Data Protection Addendum (GDPR Policy)

This Data Protection Addendum (“DPA”) supplements the Privacy Policy of Para Ella – For Her and outlines how personal data is collected, processed, stored, and protected in alignment with internationally recognized data protection principles, including GDPR standards.

We are committed to ensuring lawful, fair, and transparent processing of personal and health-related information.

• Personal Data means any information relating to an identifiable individual.
• Sensitive Personal Data includes health records, medical history, diagnostic reports, and treatment details.
• Processing means collection, recording, storage, use, disclosure, or deletion of data.
• Data Subject refers to the patient or website user.

a) Personal Identification Data

• Name
• Contact number
• Email address
• Appointment details

b) Health & Medical Data

• Medical history
• Examination findings
• Treatment plans
• Counseling records
• Clinical images (with consent)

c) Technical Data

• IP address
• Browser/device type
• Usage analytics

• Patient Consent
• Provision of Medical Care
• Legal Compliance
• Legitimate Interest in Improving Services

Sensitive medical data is processed strictly for healthcare purposes and only by authorized professionals.

We collect only the data necessary for:

• Appointment scheduling
• Medical consultation and treatment
• Follow-up care
• Compliance with legal requirements

Data is not used for unrelated commercial purposes.

We implement appropriate safeguards including:

• Restricted access to medical records
• Secure storage systems (digital and/or physical)
• Role-based access control
• Staff confidentiality training

While we take reasonable security measures, no electronic transmission can be guaranteed fully secure.

Medical records are retained in accordance with applicable healthcare regulations in India.

Personal data will not be retained longer than necessary for:

• Treatment purposes
• Legal obligations
• Record-keeping compliance

Where applicable, patients may request:

• Access to their personal data
• Correction of inaccurate information
• Restriction of processing
• Withdrawal of consent (subject to medical record retention laws)
• Deletion of non-essential personal data

Requests may be made through official clinic communication channels.

Personal data may be shared only with:

• Authorized medical staff involved in care
• Diagnostic laboratories (where required)
• Legal authorities (if mandated by law)

We do not sell or trade personal data.

If any digital platforms or cloud services used for appointment scheduling or teleconsultation involve cross-border data storage, appropriate safeguards are implemented to maintain data protection standards.

In the unlikely event of a data breach affecting personal information, appropriate remedial measures will be taken in accordance with applicable legal requirements.

This Data Protection Addendum may be updated periodically. The revised version will reflect the updated effective date.

Website: www.paraellaforher.com

Location: 2nd Floor, Siddhi Arcade, Kalda Corner, Chh. Sambhajinagar, Maharashtra 431005

Your trust is fundamental to the care we provide.

We are committed to protecting your privacy with integrity and responsibility.