Table of Contents
1. Overview
2. Information Asar Collects
3. How Asar Collects Information
4. Tracking Tools, Behavioural Advertising, and Opt Out Options
5. How Asar Uses Your Information
6. How Asar May Share Your Information
7. Storage, Security, and International Transfers of Information
8. Your Privacy Rights and Choices
9. Retention of Personal Information
10. Legal Bases for Processing
11. Marketing Communications and Anti-Spam Compliance
12. Updates and Changes to The Asar Privacy Policy
13. Healthcare Service Providers and Their Obligations
14. Healthcare Interoperability Alignment
15. Contact Us
Privacy Policy
Introduction
At Asar, we are committed to protecting your privacy and we take great care with your personal information. This policy will help you understand how we use and protect your data. If you have any questions, feel free to contact us at privacy@asar.care This Privacy Policy should be read together with our Terms of Use (collectively, the “Agreement”), which apply to your use of the Site and Services, and together apply to your use of the Asar website as well as any other services offered by Asar.
By accessing or using the Asar Website and associated services, you agree to the practices and policies outlined in this Privacy Policy, and you acknowledge and agree to the collection, use, and sharing of your information as described herein, where such processing is based on consent, contract, legal obligation, or legitimate interests, as applicable. If you do not agree with this Privacy Policy, you cannot use the services. If you use the services on behalf of someone else (such as your child) or an entity (such as your employer), you represent that you are authorized by such an individual or entity to accept this Privacy Policy on their behalf.
1. Overview
Asar Healthtech & Innovation Lab Private Limited (“us”, “we”, or “Asar”) is committed to respecting the privacy rights of our visitors or users of www.asar.care
(the “Site”) and related websites, applications, services, and mobile applications provided by Asar and on/in which this Privacy Policy is posted or referenced (collectively, the “Services”).
We created this Privacy Policy (“Privacy Policy”) to give you confidence as you use our website and services and to demonstrate our commitment to the protection of privacy.
This Privacy Policy covers our practices with respect to personally identifiable information (“Personal Information”) that we gather when you use our website and services.
Your use of the Services is, at all times, subject to the Agreement (as the term “Agreement” is defined in our Terms of Use), which incorporates this Privacy Policy.
2. Information Asar Collects
Some of the Services Asar offers require us to learn more about you so that we can best meet your needs.
2.1 Personal Information Asar Collect Directly From You
We receive Personal Information directly from you when you voluntarily provide us with such Personal Information, including the following:
i. Contact data (such as your e-mail address and phone number);
ii. Demographic data (such as your country, gender or your date of birth);
iii. Insurance data (such as your insurance carrier, insurance plan and/or member ID);
iv. Medical data (such as the doctors, dentists or other healthcare specialists, providers, organizations or affiliates thereof (collectively, “Healthcare Providers”) you have visited and health information you choose to share with us); and
v. Other identifying information that you voluntarily choose to provide to us, including, without limitation, unique identifiers such as IDs and Personal Information in emails or letters that you send to us.
We may also collect additional information, which may be Personal Information, as otherwise described to you at the point of collection or pursuant to your consent.
You may still access and use some of the Services if you choose not to provide us with any Personal Information, but some features of the Services that require your Personal Information, such as booking doctors’ appointments, will not be accessible to you.
2.2 Online and Offline Payment Processing Information
I. When you make a payment through the Services, payment card information (such as card number, expiration date, and CVV) is collected and processed directly by our third-party payment processing partners in accordance with their respective terms of service and privacy policies. Asar does not store full payment card numbers or CVV codes.
II. We may receive and retain limited payment-related information such as billing contact details, transaction identifiers, payment status, amount, currency, and invoice or receipt information for purposes including providing the Services, accounting, tax compliance, fraud prevention, dispute resolution, and legal or regulatory obligations.
III. Our payment processing partners are required to comply with industry-recognized security standards, including PCI-DSS where applicable. Any use, storage, or processing of payment information by such partners is governed by their own policies, and Asar is not responsible for their independent practices.
2.3 Information from Third-Party Sources
Some third parties, such as our business partners and service providers, provide us with Personal Information about you. If you interact with a third-party service when using our Services, such as if you use a third-party service to log in to our Services (e.g., Facebook or Google), or if you share content from our Services through a third-party social media service, the third-party service will send us certain information about you if the third-party service and your account settings allow such sharing. The information we receive will depend on the policies and your account settings with the third-party.
