Welcome

  • Languages

PRIVACY POLICY

1. Definitions:
“NAVA” “we”, “our” or “us” refers to NAVA Technologies Inc., employees, subcontractors and any affiliate or agent of NAVA Technologies Inc.
“You” or “Your”: refers to any person who uses the Application.
Application, refers to the web applications commercialized by NAVA, including web applications commercialized directly by Health Care Provider under their own brand available at various subdomains under the domain drlynk.com and the native applications commercialized by NAVA, including application branded by Health Care Providers specifically designed for Android Tablets, and for android and iOS smartphone devices.
Collection refers to the act of gathering, acquiring, recording, or obtaining Personal Information from any source, by any means.
Consent refers to the voluntary agreement to the collection, use, and disclosure of Personal Information for defined purposes. Consent can be express or implied and can be provided directly by the individual or by an authorized representative. Express consent can be given orally, electronically, or in writing. Implied consent can be reasonably inferred from an individual’s action or inaction.
Data Controller: A Data Controller decides how and why personal data is processed, ensuring compliance with privacy laws. NAVA functions as a Data Controller when clients register an account, requiring their name, email, and phone number. Similarly, Health Care Providers act as Data Controllers for personal information they collect to provide services via NAVA.
Data Processor: In this policy, NAVA serves as a Data Processor, managing personal data on behalf of Health Care Providers and during patient account registration with NAVA.
End User refers to either the Patient who books an appointment with a Health Care Provider using the Application, or an individual acting on behalf of a Health Care Provider who operates the Application.
Health Care Provider refers to a medical practice or organization in its entirety, or any physician, nurse, or health care administrator who owns or works for a medical practice or organization.
Patient refers to a person seeking to utilize the Application or Website to book an appointment, or the individual representing the Patient, such as a parent, guardian, or carer.
Partner(s) refers to a party or parties with whom we have entered an agreement to exchange information related to the client’s appointment data including Personal Information such as name, email, contact phone number and name of the practitioner or service.
Personal Information refers to information about an identifiable individual that is recorded in any form. Personal Information does not include aggregate information that cannot be associated with a specific individual.
Privacy Officer refers to the person within NAVA Technologies Inc., who is responsible for ensuring compliance with privacy obligations, including this policy, with respect to the collection, use, disclosure, and handling of Personal Information by NAVA Technologies Inc., its employees, contractors, officers, and authorized agents.
Sensitive Information refers to the health information about an individual.
Website refers to our website available at the domain www.drlynk.com presenting our products and services, excluding the Application.
2. Your consent to use our services:
Protecting your security and privacy is very important to us. If you have any questions, concerns, or have any issues related to privacy and security, please contact us at security@navatech.ca
NAVA Technologies Inc., is the owner and operator of the Application and provides access to End Users on the terms and conditions contained in this document which should be understood in conjunction with our end-user license agreement.
At NAVA, we take privacy seriously. We take great care to protect our customers’ privacy by following, in letter and spirit, the guidance provided by the “Digital Personal Data Protection (DPDP) Act.
We collect Personal Information about our End Users at various points through our Application that are detailed below. This privacy policy outlines how we treat Personal Information specifically related to the use of the Application.
We encourage you to read this policy before using our services through our Application. By using the Application, you agree to the terms and conditions of this policy. If you do not agree with our practices as described in this policy, please do not use the Application or visit the Website.
3. Purpose of collecting and limiting the use of Personal Information:
We limit the collection of Personal Information to that which is necessary for purposes identified by us as described below.
In order to use our Application to book an appointment with a Health Care Provider, a Patient must first complete the registration form. In this instance, NAVA acts as a Data Controller and requires you to provide your name, mobile number, and e-mail address.
The information collected at the time of registration will also be used to contact you about the services offered by our Application in which you have expressed interest. The Health Care Providers affiliated with Dr.Lynk, may use our services to contact you regarding their services, products, or information related to patient care. To learn more, you can refer to the end user terms and agreement of the Health Care Provider.
We use your information for the following purposes:
