top of page

  • Xtratonic Healthcare Private Limited (“Company”, “we”, “our”, or “us”) operates the digital health platform branded as INFEKTIONS. This Privacy Policy outlines how we collect, use, store, process, and protect your personal data in accordance with the Information Technology Act, 2000, SPDI Rules, 2011, the Digital Personal Data Protection Act, 2023, and other applicable laws in India.
    We respect your privacy and are committed to safeguarding your sensitive health information with transparency, integrity, and compliance.

  • This Privacy Policy applies to all users of the INFEKTIONS mobile application, website, and affiliated digital services (“Platform”). It covers all interactions including but not limited to lab test bookings, doctor consultations, account creation, and data sharing activities conducted on or through the Platform.

  • Personal Data: Any information that can identify an individual.
    Sensitive Personal Data or Information (SPDI): Includes health records, sexual health status, biometric data, financial data, etc.
    Data Principal: You, the user to whom the data relates.
    Data Fiduciary: Xtratonic Healthcare Private Limited.
    Processing: Collection, use, storage, sharing, or disposal of data.
    Consent: Free, informed, specific, and unambiguous agreement to data processing.

  • A. Personal Identifiable Information
    - Name
    - Mobile number and email ID
    - Gender, date of birth, age
    - Address, PIN code
    - Government-issued identification (if required for compliance or lab access)

    B. Sensitive Health Data
    - Lab test selections and diagnostic reports
    - Symptoms and medical history
    - Sexual health data (e.g., HIV/STI status, only with explicit consent)
    - Prescriptions and uploaded medical documents
    - Consultation notes with doctors

    C. Technical and Device Information
    - IP address, device ID, browser, OS
    - Geo-location (only if allowed by you)
    - Access logs and usage patterns

    D. Financial Data
    - Payment method (via secure gateway)
    - Transaction IDs and status (no card numbers or CVV are stored)

  • We process your data based on:
    - Explicit consent obtained digitally
    - Contractual necessity (e.g., booking a lab test)
    - Legal obligations (e.g., for public health reporting)
    - Legitimate interest (e.g., fraud prevention, analytics)

  • Your data is used for:
    - Booking diagnostic tests and consultations
    - Delivering lab reports securely
    - Sending reminders and health updates
    - Improving app functionality and personalization
    - Generating anonymized analytics
    - Protecting users and Platform from fraud and misuse
    - Meeting legal or regulatory obligations

  • - Separate consent is taken before processing sensitive health information
    - Users may withdraw consent at any time from within their profile settings or by writing to our Grievance Officer
    - Consent records are securely stored with timestamps for auditing

  • We may share your data with:
    - NABL/NABH certified laboratories
    - Registered medical professionals
    - Payment gateways (limited to transaction info)
    - IT infrastructure and cloud service providers
    - Government or legal authorities (if mandated)
    We never sell your data to advertisers or third parties.

  • - Data is stored in secure, access-controlled environments
    - Personal health data is retained for a minimum of 3 years as per medical record standards
    - Upon user request, data is deleted or anonymized, unless required for compliance
    - Encrypted backups are retained for up to 90 days post-deletion

  • All primary data is stored on Indian servers.
    If international processing is ever required (e.g., for CDNs or analytics), it will:
    - Follow government guidelines on cross-border data transfer
    - Be protected with encryption and contract-based safeguards

  • We apply rigorous controls, including:
    - SSL/TLS encryption for all data in transit
    - AES-256 encryption for data at rest
    - Two-factor authentication for admin dashboards
    - Role-based access permissions
    - Automated and manual breach monitoring
    - Annual third-party security audits

  • To protect users, we monitor accounts for:
    - Suspicious login patterns
    - Unusually frequent report downloads
    - Abnormal test booking behaviors
    - Attempts to bypass verification
    We may notify the user, suspend the account temporarily, or take corrective action as needed.

  • Under the DPDP Act and related laws, users may:
    - Access and review their data
    - Correct inaccuracies
    - Withdraw consent
    - Request account deletion
    - Receive a copy of their data
    - File complaints with the Data Protection Board of India

  • Our services are intended for users 18 years and above.
    For pediatric testing, information must be submitted only by a parent or legal guardian with verifiable consent.

  • We do not use your data to make automated decisions affecting your health or access to care.
    Health suggestions or recommendations are non-binding, reviewed by humans, and can be opted out of.

  • We may use:
    - Essential cookies for site functionality
    - Analytical cookies for performance improvement
    You may manage cookies through browser settings. We do not use ad-targeting cookies.

  • In case of a data breach:
    - We will notify affected users within 72 hours
    - We will report the incident to the Data Protection Board (as applicable)
    - Remedial actions will be taken immediately, including account suspension or password resets

  • We reserve the right to amend this policy from time to time.
    Users will be notified of material changes via:
    - In-app notification
    - Email
    - Updated version/date log
    Continued use implies acceptance of the latest policy.

  • Grievance Officer
    Xtratonic Healthcare Private Limited
    Email: privacy@infektions.in
    Response Time: Within 15 business days

  • This Policy is governed by the laws of India.
    Disputes will be subject to the exclusive jurisdiction of the courts located in Delhi, India].

  • To ensure maximum confidentiality, INFEKTIONS provides users with unique, anonymous codes or QR codes for diagnostic orders and result access.
    - These codes are randomly generated and not linked to identifiable personal information on test reports unless required by law.
    - Reports can be accessed via QR code only by the user or an authorized healthcare professional.
    - This system is designed for privacy-sensitive tests like:
    - HIV, STI/STD panels
    - Semen analysis
    - Hormonal/sexual health testing
    - We do not embed names or contact details on reports unless explicitly permitted by the user.
    This ensures discreet testing while maintaining full traceability for quality assurance and regulatory compliance.

Our Privacy Promise

Layer_4.png

App-Based Reports & Contact

For maximum confidentiality, Infektions delivers all reports and communications exclusively within the app, bypassing email entirely.
Layer_12.png

Data Security & Backup

Your sensitive health data is rigorously secured and backed up, ensuring its integrity and protection against loss.
Layer_15.png

Ultra-Secure Data

Infektions employs ultra-secure encryption and protocols to safeguard your information with the highest level of data protection.
Layer_5.png

No Email Reports

To maintain complete privacy, all test results are delivered directly through the secure Infektions app, never via email.

Home
About
Contact

LOCATION

Model Town, New Delhi

SOCIAL

LinkedIN

Facebook

X

STAY CONNECTED

Get the latest news & updates

care@infektions.com
Tel. 123-456-7890

© 2035 by Infektions.

bottom of page