Privacy Policy

Medione Healthcare (“Medione”, “we”, “us”, “our”) values your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit medionepharma.com, interact with us on WhatsApp/phone/email, or use our platform/services (collectively, the “Services”). It also explains choices available to you.

This Policy is governed by the Information Technology Act, 2000, the SPDI Rules, 2011, and applicable provisions of the Digital Personal Data Protection Act, 2023 (DPDP Act), as notified from time to time.

1) Who this Policy applies to

• Merchants/Customers (e.g., registered pharmacies, hospitals, institutions).
• Authorized representatives of customers (e.g., purchaser, billing contacts).
• Website visitors and prospective customers/suppliers who contact us.

We are a B2B supplier. We do not sell to end consumers via this website.

2) What personal data we collect

We collect the following categories of data (as applicable):

• Identification & KYC: Name, business name, GSTIN, PAN, license details (e.g., drug license), official email, phone/WhatsApp number, designation, delivery address.
• Account & Transaction Data: Account credentials (hashed), order history, invoices, payment status, returns, credit facility documentation (e.g., UDCs/bank guarantees), communications and preferences.
• Payment-Related Data: Mode of payment (bank transfer/UPI/COD), limited payment instrument details as provided to us or our payment partner (we do not store full card/UPI credentials; processing occurs via banks/payment providers).
• Device/Usage Data (Website/App): IP address, browser/app version, device type, pages viewed, time spent, referral URLs, cookies and similar technologies.
• Communications & Support: Emails, WhatsApp messages, phone logs (to the extent recorded per consent/notice), support tickets, feedback, surveys.
• Supplier/Logistics Contacts: Names, emails, phone numbers of supplier or logistics partner POCs.

We do not intentionally collect sensitive health/patient data through this website. If your interaction could include any sensitive data, please share only what is strictly necessary.

3) How we collect data

• Directly from you when you submit forms, place orders, sign contracts, or communicate with us.
• Automatically via cookies/SDKs when you browse our website or use our app (if any).
• From third parties (e.g., KYC/credit assessment providers, payment partners, logistics partners) subject to lawful basis and your consent where required.

4) Lawful bases & how we use data

We process personal data for the following purposes and lawful bases (consent, contract performance, legitimate interests, legal obligation):

• Account creation & verification (contract; legal obligation for KYC where applicable).
• Order processing, delivery & support (contract).
• Billing, payments & collections (contract; legitimate interests).
• Credit assessment & credit limit management (consent/contract; legitimate interests).
• Compliance with tax, invoicing, and applicable regulatory requirements (legal obligation).
• Security, fraud detection & misuse prevention (legitimate interests).
• Service communications (e.g., order updates, policy changes) (contract/legal obligation).
• Marketing & business communications to business contacts (consent/legitimate interests with opt-out).
• Analytics & site improvement (legitimate interests; consent where cookies require it).

5) Cookies & similar technologies

We use essential cookies for security and core functionality. We may also use analytics or performance cookies/SDKs to improve our Services.

• You can manage cookies via your browser settings.
• Where required by law, we will display a cookie banner and obtain consent for non-essential cookies.

6) Disclosures & third parties

We may share data with:

• Payment partners (banks, UPI/payment gateways) for processing payments.
• Logistics providers (our own fleet and third parties) for delivery and reverse pickups.
• KYC/Credit assessment partners to evaluate credit facility eligibility/limits.
• Professional advisors (legal, tax, auditors) and service providers (hosting/cloud, CRM, email/WhatsApp APIs, analytics) bound by confidentiality and data protection obligations.
• Regulators/Authorities when required by law or to protect our rights, users, or the public.
• Business transfers: in case of merger, acquisition, or reorganization, data may be transferred as part of the transaction, subject to this Policy.

7) International data transfers

Our cloud/service providers may store or process data within or outside India. Where data is transferred cross-border, we take reasonable measures to ensure protection consistent with applicable law and contractual safeguards.

8) Data retention

We retain personal data for as long as necessary to fulfil the purposes in this Policy, including to meet legal, accounting, or reporting requirements:

• Orders, invoices, tax/TCS/GST records: as per statutory retention.
• Account and contractual records: throughout the business relationship + reasonable limitation period.
• Marketing data: until you opt-out or for a reasonable period after last interaction. When no longer needed, data is securely deleted or anonymized.
• Professional advisors (legal, tax, auditors) and service providers (hosting/cloud, CRM, email/WhatsApp APIs, analytics) bound by confidentiality and data protection obligations.
• Regulators/Authorities when required by law or to protect our rights, users, or the public.
• Business transfers: in case of merger, acquisition, or reorganization, data may be transferred as part of the transaction, subject to this Policy.

9) Security

We implement reasonable technical and organizational measures to protect personal data (access controls, encryption in transit where applicable, logging, least-privilege practices). However, no system is 100% secure; you share data at your own risk. Please keep your credentials confidential and notify us of any suspected compromise.

10) Your rights (DPDP Act & applicable laws)

Subject to conditions and applicable law, you may have the right to:

• Access your personal data.
• Correction/Updation of inaccurate or incomplete data.
• Erasure of personal data when no longer needed or when consent is withdrawn (subject to legal retention).
• Withdraw consent for processing that relies on consent (e.g., marketing).
• Grievance redressal and nomination (appointing a nominee per DPDP Act).

You can exercise rights by contacting us at info@medionepharma.com or via WhatsApp +91 92899 68999. We may require verification before actioning your request. If dissatisfied with our response, you may escalate to the Data Protection Board of India (when fully operational and as per prescribed procedure).

11) Children’s data

Our Services are not intended for individuals under 18. We do not knowingly collect personal data from children. If you believe a minor has provided data, please contact us to delete it.

12) Communications & marketing

• Transactional: We will send essential service communications (order/delivery updates, policy notices).
• Marketing: We may send business communications to corporate contacts by email/WhatsApp/SMS. You can opt-out anytime by using unsubscribe options or contacting us.

13) Third-party links

Our website may contain links to third-party sites/services. Their privacy practices are not covered by this Policy. Please review their policies before use.

14) Grievance Officer / Data Protection Contact

Grievance Officer: Jaswinder Singh Oberoi
Email: info@medionepharma.com
Address: 71/6, 1st Floor, Rama Road Industrial Area, New Delhi – 110015
Phone/WhatsApp: +91 92899 68999

15) Changes to this Policy

We may update this Policy from time to time. Changes will be posted on medionepharma.com with a revised Effective Date. Significant changes may also be notified by email/website banner where appropriate. Continued use of the Services constitutes acceptance of the updated Policy.

16) Contact Us

For privacy queries or complaints:
Email: info@medionepharma.com
WhatsApp/Mobile: +91 92899 68999
Address: Medione Healthcare, 71/6, 1st Floor, Rama Road Industrial Area, New Delhi – 110015