  • Verify your mobile number and email used at the time of registration;
  • To create your account, following your registration with us;
  • Verify your identity and match your information with information on your Health Care Provider’s system database;
  • To provide updates to your Personal Information held by Health Care Providers;
  • To send appointment confirmation and appointment reminder notifications;
  • To provide you with the services, products, or information that you have requested from our Application;
  • To create your account, following your registration with us;
  • To provide you with technical support;
  • To inform you of updates to the Application;
  • To gather feedback from you, for the purposes of improving our services;
  • To contact you when required;
  • To compile anonymous statistical demographic information on the use of our system;
  • Send you news about our products and services in order to advise you of changes or tips for better use. You can unsubscribe or opt out of the receipt of these updates at any time.
We only contact you with important information about your appointments made through our Application or arranged by your Service Provider. In addition to emails and SMS, registered App users receive notifications on their Android or iOS smartphones. Notifications settings can be adjusted in the App’s Settings menu.
4. Information Collected through the Application
We collect the following information through the Application:
Personal Information (Patients): We do not collect Personal Information automatically when you visit our Website unless you have an account in the Application. We collect Personal Information from you when you voluntarily provide it to us – for example, when you contact us, through the Application, to book appointments with a medical practitioner or walk-in medical clinics and to track your appointments.
Health Care Providers use the Application to store and manage Personal Information about Patients. Personal Information collected from Health Care Providers is under their control and is used by us in accordance with our agreements with Health Care Providers as Data Processor.
Personal Information collected by NAVA may include :
  • Your contact information, such as your name and the name of your dependent, mobile number, e-mail address;
  • Healthcare card number and expiration date, which we only collect if you wish to use our service for making and managing your appointments made available through the Application;
  • Details about your appointments with Health Care Providers, such as date, time, type of appointment, cancellation, no shows;
  • Notes from Health Care Providers about your appointment;
From time to time, your Health Care Provider may ask you for sensitive health information, when you make an appointment, in order to understand and evaluate your health condition and determine its urgency. On some occasions, you may be providing Sensitive Information voluntarily at the time of booking or requesting an appointment. Providing such information is not mandatory and is optional through our Application, as we focus on limiting the collection of information related to only booking and managing appointments with a Health Care Provider.
Personal Information (Health Care Providers): We collect the following information about physicians and other medical and paramedical practitioners: (1) Name (2) Email (3) Phone number (3) Picture for profile page (4) Specialization (3) Practice information (4) Languages Spoken (5) Gender (6) Hospital affiliations (7) Educational Background (8) Services provided (9) Working hours. We also collect the name, e-mail, phone number, and profile picture of the clinic’s administrative staff. In addition, we collect information about the medical facility, such as facility name, address, and hours of operation. Information about the practitioners and medical facility is shared with the patients to check the services offered and to book appointments with physicians.
When it is strictly necessary, we may also collect Personal Information from our Partners and other sources with whom we integrate our services to synchronize patient appointments and profiles, with the consent of the individual and facility.
Aggregate Information: When you visit and interact with the Application or the Website, we may collect anonymous aggregate information from server log files and cookies.
  • Server Log Files: Your Internet Protocol (IP) address is an identifying number that is automatically assigned to your computer by your Internet Service Provider (ISP). This number is identified and logged automatically in our server log files whenever you use the Application, or visit the website, along with the time(s) of your visit(s) and the page(s) that you visited. We use the IP addresses of all visitors to calculate Website and Application usage levels, to help diagnose problems with the website’s servers, and to administer the website. We may also use IP addresses to communicate or to block access by visitors who fail to comply with our Terms of Service. Collecting IP addresses is standard practice on the Internet and is carried out automatically by many web sites.
