PathLIMS Privacy Policy

PathLIMS is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how PathLIMS collects, uses, discloses, and stores information obtained through its website, mobile applications, and web-based platforms, collectively referred to as the “Platform.” 

The Platform includes:

• Website: https://pathlims.com
• Web Application: https://app.pathlims.com
• Mobile Application: The PathLIMS Mobile App (for Android and iOS) 

This Privacy Policy ensures transparency in our data collection and handling practices and helps you understand your choices regarding the use of your information.

Definitions 

For the purposes of this Privacy Policy, the following terms shall have the meanings ascribed to them:

1. “PathLIMS”, “We”, “Our”, “Us”: Refers to PathLIMS, including its successors, administrators, and assigns.
2. “You”, “Your”, “User”: Refers to any individual or legal entities, such as pathology labs, diagnostic centers, and pathologists, using the Platform who is competent to enter into legally binding contracts under applicable Indian laws to use the Platform’s services.
3. “Services”: Refers to the cloud-based SaaS platform provided by PathLIMS, offering healthcare solutions to its users, as detailed in the Terms of Service. 
4. “Third Parties”: Refers to any external application, company, or individual other than PathLIMS, Users, and Patients. 
5. “Platform”: Refers to the PathLIMS website, web application, and mobile applications.
6. “Personal Information”: Refers to any information that identifies an individual, such as name, email address, phone number, or other personally identifiable details.
7. “Patients”: Refers to the customers of Users who avail themselves of the services provided through the Platform.

Applicability 

This Privacy Policy applies to your use of PathLIMS’ website, mobile applications, and related services (“Platform”). By accessing or interacting with the Platform, you acknowledge and accept the terms outlined in this Privacy Policy. If you do not agree with this Privacy Policy, please refrain from using the Platform. Continued use of the Platform following any updates to this Privacy Policy signifies your acceptance of the revised terms.

This Privacy Policy is not intended to limit your statutory rights, including your right to seek remedies or enforcement as provided by applicable laws.

This Privacy Policy applies to:

1. Website Users: Individuals browsing or interacting with the PathLIMS website (www.pathlims.com) or associated social media pages.
2. Service Users: Users of PathLIMS’ SaaS solutions and mobile applications, typically subscribed to by PathLIMS Customers (e.g., labs, diagnostic centers).
3. Prospects: Potential customers or individuals receiving marketing communications from PathLIMS.
4. Office Visitors: Individuals visiting PathLIMS’ premises.
5. Event Attendees: Participants in PathLIMS-sponsored events, webinars, or other activities.
6. Candidates: Applicants for employment opportunities at PathLIMS.

Personal Data Collection and Usage 

Definition 

“Personal Data” refers to any information that can uniquely identify an individual, either on its own or in combination with other data, and includes any information classified as Personally Identifiable Information (PII) under applicable privacy laws.

Information We Collect

At PathLIMS, we collect personal data to provide and improve our services, respond to inquiries, and tailor your experience with our Platform. Below is an overview of the types of information we collect and how we collect it:

1. Information You Provide Directly

We collect personal data that you provide to us through forms, applications, and other interactions, including:

• Website Users: Full name, email address, phone number, position, company name, industry, and messages (e.g., support requests or chat conversations).
• Service Users: Full name, email address, phone number, log-in details, IP address, usage patterns, payment and billing information, and other data provided during account setup and service use.
• Office Visitors and Event Attendees: Contact details provided during visits to our offices, exhibition booths, or events.

2. Information Collected Automatically

When you use our website or Platform, we collect technical and usage information to personalize and enhance your experience:

• IP address, browser type, device information, and referring website addresses.
• Usage patterns on our Platform and website.

This data is collected using cookies and similar technologies. For more details, refer to our Cookie Policy.

3. Information from Other Sources

We may collect publicly available or third-party data to better understand and engage with individuals in relevant industries:

• Contact details and professional information from conferences, events, third-party platforms, or partners.
• Data to invite experts to collaborate, such as writing blogs or speaking at events.

4. Information from Online Interactions

We may collect data when you interact with us online, such as:

• Participation in webinars or online events.
• Contact through social media channels.
• Registration for newsletters or other digital engagements.

5. Why We Collect This Information

You are not required to provide personal data. However, without it, we may be unable to:

• Provide products or services.
• Respond to inquiries or requests.
• Customize and improve your experience on our Platform.

Purpose of Data Collection

At PathLIMS, we process personal data to deliver and improve our services, enhance your user experience, and meet our legal and administrative responsibilities. Below are the specific purposes for which we collect and use your personal data:

1. To Provide and Improve Our Services

• Enable account creation and track user actions and activities.
• Fulfill your requests and process service-related actions.
• Communicate with you regarding your account, features, subscriptions, and support inquiries.
• Personalize your experience and enable you to create and manage additional users.
• Improve service quality and provide feature updates.