2.4 Information Asar Automatically Collects When You Use The Services
Some information, which may include Personal Information, is automatically collected when you use our Services, such as traffic data. We also may automatically collect certain data when you use the Services, such as:
i. IP address;
ii. Domain server;
iii. Type of device(s) used to access the Services;
iv. Web browser(s) used to access the Services;
v. Referring webpage or other source through which you accessed the Services;
vi. Geolocation information; and
vii. Other statistics and information associated with the interaction between your browser or device and the Services (collectively, “Traffic Data”).
3. How Asar Collects Information
Asar collects information (including Personal Information and Traffic Data) when you use and interact with the Services, and in some cases from third party sources. Such means of collection include:
i. When you use the Services’ interactive tools and services, such as searching for Healthcare Providers and searching for available appointments with Healthcare Providers prior to Healthcare Provider appointments;
ii. When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys;
iii. If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services;
iv. If you use a location-enabled browser or download our mobile application, we may receive information about your location and mobile device, as applicable;
v. Through cookies, analytics services and other tracking technology (collectively, “Tracking Tools”), as described below; and
vi. When you use the “Contact Us” function on the Site, send us an email or otherwise contact us.
4. Tracking Tools, Behavioural Advertising, and
Opt Out Options
4.1 Tracking Tools
We may use tools outlined below in order to provide our Services to, advertise to, and to better understand users. Cookies are small computer files transferred to your computing device that contain information such as user ID, user preferences, lists of pages visited, and activities conducted while using the Services. We use cookies to improve or tailor the Services, customize advertisements by tracking navigation habits, measuring performance, storing authentication status so re-entering credentials may not be required, customizing user experiences with the Services, and for analytics and fraud prevention. We may also use third-party web analytics services in connection with our Services to collect information such as your country, IP address, time spent on the Website or mobile applications, pages visited, and other user information.
4.2 Behavioural Advertising
We may use online behavioural advertising. Some of our partners use Tracking Tools, such as cookies, pixel tags, and other means, to collect information about a user’s online activities to display Asar ads to the user based on the user’s interests. Other Tracking Tools used by our partners may collect information when you use the Services, such as IP address, mobile device ID, operating system, browser, web page interactions, geographic location, and demographic information such as gender and age range. These Tracking Tools help Asar learn more about our users’ demographics and internet behaviours to allow us to provide relevant information based on users’ behaviours.
4.3. Options for Opting out
Some web browsers allow you to reject cookies or to alert you when a
Cookie is placed on your computer, tablet or mobile device. You may be
able to reject mobile device identifiers by activating the appropriate
setting on your mobile device. Although you are not required to accept
Asar’s cookies or mobile device identifiers, if you block them, you may
not have access to all features available through the Services. This
Privacy Policy does not cover the use of cookies and other Tracking
Tools by any third parties, and we are not responsible for their privacy
policies and practices. Where required by applicable law, we will obtain
your consent before placing non-essential cookies or similar tracking
technologies on your device. You may manage cookie preferences
through your browser settings or any cookie management tools made
available on the Site (if applicable).
4.1 Tracking Tools
We may use tools outlined below in order to provide our Services to, advertise to, and to better understand users. Cookies are small computer files transferred to your computing device that contain information such as user ID, user preferences, lists of pages visited, and activities conducted while using the Services. We use cookies to improve or tailor the Services, customize advertisements by tracking navigation habits, measuring performance, storing authentication status so re-entering credentials may not be required, customizing user experiences with the Services, and for analytics and fraud prevention. We may also use third-party web analytics services in connection with our Services to collect information such as your country, IP address, time spent on the Website or mobile applications, pages visited, and other user information.
4.2 Behavioural Advertising
We may use online behavioural advertising. Some of our partners use Tracking Tools, such as cookies, pixel tags, and other means, to collect information about a user’s online activities to display Asar ads to the user based on the user’s interests. Other Tracking Tools used by our partners may collect information when you use the Services, such as IP address, mobile device ID, operating system, browser, web page interactions, geographic location, and demographic information such as gender and age range. These Tracking Tools help Asar learn more about our users’ demographics and internet behaviours to allow us to provide relevant information based on users’ behaviours.
