VISION

Access to precision Medtech for every patient, Globally

VALUES

Agile

 To be able to quickly adapt to rapidly changing global environment & exploit opportunities to ensure faster accessibility for patients to precision medtech solutions

Inquisitive

To have an eager desire to learn & seek new information and experiences that helps to achieve our vision of reaching out to every patient on this planet

Collaborative:

To work together with both internal & external people by securing their support and forming alliances to give accessibility of precision medtech solutions to our end users

Strategic Levers

Culture & Engagement

Pursuit of Excellence

Financial Vitality

Growth Acceleration

Access to precision Medtech for every patient , Globally.

Who We Are

Healthium Medtech Limited is a global medtech company focused on products used in surgical, post-surgical and chronic care. Our vision is to provide “Access to precision medtech for every patient, globally.” We operate across three key markets, India, UK and Rest of the World and our focus areas: advanced surgery, wound care, and arthroscopy.

This website is operated by Healthium Medtech LTD. (Referred as “Healthium”, “we”, “our”, “us” in this, Privacy Notice)

Healthium Medtech LTD is registered in India under CIN: U03311KA1992PLC013831 and we have our registered office at 472/D, 13th Cross, 4th Phase, Peenya Industrial Area, Bengaluru, Karnataka – 560 058, India.

Additionally, we operate the following websites under the Healthium brand and group entities:

https://www.carenowmedical.com/ – Coimbatore, Tamil Nadu, India
https://www.qclose.com/ – United Kingdom (UK)
https://qualityneedles.com/ – Noida, Uttar Pradesh, India
https://sironixmedtech.com/

We have therefore developed this privacy notice to inform you of the data we collect, what we do with your information, what we do to keep it secure as well as the rights and choices you have over your personal information.

Grievance Officer Details:

For any queries, complaints, or to exercise your rights under this policy, please contact our Grievance Officer:

Name: Kankana Barua
Email: Grievance.Officer@healthiummedtech.com
Contact Number: +91-80-41868000

What Personal Data do we Collect and When?

The type of personal information that we will collect from you, and you voluntarily provide to us on this website or as part of a service or product we provide to you may include some or all of the following:

Identity Data includes first name, maiden name, last name or similar identifier, title, date of birth and gender. (Hospitals, Trusts, Surgeries, Business owners)

Contact Data includes billing address, delivery address, email address and telephone numbers.

Financial Data includes bank name, sort code and account number, payment card details, VAT number.

Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us. For example, agent commissions, product pricing, and royalty terms.

Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this site.

Profile Data includes any purchases or orders made by you, your interests, preferences, feedback, and survey responses.

Usage Data includes information about how you use our site, products, and services.

Marketing Data includes your preferences in receiving marketing from us and your communication preferences.

Communications data including emails, telephone calls and post which you receive from us or send to us, and your preferences in receiving information and being contacted by us.

Why and How We use Your Personal Data

We use your personal data to provide the features of the website and the services you request

When you use our website or platform, we will use your personal data to provide the requested product or service. For example, if you make an enquiry on our website send us an email, we will use the contact information you give us to communicate with you about the enquiry. If you contact our customer care services by telephone, we will use information about you, such as enquiry or payment information, or the service you have purchased to help you resolve a problem or question.

We use your personal data to establish you as a Healthium customer.

If you sign an agreement to become a Healthium customer, we will need to collect and verify information about you and other relevant individuals to set up our products and services for you, including to provide you with support, onboarding, and account management

To Operate, Improve and Maintain our Business, Products and Services

We use the personal data you provide to us to operate our business. For example, when you make a purchase, we use that information for accounting, audits, and other internal functions. We may use personal data about how you use our products and services to enhance your user experience and to help us diagnose technical and service problems.

To Protect Our or Others' Rights, Property or Safety

We may also use personal data about how you use our website to prevent, detect, or investigate fraud, abuse, illegal use, violations of our Terms of Use, and to comply with court orders, governmental requests, or applicable law.