2. To Enhance Website and App Experience

• Process demo requests and respond to inquiries.
• Analyze website and app usage to identify areas for improvement.
• Customize your experience on the Platform.
• Register you for events, webinars, and related communications.

3. For Administrative Purposes

• Process transactions and provide requested services.
• Maintain records for business and quality control purposes.
• Respond to customer support inquiries and send surveys for feedback.
• Conduct internal analytics and generate reports to improve services.
• Manage and enhance features based on user feedback.

4. For Marketing and Communication

• Notify you about relevant offers, products, and services.
• Tailor content, advertisements, and offers for you using targeting and retargeting strategies.
• Conduct market research and develop new services.
• Send periodic updates, newsletters, and promotional emails (with opt-out options).

5. For Security and Compliance

• Detect, prevent, and address fraudulent activities or illegal actions.
• Comply with applicable laws, regulatory requirements, and law enforcement inquiries.
• Cooperate with investigations related to intellectual property infringement, fraud, and other legal liabilities.

6. To Process Payments

• Use the information provided for processing payments and delivering orders.
• Share information only with necessary third parties for payment and service fulfillment.

7. De-Identified and Aggregated Data Use

• Anonymize or de-identify personal data for internal and external purposes, such as improving services, conducting research, and developing new features.
• Share anonymous data with third parties without restrictions.

8. Cookies and Similar Technologies

• Use cookies and other tracking technologies to collect data automatically for improving your experience, analyzing usage, and delivering relevant offers.
• Allow users to opt-out of cookies by adjusting browser or device settings. For more details, refer to our Cookie Policy.

9. To Improve Customer Experience

• Use location data for better order tracking, approximate ETA sharing, and real-time status updates for clients and customers.
• Provide efficient order management, including alerts, notifications, and refunds if applicable.

Lawful Bases for Processing Personal Data

PathLIMS processes personal data in accordance with applicable data protection laws and relies on the following lawful bases for processing, when applicable:

• Consent: The data subject has given explicit consent for the processing of their personal data for one or more specific purposes.
• Performance of a Contract: Processing is necessary to fulfill the terms of a contract to which the data subject is a party or to take steps at the data subject’s request before entering into a contract.
• Legal Obligation: Processing is necessary to comply with legal obligations applicable to PathLIMS as the data controller.
• Legitimate Interests: Processing is necessary for the purposes of legitimate interests pursued by PathLIMS, provided such interests are not overridden by the rights and freedoms of the data subject.

Data Storage and Security

Duration of Data Storage 

We retain your personal data for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Specifically:

• Personal data may be retained to comply with legal, regulatory, tax, or accounting obligations.
• Data may be stored to maintain an accurate record of your dealings with PathLIMS in case of complaints or disputes.
• In instances where litigation is anticipated, personal data may be retained for extended periods.

You may request the deletion of your personal data, and we will consider it on a case basis. 

Security of Your Personal Data 

PathLIMS employs robust technical, organizational, and security measures to protect your personal data against unauthorized access, loss, or misuse. These measures include:

• Data storage on secure servers with firewalls and 256-bit encryption for online communications.
• Implementation of reasonable managerial, technical, operational, and physical security controls that align with industry standards.
• Password-protected user accounts, which must be secured by users to prevent unauthorized access.

While we strive to protect your personal data, the security of your data also depends on you. Users are responsible for safeguarding their account credentials and ensuring that their computers and devices are secure.

Sharing of Personal Information

PathLIMS does not sell, trade, or rent your personal identification information. However, personal data may be shared in the following cases:

• Aggregated Data: Non-identifiable demographic information may be shared with business partners, trusted affiliates, or advertisers for operational purposes.
• Third-Party Service Providers: Data may be shared with trusted service providers to facilitate business operations (e.g., newsletters, surveys) with your consent.

Limitations on Liability

PathLIMS is not responsible for:

• Breaches of confidentiality, security, or misuse of personal information by third parties outside the scope of our agreements.
• Security breaches caused by events beyond our control, such as:
  • Acts of government or regulatory authorities.
  • Hacking or unauthorized access to systems.
  • Internet or telephone service failures.
  • Other unforeseen circumstances impacting data security.

Your Role in Securing Data

To maintain the security of your personal data:

• Use strong, unique passwords and update them regularly.
• Avoid sharing your login credentials with others.
• Notify us immediately if you suspect any unauthorized activity or breach of your account.