4.3. Options for Opting out
Some web browsers allow you to reject cookies or to alert you when a
Cookie is placed on your computer, tablet or mobile device. You may be
able to reject mobile device identifiers by activating the appropriate
setting on your mobile device. Although you are not required to accept
Asar’s cookies or mobile device identifiers, if you block them, you may
not have access to all features available through the Services. This
Privacy Policy does not cover the use of cookies and other Tracking
Tools by any third parties, and we are not responsible for their privacy
policies and practices. Where required by applicable law, we will obtain
your consent before placing non-essential cookies or similar tracking
technologies on your device. You may manage cookie preferences
through your browser settings or any cookie management tools made
available on the Site (if applicable).
5. How Asar Uses Your Information
We may use information that is not Personal Information to better understand who uses Asar and how we can deliver a better healthcare experience, as well as what type of educational information is important to our users.
We use information, including Personal Information, to provide the Services and to help improve the Services, to develop new services, and to advertise (for example, to display Asar ads on other web services). Specifically, such use may include:
i. Providing you with the products, services and information you request;
ii. Responding to correspondence that we receive from you;
iii. Contacting you when necessary or requested, including to remind you of an upcoming appointment;
iv. Providing, maintaining, administering or expanding the Services, performing business analyses, or for other internal purposes to support, improve or enhance our business, the Services, and other products and services we offer;
v. Customizing or tailoring your experience of the Services, which may include sending customized messages or showing you Sponsored Results;
vi. Notifying you about certain resources, Healthcare Providers or services we think you may be interested in learning more about;
vii. Sending you information about Asar products or Services;
viii. Sending emails and other communications that display content that we think will interest you and according to your preferences;
ix. Combining information received from third parties with information that we have from or about you and using the combined information for any of the purposes described in this Privacy Policy;
x. Showing you advertisements, including online behavioural advertising;
xi. Fulfilling our legally required obligations, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities;
xii. Resolving disputes;
xiii. Protecting against or deterring fraudulent, illegal, or harmful actions; and
xiv. Enforcing our Terms of Use and other agreements.
We may use information that is not Personal Information to better understand who uses Asar and how we can deliver a better healthcare experience, as well as what type of educational information is important to our users.
We use information, including Personal Information, to provide the Services and to help improve the Services, to develop new services, and to advertise (for example, to display Asar ads on other web services). Specifically, such use may include:
i. Providing you with the products, services and information you request;
ii. Responding to correspondence that we receive from you;
iii. Contacting you when necessary or requested, including to remind you of an upcoming appointment;
iv. Providing, maintaining, administering or expanding the Services, performing business analyses, or for other internal purposes to support, improve or enhance our business, the Services, and other products and services we offer;
v. Customizing or tailoring your experience of the Services, which may include sending customized messages or showing you Sponsored Results;
vi. Notifying you about certain resources, Healthcare Providers or services we think you may be interested in learning more about;
vii. Sending you information about Asar products or Services;
viii. Sending emails and other communications that display content that we think will interest you and according to your preferences;
ix. Combining information received from third parties with information that we have from or about you and using the combined information for any of the purposes described in this Privacy Policy;
x. Showing you advertisements, including online behavioural advertising;
xi. Fulfilling our legally required obligations, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities;
xii. Resolving disputes;
xiii. Protecting against or deterring fraudulent, illegal, or harmful actions; and
xiv. Enforcing our Terms of Use and other agreements.
6. How Asar May Share Your Information
In certain circumstances, and in order to perform the Services, we may share certain information that we collect from you, as described in this section.
We may share your Personal Information with Healthcare Providers with whom you choose to schedule through the Services.
We will never sell email addresses to third parties. We may share limited Personal Information with our partners to customize or display advertising, excluding health or medical information, and only in accordance with applicable law and your preferences.
We may share your Personal Information and/or Traffic Data with our partners who perform operational services (such as hosting, billing, fulfillment, data storage, security, insurance verification, web service analytics, or ad serving) and/or who make certain services, features, or functionality available to our users.
We may share your Personal Information with the insurance provider you identify to us (and do so via our partners) to determine eligibility or otherwise obtain benefit plans and other insurance-related information on your behalf.