To Communicate Information about our Products, Services, Events and for Other Promotional Purposes

When you consent, we will send you marketing communications and news concerning Healthium products, services, events, and other promotions. You can opt-out at any time after you have given your consent.
If you are an existing customer of Healthium (for example, if you are a service user), we may use the contact details you provided to send you marketing communications about similar Healthium products or services, where permitted by applicable law (unless you have opted out).

Sharing of Your Personal Data

We do not sell your personal data.
We may share your personal data with other organisations in the following circumstances:
• If the law or a public authority says we must share the personal data (Government bodies and agencies)
• If we need to share personal data to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk)
• External sources of publicly available information such as credit reference agencies
• We use data processors who are third parties who provide elements of services for us. We have Data Processor Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct.
• Healthium entities for the purposes and under the conditions outlined above. This includes HEALTHIUM MEDTECH LTD subsidiaries, and affiliated companies.
• We may also transfer personal data we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganisation, spin-off, dissolution, or liquidation).

Social media buttons

We use plugins on our website from social media networks such as Facebook, LinkedIn, and Twitter. You can recognise these plugins by their logos. Our plugins will not collect personal data about you unless you click on these logos. If you click on them, these plugins are activated and automatically transmit data to the plugin
provider.
We do not have any influence over which data these providers collect from you. If you would like more information about their data processing, this can be found in the respective privacy policies on the websites of these providers.

Cookies

We use cookies and similar techniques, such as tags/beacons and JavaScript’s, which are small text files stored on your device. Using cookies is a way for us to make sure that our website is continuously improved, meets your needs and can be used as a tool to optimise our marketing strategy. For us to do this, we place functional cookies to make the website function as well as marketing cookies which help us target the right people and show them advertisements. Some of these cookies track your use of our website and visits to other websites and allow us to show you advertisements when you browse other websites.
Please view our Cookie Policy for more information on our use of cookies.

How long we keep Your Information

We will retain your personal data for as long as needed or permitted considering the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you and provide the Service to you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable considering our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations)

Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. Platforms, systems, and facilities in which personal data are processed are protected by secure network architectures that contain firewalls, access control and authentication protocols.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.

Where we store Your Personal Information and International Data Transfers

Your personal information may be stored and processed in any country where we have facilities or service providers, and by using our Service or by providing consent to us (where required by law), your information may be transferred to countries outside of your country of residence, which may provide for different data protection
rules than in your country. Appropriate contractual and other measures are in place to protect personal information when it is transferred to our affiliates or third parties in other countries.

Protections Under European and UK Privacy Laws (GDPR/UK GDPR)

Rights under Data Protection Law

The Right to be Informed about our collection and use of personal data

You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website privacy notice. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.

Right to Access Your Personal Information

You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is sometimes termed ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 1 month from when your identity has been confirmed.
We would ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.
If you would like to exercise this right, please contact us as set out below.

Right to Correction Your Personal Information

If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you may ask us to correct it.
If you would like to exercise this right, please contact us as set out below

Right to Stop or Limit Our Processing of Your Data

You have the right to object to us processing your personal information for particular purposes, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
You can ask us to restrict processing your data, for example where:
• you’re contesting the accuracy of your personal data.
• we no longer need to process your personal data, but you want us to keep it for use in legal claims.
• you’ve objected to the processing by asking us to stop using your data, but you’re waiting for us to tell you if we have overriding grounds which mean we’re allowed to keep on using it. If you would like to exercise this right, please contact us as set out below

Right to Erasure

You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. Where the right doesn’t apply, we’ll let you know why we can’t action your request.
This right may be applied where:
• personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
• the processing was based on your consent which you withdraw (and there are no other legal grounds for processing that data)
• you exercise your right to object and there are no overriding legitimate grounds for the processing.
• there is no lawful reason to retain personal data or if the personal data must be erased to comply with a legal obligation.
If you would like to exercise this right, please contact us as set out below.

Right to Portability

The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used, and machine-readable format. It also gives them you the right to request that a controller transmits this data directly to another controller. If you would like to exercise this right, please contact us as set out below.

