Privacy Policy
We are committed to protecting your personal and health data with the highest standards of security, transparency, and respect for your rights.
At a Glance
Last updated: March 18, 2026 · Effective: March 18, 2026
This policy describes how Altabeeb Healthcare collects, uses, and protects your data. Questions? Contact us or email privacy@tabeeb.co.in.
Altabeeb Healthcare ("we", "us", or "our") is committed to protecting your privacy and handling your personal and health data responsibly. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our platform at tabeeb.co.in and related services.
This policy applies to all users of the Altabeeb platform including patients, registered users, visitors, and healthcare professionals. By accessing or using our services, you consent to the practices described in this policy.
Our Core Commitment
We treat your health information with the highest level of confidentiality. Your medical data is yours — we are only its steward, not its owner. We will never sell your personal or health data to any third party for commercial purposes.
We collect personal information that you provide directly, data generated through your use of our services, and in some cases, data from third-party sources. The categories of data we collect include:
- Full name and date of birth
- Government ID for verification (Aadhaar, PAN)
- Profile photograph (optional)
- Gender and marital status
- Email address
- Mobile number
- Residential address
- Emergency contact details
- Medical history and conditions
- Prescriptions and lab reports
- Consultation notes and recordings
- Allergies and current medications
- Vitals and health metrics
- IP address and browser type
- Device identifiers
- App usage and session data
- Cookies and tracking pixels
- Payment method details (tokenised)
- Transaction history
- Billing address
- Refund records
- Chat messages with support
- Feedback and survey responses
- Complaints and grievances
- Email and SMS interactions
We collect this data when you register an account, book a consultation, complete a health form, make a payment, contact support, or interact with our platform in any way.
We use your personal and health data exclusively for the following purposes:
Providing Healthcare Services
Facilitating consultations, generating prescriptions, booking lab tests, and delivering reports
Account Management
Creating and maintaining your profile, authentication, and account security
Payment Processing
Processing transactions, issuing invoices, and handling refunds securely
Communication
Sending appointment reminders, health tips, test results, and support responses
Platform Improvement
Analysing usage patterns to improve features, fix bugs, and enhance user experience
Legal Compliance
Meeting obligations under Indian law, including medical record retention requirements
We do not sell, rent, or trade your personal information. We may share your data only in the following limited circumstances:
- Healthcare Professionals: Your health data is shared with the doctors and specialists you consult, solely for the purpose of providing medical care.
- Diagnostic Labs: When you book a lab test, relevant information is shared with the partner laboratory to process your test.
- Payment Processors: Financial data is processed by Razorpay under their privacy policy. We do not store full card details.
- Technology Partners: Trusted vendors who help us operate our platform (cloud hosting, SMS gateway, analytics) under strict data processing agreements.
- Legal Requirements: When required by law, court order, or government authority, we may disclose data as required.
- Research (Anonymised): De-identified, aggregated health data may be shared with research institutions to improve public health outcomes.
We implement industry-standard technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction.
Encryption
AES-256 encryption at rest; TLS 1.3 in transit
Access Controls
Role-based access; only authorised staff access your data
Data Centres
Hosted on ISO 27001 certified cloud infrastructure in India
Regular Audits
Periodic security assessments and penetration testing
Breach Response
Incident response plan; users notified within 72 hours of breach
Retention Policy
Medical records retained for 7 years per Indian regulations
Despite our best efforts, no security system is impenetrable. If you suspect your account has been compromised, please contact us immediately at security@tabeeb.co.in.
As a user of our platform, you have the following rights regarding your personal data. To exercise any of these rights, contact us at privacy@tabeeb.co.in.
Right to Access
Request a copy of all personal data we hold about you. We will respond within 30 days.
Right to Rectification
Correct any inaccurate or incomplete personal data in your profile or records.
Right to Erasure
Request deletion of your account and personal data, subject to legal retention obligations.
Right to Opt-Out
Unsubscribe from marketing communications at any time via email or account settings.
Right to Portability
Request your data in a structured, machine-readable format for transfer to another service.
Right to Object
Object to processing of your data for direct marketing or research purposes.
Our platform is not intended for use by children under the age of 18 without parental or guardian consent and supervision. We do not knowingly collect personal information from children under 18.
For Parents & Guardians
If you are a parent or guardian creating an account on behalf of a minor for medical purposes, you are responsible for ensuring the minor's information is used only for legitimate healthcare needs. If you believe a child has provided personal information without consent, please contact us immediately at privacy@tabeeb.co.in.
Upon discovering that we have collected data from a child under 18 without appropriate consent, we will take steps to delete such information promptly.
Altabeeb is an India-based platform and all primary data processing occurs within India. However, some of our third-party service providers may process data outside of India. In such cases:
- We ensure adequate data protection standards are in place at the destination
- Data transfers are governed by contractual agreements that mirror our privacy standards
- We comply with any applicable cross-border data transfer restrictions
- You will be notified if your data is transferred internationally in a significant way
Our cloud infrastructure provider, AWS, maintains data centres in the ap-south-1 (Mumbai) region by default for all primary data.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Send a notification to your registered email address
- Display a prominent notice on our platform for 30 days
- Obtain fresh consent where required by law
Data Protection Officer
For any privacy concerns, data requests, or questions about this policy, please contact our Data Protection Officer:
Privacy Concerns or Data Requests?
Contact our Data Protection Officer. We respond to all privacy requests within 30 days.
Related Policies
Other legal documents that govern your relationship with Altabeeb Healthcare.
Your Health Data is Safe with Us
We take your privacy seriously. Start your healthcare journey with confidence knowing your data is protected.