Public Information and Submissions: You agree that any information that you may reveal in a review posting, online discussion, or forum is intended for the public and is not in any way private. Carefully consider whether to disclose any Personal Information in any public posting or forum. Your submissions may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
Protection of Asar and Others: We also may need to disclose your Personal Information or any other information we collect about you if we determine in good faith that such disclosure is needed to:
i. Comply with or fulfil our obligations under applicable law, regulation, court order, or other legal process;
ii. Protect the rights, property, or safety of you, Asar, or another party;
iii. Enforce the Agreement or other agreements with you; or
iv. Respond to claims that any posting or other content violates third-party rights.
In certain circumstances, and in order to perform the Services, we may share certain information that we collect from you, as described in this section.
We may share your Personal Information with Healthcare Providers with whom you choose to schedule through the Services.
We will never sell email addresses to third parties. We may share limited Personal Information with our partners to customize or display advertising, excluding health or medical information, and only in accordance with applicable law and your preferences.
We may share your Personal Information and/or Traffic Data with our partners who perform operational services (such as hosting, billing, fulfillment, data storage, security, insurance verification, web service analytics, or ad serving) and/or who make certain services, features, or functionality available to our users.
We may share your Personal Information with the insurance provider you identify to us (and do so via our partners) to determine eligibility or otherwise obtain benefit plans and other insurance-related information on your behalf.
Public Information and Submissions: You agree that any information that you may reveal in a review posting, online discussion, or forum is intended for the public and is not in any way private. Carefully consider whether to disclose any Personal Information in any public posting or forum. Your submissions may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
Protection of Asar and Others: We also may need to disclose your Personal Information or any other information we collect about you if we determine in good faith that such disclosure is needed to:
i. Comply with or fulfil our obligations under applicable law, regulation, court order, or other legal process;
ii. Protect the rights, property, or safety of you, Asar, or another party;
iii. Enforce the Agreement or other agreements with you; or
iv. Respond to claims that any posting or other content violates third-party rights.
7. Storage, Security, and International Transfers
of Information
The security of your Personal Information is important to us. We implement administrative, technical, and physical safeguards designed to protect Personal Information against unauthorized access, loss, misuse, alteration, or disclosure.
i. These safeguards may include, where appropriate:
ii. Encryption of data in transit using TLS/HTTPS;
iii. Encryption of data at rest for sensitive Personal Information;
iv. Role-based access controls and least-privilege principles;
v. Multi-factor authentication for administrative and privileged access;
vi. Secure key management practices;
vii. Audit logging and monitoring of system access and critical activities;
viii. Regular system maintenance, patching, and security reviews; and
ix. Vendor security assessments for service providers handling Personal Information.
We may store and process Personal Information on servers located in India and other jurisdictions where Asar or its service providers operate. Where Personal Information is transferred across borders, we take reasonable steps to ensure that such transfers are subject to appropriate contractual, technical, and organizational safeguards, consistent with applicable data protection laws.
No method of transmission over the Internet or electronic storage is completely secure. While we strive to protect Personal Information using safeguards appropriate to its sensitivity, we cannot guarantee absolute security.
Security Incidents and Breach Notification
In the event of a data security incident involving Personal Information, we will assess the scope and impact of the incident. Where required by applicable law, we will notify affected individuals and relevant regulatory authorities within the timeframes prescribed by law.
8. Your Privacy Rights and Choices
Depending on your jurisdiction, you may have certain rights with respect to your Personal Information, including the right to:
i. Access the Personal Information we hold about you;
ii. Request correction of inaccurate or incomplete information;
iii. Request deletion or restriction of processing of your Personal Information;
iv. Withdraw consent where processing is based on consent;
v. Object to certain types of processing, including marketing communications;
vi. Request a copy of your Personal Information in a portable format; and
vii. Lodge a complaint with a relevant data protection authority.
To exercise your rights, please contact us at privacy@asar.care. We may need to verify your identity before processing a request. We will respond to verified requests within the timeframes required by applicable law.
9. Retention of Personal Information
We retain Personal Information only for as long as necessary to fulfill the purposes described in this Privacy Policy, including providing the Services, complying with legal and regulatory requirements, maintaining security, preventing fraud, resolving disputes, and enforcing our agreements.
We apply the principle of storage limitation and maintain internal retention schedules and periodic reviews to ensure Personal Information is not kept longer than required.