Data Sharing and Disclosure

PathLIMS values your privacy and takes careful measures to protect your personal data. We do not sell, trade, or rent your personal data to third parties. However, we may share your information in the following circumstances:

1. Sharing for Service Delivery 

• Personal data is shared with employees, agents, and trusted partners on a strict need-to-know basis, bound by confidentiality obligations.
• Data may be shared to fulfill service requests, such as enabling doctors and technicians to access necessary records or assisting patients with their data.

2. Sharing with Third-Party Service Providers

To operate our Website and Services effectively, we engage trusted third-party vendors and service providers for:

• Billing and payment processing.
• Website infrastructure and hosting.
• Analytics, business intelligence, and marketing automation.
• Customer relationship management (CRM) tools.
• Fraud detection, cybersecurity, and compliance monitoring.
• Email distribution, consent management, and document management.
  These third parties process your data only to the extent necessary for their specific purposes, as outlined in this Privacy Policy.

3. Co-Sponsored Events or Webinars

If you attend a co-sponsored event or webinar, we may share your contact and participation details with event partners. This helps enhance your event experience and provide you with relevant opportunities. Event partners may process your data in line with their privacy policies, which we encourage you to review.

4. Professional and Legal Obligations

We may disclose your personal data to:

• Lawyers, accountants, auditors, and other professional advisors for legal or business purposes.
• Regulatory authorities, courts, or public entities to comply with laws, regulations, or court orders.
• Law enforcement agencies to enforce our rights, prevent fraud, or ensure the safety and integrity of our services.

5. Business Transfers

In the event of a business sale, merger, acquisition, or transfer of assets, we may disclose your personal data to:

• Potential buyers or investors (and their advisors) for due diligence.
• Third-party entities involved in the transaction, subject to confidentiality obligations.

6. Consent-Based Sharing

We may share your personal data in circumstances where you have explicitly provided consent.

7. External Links on the Platform

The Platform may contain links to external websites or resources provided by third parties.

• We are not responsible for the content, policies, or practices of these external websites.
• Your interactions with these websites are governed by their terms and privacy policies, and we encourage you to review them.

Confidentiality of Your Data

• All user information is treated as confidential and will not be shared without your consent, except as required by law.
• Communications from PathLIMS will always relate to the agreed services, and you may opt out of such communications at any time.

Requesting a List of Data Recipients

To obtain a list of current recipients of your personal data, please contact us at [email protected]. 

International Transfers of Personal Data

PathLIMS may transfer your personal data to affiliates and service providers located in different countries, including but not limited to the United States (US) and European Union (EU). These transfers are necessary to operate our business and provide you with the Website and Services.

Where Your Data May Be Stored or Processed

We may store and process your personal data using trusted vendors and service providers such as:

• HubSpot (US)
• AWS (Amazon Web Services) (US or EU)
• Intercom (US or EU)

How We Protect Your Data During International Transfers

When transferring personal data to countries with privacy laws different from those in your jurisdiction, PathLIMS implements appropriate safeguards to protect your data, including:

1. Ensuring the destination country provides an adequate level of protection for personal data, as determined by applicable laws or regulations.
2. Executing data processing and protection agreements that include industry-standard measures for data onward transfers.

User Rights

PathLIMS is committed to ensuring your rights regarding your personal data are respected. Below are the rights you may exercise, subject to applicable laws and regulations:

1. Access

• You have the right to request access to the personal data we hold about you.
• This right is typically free of charge, but we may charge an administrative fee if the request is excessive or unfounded, as permitted by law.

2. Correction

• You can request that we correct any inaccurate or incomplete personal data we hold about you.

3. Deletion

• You have the right to request the deletion of your personal data from our records.
• Please note that there may be instances where we are legally required to retain your data, such as to comply with legal obligations or defend against legal claims.

4. Objection and Restriction

• You have the right to object to or request the restriction of certain types of data processing.

5. Data Portability

• You can request to receive your personal data in a structured, commonly used, and machine-readable format.
• You also have the right to transmit this data to another controller.

6. Profiling

• You have the right to object to profiling activities related to your personal data.

7. Withdrawal of Consent

• You can withdraw your consent for data processing at any time.
• Please note that withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.
• In certain circumstances, we may still process your data if required by legal or regulatory obligations.

8. Cross-Border Data Transfers

• You can request details regarding the basis for transferring your personal data outside your jurisdiction, such as data transfer agreements.
• Some details may be redacted for reasons of commercial confidentiality.

9. Complaint Lodging

• You have the right to lodge a complaint with your local data protection authority if you believe your data rights have been infringed.
• Before contacting a supervisory authority, we encourage you to resolve the issue with us by contacting [email protected]. 

