top of page

Privacy Policy

Last Updated: March 16, 2025

At Nostavia Health (“Nostavia,” “we,” “us,” or “our”), your privacy is our priority. We are committed to protecting your personal and health-related information while delivering exceptional healthcare services through our website, mobile applications, and related offerings (collectively, the “Services”). This Privacy Policy explains how we collect, use, share, and safeguard your data in accordance with Indian laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and guidelines from the Digital Information Security in Healthcare Act (DISHA) (draft). It also aligns with the upcoming Personal Data Protection Bill to ensure future compliance.

By using our Services, you agree to the practices described in this policy. Please read it carefully.

 

1. Information We Collect

To provide and improve our Services, we collect the following types of information:

  • Personal Information

    • Name, email address, phone number, residential address, date of birth, and gender.

    • Other identifiers you provide when creating an account or using our Services.

  • Health Data

    • Medical history, current health conditions, treatment plans, diagnostic test results, and responses to health quizzes.

    • Information shared during telehealth consultations or health programs.

  • Usage Data

    • Details about how you interact with our platform, such as IP address, browser type, device information, pages visited, and time spent on the platform.

  • Payment Information

    • Credit/debit card details, UPI IDs, or other payment methods used for transactions.

  • Marketplace Data

    • Purchase history, order details, and shipping information when you buy products through our marketplace.

We only collect this information with your explicit consent, which you can withdraw at any time by contacting us at aditya@nostaviacorp.com.

 

2. Why We Collect Your Data

We use your information to deliver, personalize, and enhance your experience with Nostavia Health. Specifically, we collect data to:

  • Provide and tailor our Services, including digital clinics, health plans, and personalized programs.

  • Facilitate telehealth consultations with certified practitioners.

  • Process payments and manage your account.

  • Ensure continuity of care and offer health recommendations.

  • Improve our platform’s functionality and user experience.

  • Communicate updates, promotions, or health tips (with your consent).

  • Meet legal and regulatory obligations, such as tax or healthcare laws.

 

3. How We Share Your Data

We may share your information in the following situations:

  • With Healthcare Providers: Your health data is shared with certified practitioners to provide consultations or treatment plans.

  • With Trusted Partners: We work with third-party service providers (e.g., payment processors, cloud storage providers) to operate our platform. These partners are bound by strict confidentiality agreements.

  • With Legal Authorities: We may disclose data if required by law or to protect our rights, safety, or property.

  • With Your Consent: We’ll ask for your permission before sharing data for any other purpose, like research or marketing.

We do not sell or rent your personal information to third parties for their marketing purposes.

 

4. How We Protect Your Data

Your security matters to us. We use strong measures to keep your data safe, including:

  • Encryption: Sensitive information, like health and payment details, is encrypted during transmission and storage.

  • Access Controls: Only authorized personnel can access your data, and only when necessary.

  • Regular Audits: We perform security checks and assessments to protect our systems.

  • Best Practices: We follow industry standards for data security, especially in healthcare.

While we strive to protect your data, no system is 100% secure. We cannot guarantee absolute protection against unauthorized access, but we’ll do everything we can to keep your information safe.

 

5. Your Rights Over Your Data

Under Indian law, you have control over your information. Your rights include:

  • Right to Access: Request a copy of the data we hold about you.

  • Right to Correction: Fix any inaccurate or incomplete information.

  • Right to Deletion: Ask us to delete your data, unless we’re required to keep it for legal reasons (e.g., medical records).

  • Right to Withdraw Consent: Stop us from processing your data at any time, though this may limit your use of our Services.

To exercise these rights, email us at aditya@nostaviacorp.com. We’ll respond within 30 days.

 

6. Cookies and Tracking Technologies

We use cookies and similar tools (e.g., web beacons, pixels) to:

  • Make your experience smoother (e.g., saving your preferences).

  • Understand how you use our platform and improve it.

  • Personalize content or ads (with your consent).

You can control cookies through your browser settings, but turning them off might affect how our platform works for you.

 

7. How Long We Keep Your Data

We only keep your data as long as needed for the purposes in this policy or as required by law:

  • Personal and Health Data: Kept while your account is active or as needed for ongoing care.

  • Transaction Records: Stored for 7 years to meet Indian tax and accounting rules.

  • Usage Data: Anonymized and kept for analysis.

When we no longer need your data, we securely delete or anonymize it.

 

8. International Data Transfers

If your data is sent outside India (e.g., to a service provider), we ensure it’s protected under Indian laws. We use safeguards like standard contractual clauses to keep your information secure.

 

9. Children’s Privacy

Our Services are not for children under 18. We don’t knowingly collect data from minors without parental consent. If we find out we’ve collected a child’s data without permission, we’ll delete it right away.

 

10. Telehealth Consultations

For telehealth consultations, we share your health data with practitioners to provide medical advice. All practitioners follow confidentiality rules and the Telemedicine Practice Guidelines from the Indian Council of Medical Research (ICMR). Your consultation data is stored securely and only accessible to authorized staff.

 

11. AI and Personalized Health Plans

We use AI to create hyper-personalized health plans based on your health data, quiz answers, and other details. This happens with your consent, and all AI-generated plans are checked by qualified medical professionals before reaching you.

 

12. Marketplace Transactions

When you shop in our marketplace, we collect data like payment details and purchase history to:

  • Process orders and handle returns or refunds.

  • Offer customer support.

  • Meet legal and tax requirements.

We share necessary details with third-party vendors to fulfill your orders. Vendors have their own privacy policies, so we suggest reviewing them before buying.

 

13. Updates to This Policy

We may update this Privacy Policy as our Services evolve or laws change. We’ll let you know about major updates by posting the new policy here and, if needed, emailing you. By continuing to use our Services after changes, you accept the updated policy.

 

14. Contact Us

Have questions or concerns? Reach out to us:

We’re here to help with any privacy-related issues.

 

By using Nostavia Health’s Services, you confirm that you’ve read, understood, and agree to this Privacy Policy.

bottom of page