Retention Schedule Summary
i. Account and profile information: retained while your account remains active and for a limited period thereafter for security, dispute resolution, and compliance purposes.
ii. Medical or healthcare coordination information you voluntarily provide: retained only as necessary to deliver coordination and support services, and thereafter securely deleted or de-identified unless longer retention is required by law.
iii. Payment and billing records: retained as required for accounting, tax, audit, and fraud prevention obligations.
iv. Marketing preferences and consent records: retained to demonstrate compliance with applicable marketing and anti-spam laws and to respect opt-out requests.
v. Security logs and audit records: retained for a defined period appropriate to security monitoring and compliance.
Personal Information may persist in encrypted backup systems for a limited time until backup rotation or deletion processes are completed.
When Personal Information is no longer required, we take reasonable steps to securely delete, anonymize, or de-identify it.
10. Legal Bases for Processing
Where required by applicable law, we process Personal Information based on one or more of the following legal grounds:
i. Performance of a contract (e.g., providing the Services you request);
ii. Your consent, where explicitly obtained;
iii. Compliance with legal obligations;
iv. Legitimate interests, such as operating, securing, and improving our Services, provided such interests are not overridden by your rights.
Where Personal Information includes health-related or medical data, we process such information only with your explicit consent or as otherwise permitted by applicable law.
11. Marketing Communications and Anti-Spam
Compliance
You may receive communications from us related to the Services, including transactional and service-related messages. Where required by law, we will obtain your express or implied consent before sending marketing communications.
You may withdraw consent or opt out of marketing communications at any time by following the unsubscribe instructions included in such communications or by contacting us at
privacy@asar.care. We maintain records of marketing consent as required by applicable law.
12. Updates and Changes to The Asar Privacy
Policy
The effective date of this Privacy Policy is set forth at the top of this webpage. We will notify you of any material change by posting notice on this webpage. Your continued use of the Services after the effective date constitutes your acceptance of the amended Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices. Any amended Privacy Policy supersedes all previous versions. If you do not agree to future changes to this Privacy Policy, you must stop using the Services after the effective date of such changes.
13. Healthcare Service Providers and Their
Obligations
Asar will share basic Personal Information on the user with the Healthcare Providers who you elect to visit for an appointment through the Service to ensure that an appointment can be booked at your preferred time and date. These Healthcare Service Providers may need to collect additional Personal Information from you to build a medical history while carrying out their duties. The Healthcare Provider is required to obtain consent from the patient in person during their initial consultation to allow the Healthcare Provider to collect and store Personal Information, medical history, and other information as needed on the patient. The Healthcare Provider will not share this information with us or anyone else without the prior approval of the patient. Asar is in no way responsible for obtaining this approval for the Healthcare Provider and is in no way liable for any data collected by the Healthcare Provider.
14. Healthcare Interoperability Alignment
Asar does not provide clinical care or act as a healthcare provider. Where healthcare-related information is exchanged to facilitate care coordination, Asar aligns its security and data-handling practices with recognized healthcare interoperability and security principles, including auditability, access controls, and data minimization, consistent with HL7 / FHIR security guidance. HL7 standards do not prescribe specific data retention periods; retention is governed by applicable data protection laws and our internal retention policies.
15. Contact Us
If you have any comments, concerns, or questions about this Privacy Policy, please contact our Privacy Officer at privacy@asar.care Asar Healthtech & Innovation Lab Private Limited,
Gurgaon, IndiaPhone: +91 (971) 886.2727Email: info@asar.care
The security of your Personal Information is important to us. We implement administrative, technical, and physical safeguards designed to protect Personal Information against unauthorized access, loss, misuse, alteration, or disclosure.
i. These safeguards may include, where appropriate:
ii. Encryption of data in transit using TLS/HTTPS;
iii. Encryption of data at rest for sensitive Personal Information;
iv. Role-based access controls and least-privilege principles;
v. Multi-factor authentication for administrative and privileged access;
vi. Secure key management practices;
vii. Audit logging and monitoring of system access and critical activities;
viii. Regular system maintenance, patching, and security reviews; and
ix. Vendor security assessments for service providers handling Personal Information.
We may store and process Personal Information on servers located in India and other jurisdictions where Asar or its service providers operate. Where Personal Information is transferred across borders, we take reasonable steps to ensure that such transfers are subject to appropriate contractual, technical, and organizational safeguards, consistent with applicable data protection laws.
No method of transmission over the Internet or electronic storage is completely secure. While we strive to protect Personal Information using safeguards appropriate to its sensitivity, we cannot guarantee absolute security.
