Last Updated: December 2024
Introduction
LeanFlow Dynamics LLP ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our healthcare software solutions, including eAarogyam.
Important: As a healthcare technology company, we understand the critical importance of data privacy and security. We are fully compliant with applicable healthcare data protection regulations, including HIPAA and other relevant privacy laws.
Information We Collect
Personal Information
We may collect the following types of personal information:
- Contact information (name, email address, phone number, organization)
- Professional information (job title, department, healthcare facility details)
- Account credentials and preferences
- Communication records and support interactions
Healthcare Data
When using our healthcare software solutions, we may process:
- Patient information (as authorized by healthcare providers)
- Medical records and health data
- Appointment and scheduling information
- Billing and insurance data
- Clinical notes and treatment records
Technical Information
We automatically collect certain technical information, including:
- IP addresses and device identifiers
- Browser type and version
- Operating system information
- Usage patterns and analytics data
- Cookies and similar tracking technologies
How We Use Your Information
Healthcare Services
We use your information to:
- Provide and maintain our healthcare software solutions
- Process and manage patient data securely
- Enable healthcare providers to deliver quality patient care
- Ensure compliance with healthcare regulations
- Generate reports and analytics for healthcare institutions
Business Operations
We use your information to:
- Respond to your inquiries and provide customer support
- Process transactions and manage accounts
- Send important updates about our services
- Improve our products and develop new features
- Conduct research and analytics (in anonymized form)
Information Sharing and Disclosure
We Do Not Sell Your Data
We do not sell, trade, or rent your personal information to third parties for marketing purposes.
Authorized Sharing
We may share your information only in the following circumstances:
- Healthcare Providers: With authorized healthcare professionals and institutions as part of our service delivery
- Service Providers: With trusted third-party vendors who assist in our operations (under strict confidentiality agreements)
- Legal Requirements: When required by law, court order, or regulatory authority
- Business Transfers: In connection with mergers, acquisitions, or asset sales (with prior notice)
- Consent: When you have given explicit consent for specific sharing
Data Security
Security Measures
We implement comprehensive security measures to protect your information:
- End-to-end encryption for data transmission and storage
- Multi-factor authentication and access controls
- Regular security audits and penetration testing
- Employee training on data protection best practices
- Incident response and breach notification procedures
Healthcare Compliance
Our security practices are designed to meet or exceed:
- HIPAA (Health Insurance Portability and Accountability Act) requirements
- HITECH Act security standards
- Other applicable healthcare data protection regulations
Data Retention
We retain your information only as long as necessary to:
- Provide our services and fulfill our contractual obligations
- Comply with legal and regulatory requirements
- Resolve disputes and enforce our agreements
- Support healthcare continuity of care requirements
Your Rights and Choices
Access and Control
You have the right to:
- Access and review your personal information
- Request corrections or updates to your data
- Request deletion of your information (subject to legal requirements)
- Opt-out of certain communications
- Request data portability
Healthcare Data Rights
For healthcare data, additional rights may apply under applicable laws, including the right to access medical records and request amendments.
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Remember your preferences and settings
- Analyze website traffic and usage patterns
- Improve user experience and functionality
- Ensure security and prevent fraud
You can control cookie settings through your browser preferences.
International Data Transfers
If you are located outside India, please note that your information may be transferred to and processed in India. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.
Children's Privacy
Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the updated policy on our website
- Sending email notifications to registered users
- Providing notice through our software applications
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Compliance Note: This Privacy Policy is designed to comply with applicable data protection laws, including GDPR, CCPA, and Indian data protection regulations. We are committed to maintaining the highest standards of data privacy and security in the healthcare industry.