Privacy Policy

MyPhysioPoint (“we”, “us”) operates a physiotherapy clinic in Jaipur, India, led by Dr. Sunil Tank. This policy explains what personal data we collect, why we collect it, and the rights you have under India's Digital Personal Data Protection Act, 2023 (the “DPDP Act”).

• Identity & contact: your name, mobile number, email, city and country.
• Health information: the symptoms you describe, clinical observations, diagnoses, prescriptions and treatment notes recorded during your care.
• Booking & payment: appointment details, bills, and payment status. Card details are handled by our payment processor and are never stored on our servers.
• Technical data: limited log data such as your IP address, used to keep the service secure and prevent abuse.

To help match you to the right service and time slot, the symptom text you enter may be sent to a third-party AI provider (Google Gemini) for analysis. This processing only happens with your consent, which you provide when booking.

We minimise and, where practical, redact directly identifying details before sending text to the AI provider. AI suggestions are advisory only and are always reviewed by a qualified physiotherapist. You can always book without using the AI assistant by contacting us directly.

• To schedule, deliver and follow up on your physiotherapy care.
• To suggest suitable services and available appointment slots.
• To process payments and issue receipts.
• To send appointment confirmations and reminders.
• To meet our legal, medical record-keeping and safety obligations.

We intend to store personal data on infrastructure located in or serving India. We do not sell your data. We share it only with service providers who help us operate (such as our payment processor, communication and AI providers), and only to the extent needed to provide the service, under appropriate safeguards.

We retain medical records for the period required by applicable medical record-keeping norms, and other data only for as long as necessary for the purposes described above, after which it is deleted or anonymised.

Under the DPDP Act you have the right to:

• Access a summary of the personal data we hold about you.
• Request correction or completion of inaccurate data.
• Request erasure of your data where it is no longer required.
• Withdraw consent (including consent to AI processing) at any time.
• Nominate another person to exercise these rights on your behalf.
• Raise a grievance with us, and escalate to the Data Protection Board of India.

To exercise any of these rights, contact us at care@myphysiopoint.com.

We use reasonable technical and organisational measures — including encryption in transit, access controls and audit logging — to protect your data. No system is perfectly secure, but we work to keep your information safe.

For patients who are minors, a parent or guardian must provide consent and may exercise the rights above on the child's behalf.

We may update this policy from time to time. Material changes will be reflected here with a new “last updated” date.