Security Incidents and Breach Notification
In the event of a data security incident involving Personal Information, we will assess the scope and impact of the incident. Where required by applicable law, we will notify affected individuals and relevant regulatory authorities within the timeframes prescribed by law.
In the event of a data security incident involving Personal Information, we will assess the scope and impact of the incident. Where required by applicable law, we will notify affected individuals and relevant regulatory authorities within the timeframes prescribed by law.
8. Your Privacy Rights and Choices
Depending on your jurisdiction, you may have certain rights with respect to your Personal Information, including the right to:
i. Access the Personal Information we hold about you;
ii. Request correction of inaccurate or incomplete information;
iii. Request deletion or restriction of processing of your Personal Information;
iv. Withdraw consent where processing is based on consent;
v. Object to certain types of processing, including marketing communications;
vi. Request a copy of your Personal Information in a portable format; and
vii. Lodge a complaint with a relevant data protection authority.
To exercise your rights, please contact us at privacy@asar.care. We may need to verify your identity before processing a request. We will respond to verified requests within the timeframes required by applicable law.
Depending on your jurisdiction, you may have certain rights with respect to your Personal Information, including the right to:
i. Access the Personal Information we hold about you;
ii. Request correction of inaccurate or incomplete information;
iii. Request deletion or restriction of processing of your Personal Information;
iv. Withdraw consent where processing is based on consent;
v. Object to certain types of processing, including marketing communications;
vi. Request a copy of your Personal Information in a portable format; and
vii. Lodge a complaint with a relevant data protection authority.
To exercise your rights, please contact us at privacy@asar.care. We may need to verify your identity before processing a request. We will respond to verified requests within the timeframes required by applicable law.
9. Retention of Personal Information
We retain Personal Information only for as long as necessary to fulfill the purposes described in this Privacy Policy, including providing the Services, complying with legal and regulatory requirements, maintaining security, preventing fraud, resolving disputes, and enforcing our agreements.
We apply the principle of storage limitation and maintain internal retention schedules and periodic reviews to ensure Personal Information is not kept longer than required.
Retention Schedule Summary
i. Account and profile information: retained while your account remains active and for a limited period thereafter for security, dispute resolution, and compliance purposes.
ii. Medical or healthcare coordination information you voluntarily provide: retained only as necessary to deliver coordination and support services, and thereafter securely deleted or de-identified unless longer retention is required by law.
iii. Payment and billing records: retained as required for accounting, tax, audit, and fraud prevention obligations.
iv. Marketing preferences and consent records: retained to demonstrate compliance with applicable marketing and anti-spam laws and to respect opt-out requests.
v. Security logs and audit records: retained for a defined period appropriate to security monitoring and compliance.
Personal Information may persist in encrypted backup systems for a limited time until backup rotation or deletion processes are completed.
When Personal Information is no longer required, we take reasonable steps to securely delete, anonymize, or de-identify it.
We retain Personal Information only for as long as necessary to fulfill the purposes described in this Privacy Policy, including providing the Services, complying with legal and regulatory requirements, maintaining security, preventing fraud, resolving disputes, and enforcing our agreements.
We apply the principle of storage limitation and maintain internal retention schedules and periodic reviews to ensure Personal Information is not kept longer than required.
Retention Schedule Summary
i. Account and profile information: retained while your account remains active and for a limited period thereafter for security, dispute resolution, and compliance purposes.
ii. Medical or healthcare coordination information you voluntarily provide: retained only as necessary to deliver coordination and support services, and thereafter securely deleted or de-identified unless longer retention is required by law.
iii. Payment and billing records: retained as required for accounting, tax, audit, and fraud prevention obligations.
iv. Marketing preferences and consent records: retained to demonstrate compliance with applicable marketing and anti-spam laws and to respect opt-out requests.
v. Security logs and audit records: retained for a defined period appropriate to security monitoring and compliance.
Personal Information may persist in encrypted backup systems for a limited time until backup rotation or deletion processes are completed.
When Personal Information is no longer required, we take reasonable steps to securely delete, anonymize, or de-identify it.
10. Legal Bases for Processing
Where required by applicable law, we process Personal Information based on one or more of the following legal grounds:
i. Performance of a contract (e.g., providing the Services you request);
ii. Your consent, where explicitly obtained;
iii. Compliance with legal obligations;
iv. Legitimate interests, such as operating, securing, and improving our Services, provided such interests are not overridden by your rights.