Exercising Your Rights

You can exercise your rights by contacting us at [email protected]. If you choose to have an authorized agent submit a request on your behalf, we require written and signed permission from you to verify the agent’s authority.

To protect your privacy and security, we may take steps to verify your identity before fulfilling your request. This may include asking for additional information to confirm your identity.

Processing Your Requests

• We will make reasonable efforts to respond promptly to your request in accordance with applicable laws.
• In cases where requests are unfounded, excessive, or adversely affect the rights of others, we reserve the right to charge a fee or handle the request differently, as permitted by law.

Unsubscribing from Communications

• You may unsubscribe from marketing communications by clicking the “unsubscribe” link at the bottom of our emails.
• Please note that even if you opt out of marketing communications, we may still send you service-related messages that are essential for your account administration or requested services.

For further assistance with your requests, contact us at [email protected].

Interaction with Third-Party Services

PathLIMS enables interaction with third-party websites and products/services (“Third-Party Services”) that are not owned or controlled by us. While we provide access to these services for enhanced functionality, PathLIMS is not responsible for their privacy practices or content.

Important Note

• Third-Party Services may collect personal data from you.
• We strongly encourage you to review the terms, conditions, and privacy policies of each Third-Party Service you interact with through our Platform.

Analytic Tools

1. Google Analytics

Our Website uses Google Analytics to gather information about user activity, such as:

• Frequency of visits.
• Pages visited.
• Referring websites.

Purpose: This data helps us maintain and improve the Website and our products.

• No Data Combination: Information collected by Google Analytics is not combined with other personal data we collect.
• Google Terms: The use of data by Google Analytics is governed by the Google Analytics Terms of Service and Google Privacy Policy.
• Opt-Out: You can prevent your data from being used by Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

2. Google Signals

We use Google Signals to collect aggregated data from Google users who have enabled “Ads Personalization.” This helps us with: 

• Enhanced analytics, including cross-device aggregated data.
• Targeted ads through remarketing campaigns.
• Data collected is user-based but aggregated, ensuring no individual user data is exposed.

You may choose to modify your ad preferences or manage your data usage through Google’s Ads Personalization settings.

3. Interest-Based Advertising

Through our Website, we may collaborate with third-party advertising partners who:

• Use tracking tools to collect device and activity information (e.g., IP address, mobile identifiers, visited pages).
• Deliver targeted advertisements based on this data.
• Combine collected data with demographic information or purchase history to refine advertising strategies.

You may adjust your browser settings or use opt-out tools to limit interest-based advertising.

Updates to Tools

PathLIMS reserves the right to add or remove third-party tools and technologies as needed to enhance functionality and user experience.

Compliance with Industry Standards

PathLIMS is committed to adhering to applicable standards and regulations to ensure the security and privacy of personal data. Our compliance includes:

1. DPDPA (Digital Personal Data Protection Act 2023)

• PathLIMS ensures compliance with DPDPA 2023 by protecting personal data and upholding individual rights such as data access, correction, and deletion.

2. Indian IT Act (Section 43A and Rules under Section 87)

• Complies with the Indian Information Technology Act by implementing reasonable security practices and measures to protect sensitive personal data or information (SPDI).

3. ISO Standards

• PathLIMS adheres to applicable ISO standards for data protection and information security, ensuring that our practices align with internationally recognized benchmarks.

Amendments 

PathLIMS reserves the right to modify or update this Privacy Policy at any time. Changes will be effective immediately upon posting the revised Privacy Policy on our website.

How We Notify You

• If significant changes are made to how we use your personal data, we will notify you by:
  • Posting a notice on our website or services.
  • Sending an email to the contact address associated with your account, if applicable.

We strongly encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal information.

Your Responsibility

By continuing to use our website or services after any updates, you acknowledge and agree to the revised terms of this Privacy Policy. If you do not agree with any changes, you should discontinue use of our website and services.

Severability

Each section of this Privacy Policy is independent and severable. If any section is found to be invalid or unenforceable under applicable law, the remaining sections will continue to be in full force and effect.

Jurisdiction and Dispute Resolution

If you have a complaint regarding privacy practices, data handling, or wish to correct or access your personal information, you may contact our designated Grievance Redressal Team at [email protected]. 

We will address your request or complaint promptly, and in any case, no later than 90 days from the date of receipt.

In the event of a dispute, PathLIMS will make every effort to resolve the matter amicably. 

If resolution cannot be reached, disputes will be governed by the laws of India and subject to the exclusive jurisdiction of the courts in Jalpaiguri, West Bengal. 

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please feel free to contact us.

• Email: [email protected]
• Mailing Address: 
  • Haria More, Malbazar, Jalpaiguri, 735221