Using your personal data: the lawful basis and purposes - Under European and UK Privacy Laws (GDPR/UK GDPR)

To process your personal data, we rely on certain lawful basis, depending on how you interact with our website, platform, or services.
If we do process your personal data, we may use one or more of the following lawful basis for processing:
As necessary to perform our contract with you for the relevant product, or service, including:
• To take steps at your request prior to entering into it;
• To decide whether to enter into it;
• To manage and perform that contract;
• To assess credit risk;
• To update our records; and
• To trace your whereabouts to contact you about your account and recovering debt. As necessary for our own legitimate interests or those of other persons and organisations, including:
• Governance, accounting, managing, and auditing our business operations.
• To search at credit reference agencies if you as an individual are over 18 and to confirm your identity.
• To monitor emails, calls, other communications, and activities on your account, product, or service.
• For market research, analysis and developing statistics.
• To send you marketing communications, including automated decision making relating to this.
• To identify and contact potential customers using publicly available information and internal insight; and
• To monitor your or their transactions to assess credit risk, and for the detection and prevention of crime.
As necessary to comply with a legal obligation, including:
• When you or any of your related persons exercise available rights under data protection law and make requests.
• For compliance with legal and regulatory requirements and related disclosures.
• For establishment and defence of legal rights.
• For activities relating to the prevention, detection, and investigation of crime.
• To verify your or any of your related persons’ identity, make credit, fraud prevention and anti-money laundering checks; and
• To monitor emails, calls, other communications, and activities on your account, product, or service. Based on your consent, including:
• When you request us to disclose your or any of your related persons’ personal data to other people or organisations, such as a person or company handling an account or project on your behalf, or otherwise agree to disclosures.
• When we process any special categories of personal data about you or your related persons at your request (e.g., your or any of your related persons’ racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning your health, sex life or sexual orientation); and
• To send you marketing communications where we’ve asked for your consent to do so. You are free at any time to change your mind and withdraw your consent.

Contact Us

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:

For any queries or complaints write to:
contact@healthiummedtech.com
care@healthiummedtech.com
Customer care number
+91-80-41868000

Employee Data Privacy:
In the course of our business operations, we collect and process certain personal information from our employees. This includes, but is not limited to, biometric data, identity proof, address proof, medical records, and bank details. This information is collected for the purposes of payroll processing, insurance enrollment, and
other employment-related activities.

We are committed to ensuring the privacy and security of our employees’ personal data. The following outlines the specific types of employee data we collect, the purposes for which it is processed, and the measures we take to safeguard this information:

Biometric Data: As part of our attendance and access control systems, we may collect biometric data for identification purposes. This data is securely stored and used solely for the intended purposes.

Identity Proof and Address Proof: In compliance with legal and regulatory requirements, we collect identity proof and address proof documents from our employees. This information is essential for employment verification, statutory compliance, and communication purposes.

Medical Records: For insurance enrollment and related purposes, we may collect and process medical records of our employees. This information is treated with the utmost confidentiality and is accessible only to authorized personnel involved in insurance administration.

Bank Details: To facilitate payroll processing, we collect bank details of our employees. This information is
strictly used for salary disbursement and is handled with the highest level of security and confidentiality.

Purpose of Data Collection:
The employee data mentioned above is collected for the following specific purposes:
➢ Payroll processing and disbursement.
➢ Statutory compliance and legal obligations.
➢ Insurance enrollment and administration.
➢ Employment-related communications.

Data Security Measures:
We have implemented robust security measures to protect employee data, including bank details, from unauthorized access, disclosure, alteration, and destruction. Access to such sensitive information is restricted to individuals with a legitimate need for such access, and regular audits are conducted to ensure compliance with data protection policies.

Employee Data Privacy:
We collect and process employee data such as biometric records, bank details, Identity and address proof for payroll, insurance, and employment-related activities.

Healthcare Professional (HCP) and Vendor Data Privacy:
We collect HCP and vendor PAN and Bank details for payment processing, tax compliance, and statutory requirements.

Third-Party Data Sharing:
We don’t sell personal data to third parties except for contractual or legal obligations.

Data Retention:
Data collected is retained as long as needed for the intended purposes and legal requirements.