π§ Email: care@curasuite.in
3. APPLICABILITY
This policy applies to:
- Doctors
- Clinics
- Hospitals
- Staff users
- Website visitors
4. TYPES OF DATA WE COLLECT
4.1 Personal Data (Client Users)
- Name
- Phone number
- Email address
- Login credentials
4.2 Patient Data (Entered by Client)
- Name
- Age / Gender
- Contact details
- Medical history
- Prescriptions
- Billing information
π Important: This data is controlled by the Client (doctor/clinic)
4.3 Technical Data
- IP address
- Device type
- Browser details
- Usage logs
4.4 Marketing & Tracking Data
- UTM parameters
- Page visits
- Interaction behavior
5. LEGAL BASIS FOR PROCESSING
We process data in accordance with:
- Digital Personal Data Protection Act, 2023
Roles:
β’ Client (Doctor/Clinic) = Data Controller
β’ Company = Data Processor
6. HOW WE USE DATA
We use data to:
- Provide and operate CuraSuite
- Manage accounts and access
- Process appointments and billing
- Send notifications (SMS, WhatsApp, email)
- Improve platform performance
- Ensure security and prevent fraud
7. PATIENT DATA HANDLING
- We process patient data only on behalf of the Client
- We do not use patient data for marketing
- We do not sell patient data
π The Client is responsible for:
β’ Obtaining patient consent
β’ Ensuring lawful data collection
8. DATA SHARING
We may share data with:
8.1 Service Providers
- Hosting providers
- SMS/WhatsApp providers
- Payment gateways
8.2 Legal Authorities
- If required by law or regulation
π We do NOT sell personal or patient data
9. DATA SECURITY
We implement:
- Encryption (data in transit & at rest)
- Access control systems
- Secure authentication
- Monitoring and logging
10. DATA RETENTION
- Data retained during active subscription
- Deleted within 30β60 days after termination
11. DATA BREACH RESPONSE
In case of a data breach:
- We will notify affected parties promptly
- We will take corrective action
- We will cooperate with authorities
12. USER RIGHTS
Depending on applicable law, users may:
- Access their data
- Request correction
- Request deletion
- Withdraw consent
13. COOKIES & TRACKING
We may use cookies and tracking tools to:
- Improve user experience
- Analyze usage
- Track marketing performance
Users can control cookies via browser settings.
14. THIRD-PARTY SERVICES
CuraSuite may integrate with:
- Messaging platforms
- Payment services
β οΈ We are not responsible for third-party privacy practices.
15. CHILDREN'S PRIVACY
- CuraSuite is not intended for direct use by children.
- Patient data must be handled by authorized professionals only.
16. INTERNATIONAL DATA TRANSFERS
If applicable, data may be processed outside India with appropriate safeguards.
17. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time.
π Continued use = acceptance of updates.
18. CONTACT US
For privacy-related queries:
PhoneixRise Interactive Pvt. Ltd.
π§ Email: privacy@curasuite.in
π Phone: +91 88828 14698
π Address: 801, Pearl Business Park, Andheri East, Mumbai - 400093, India