Where Personal Information includes health-related or medical data, we process such information only with your explicit consent or as otherwise permitted by applicable law.
Where required by applicable law, we process Personal Information based on one or more of the following legal grounds:
i. Performance of a contract (e.g., providing the Services you request);
ii. Your consent, where explicitly obtained;
iii. Compliance with legal obligations;
iv. Legitimate interests, such as operating, securing, and improving our Services, provided such interests are not overridden by your rights.
Where Personal Information includes health-related or medical data, we process such information only with your explicit consent or as otherwise permitted by applicable law.
11. Marketing Communications and Anti-Spam Compliance
You may receive communications from us related to the Services, including transactional and service-related messages. Where required by law, we will obtain your express or implied consent before sending marketing communications.
You may withdraw consent or opt out of marketing communications at any time by following the unsubscribe instructions included in such communications or by contacting us at
privacy@asar.care. We maintain records of marketing consent as required by applicable law.
12. Updates and Changes to The Asar Privacy
Policy
The effective date of this Privacy Policy is set forth at the top of this webpage. We will notify you of any material change by posting notice on this webpage. Your continued use of the Services after the effective date constitutes your acceptance of the amended Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices. Any amended Privacy Policy supersedes all previous versions. If you do not agree to future changes to this Privacy Policy, you must stop using the Services after the effective date of such changes.
The effective date of this Privacy Policy is set forth at the top of this webpage. We will notify you of any material change by posting notice on this webpage. Your continued use of the Services after the effective date constitutes your acceptance of the amended Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices. Any amended Privacy Policy supersedes all previous versions. If you do not agree to future changes to this Privacy Policy, you must stop using the Services after the effective date of such changes.
13. Healthcare Service Providers and Their
Obligations
Asar will share basic Personal Information on the user with the Healthcare Providers who you elect to visit for an appointment through the Service to ensure that an appointment can be booked at your preferred time and date. These Healthcare Service Providers may need to collect additional Personal Information from you to build a medical history while carrying out their duties. The Healthcare Provider is required to obtain consent from the patient in person during their initial consultation to allow the Healthcare Provider to collect and store Personal Information, medical history, and other information as needed on the patient. The Healthcare Provider will not share this information with us or anyone else without the prior approval of the patient. Asar is in no way responsible for obtaining this approval for the Healthcare Provider and is in no way liable for any data collected by the Healthcare Provider.
Asar will share basic Personal Information on the user with the Healthcare Providers who you elect to visit for an appointment through the Service to ensure that an appointment can be booked at your preferred time and date. These Healthcare Service Providers may need to collect additional Personal Information from you to build a medical history while carrying out their duties. The Healthcare Provider is required to obtain consent from the patient in person during their initial consultation to allow the Healthcare Provider to collect and store Personal Information, medical history, and other information as needed on the patient. The Healthcare Provider will not share this information with us or anyone else without the prior approval of the patient. Asar is in no way responsible for obtaining this approval for the Healthcare Provider and is in no way liable for any data collected by the Healthcare Provider.
14. Healthcare Interoperability Alignment
Asar does not provide clinical care or act as a healthcare provider. Where healthcare-related information is exchanged to facilitate care coordination, Asar aligns its security and data-handling practices with recognized healthcare interoperability and security principles, including auditability, access controls, and data minimization, consistent with HL7 / FHIR security guidance. HL7 standards do not prescribe specific data retention periods; retention is governed by applicable data protection laws and our internal retention policies.
Asar does not provide clinical care or act as a healthcare provider. Where healthcare-related information is exchanged to facilitate care coordination, Asar aligns its security and data-handling practices with recognized healthcare interoperability and security principles, including auditability, access controls, and data minimization, consistent with HL7 / FHIR security guidance. HL7 standards do not prescribe specific data retention periods; retention is governed by applicable data protection laws and our internal retention policies.
15. Contact Us
If you have any comments, concerns, or questions about this Privacy Policy, please contact our Privacy Officer at privacy@asar.care
Asar Healthtech & Innovation Lab Private Limited,
Gurgaon, India
Gurgaon, India
Phone: +91 (971) 886.2727
Email: info@asar.care
Asar Healthtech & Innovation Lab Private Limited
Copyright © 2025 All rights reserved