  • Cookies: Cookies are data that a web server transfers to an individual’s computer for record keeping purposes. We use operating cookies that allow us to keep your session active and analytics cookies supplied by the Google Analytics service. We do not provide Personal Information to Google Analytics other than IP addresses and clickthrough data (pages visited, duration of sessions). If you do not want information collected through the use of cookies, there are simple procedures in most browsers that allow you to delete existing cookies, to automatically decline cookies, or to be given the choice of declining or accepting the transfer of particular cookies to your computer. You should note, however, that declining cookies may make it difficult or impossible for you to use portions of the Application. NAVA does not store any personal information when you browse our website or access the application without signing in.
  • Pixel Tags: The Application may use so-called pixel tags, web beacons, clear GIFs, or similar means (collectively referred to as pixel tags) to compile aggregate statistics about website usage and response rates. Pixel tags allow us to count users who have visited certain pages of the website, to deliver branded services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted e-mail messages, Pixel Tags can tell the sender whether and when the e-mail has been opened.
5. Use of Information Gathered through the Application
We may use your Personal Information for the following purposes.
  • Provision of Service and Communications (Patients): Through the information, you provide us, we will be able to (1) send appointment confirmation and appointment reminder notifications; (2) provide the service, products, or information that you have requested from our application; (3) create an account for you if you registered with us; (4) provide optimal administrative and support services; (5) inform you of updates to the software; (6) evaluate and improve our services; (7) contact you when required; (8) encourage users and visitors to contact us with questions and comments; (9) respond to your questions and comments.
  • Provision of Service and Communications (Health Care Providers): Through the information you provide us, we will be able to (1) create an account for you and manage multi-clinic access; (2) send alerts about appointments;(3) provide optimal administrative and support services; (4) provide the service, products, or information that you have requested from our application; (5) inform you of updates to the software; (6) evaluate and improve our services; (7) contact you when required; (8) to contact us with questions and comments; (9) respond to your questions and comments.
  • Business Purposes: We may collect certain data that do not contain Personal Information for internal business purposes etc. for analysis and management of our operations to develop new features, improve our product and services to better serve you.
  • Financial Transactions: We facilitate the completion of transaction between Patients and Health Care Providers using third party payment processing service providers (Stripe™ and Square™). Your credit card information is not stored on our server and we do not process any transaction ourselves. All payments will be securely processed, using a third-party payment gateway. These service providers use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information.
6. Disclosure:
We will make reasonable efforts to ensure that we only collect and receive information that is necessary for the purposes identified, and we ensure that the data is used only for the purpose for which it was obtained.
We do not use or disclose personal information for purposes other than those for which it is collected, except with the consent of the concerned individual or as required by law. We retain personal information only as long as necessary for the fulfillment of these purposes, or as required by law.
We may disclose Personal Information as follows:
  • With our employees who need to know in the performance of their duties and undertake to treat Personal Information in accordance with this policy.
  • With Health Care Providers, where a Health Care Provider has provided Personal Information about you or if you used the Application to book or manage medical appointment with such Health Care Provider.
  • With service providers retained by us to assist us in our business obligations, provided that the third party commits to protecting personal information in accordance with this policy. At this time, we share Personal Information with the following service providers:

Service Provider

Purpose

Userful Links

Amazon Web Services
AWS hosts all data used in the operation of the Application and backups.
Privacy Notice
https://aws.amazon.com/privacy/
AWS Service Terms
https://aws.amazon.com/agreement/
Twilio
Twilio facilitates automated communication with Patients.
Twilio receives contact information (email, phone number) and information about appointments where included in messages.
Privacy Statement :
https://www.twilio.com/legal/privacy
Data Protection Addendum
https://www.twilio.com/legal/data-protection-addendum
MSG91
MSG91 facilitates automated appointment notifications.
Insert MSG91 PP statement and data protection addendum.

Service Provider

Amazon Web Services
Twilio
MSG91

Purpose

AWS hosts all data used in the operation of the Application and backups.
Twilio facilitates automated appointment notifications.
MSG91 facilitates automated appointment notifications.

Useful Links

Privacy Notice
https://aws.amazon.com/privacy/
AWS Service Terms
https://aws.amazon.com/
agreement/
Privacy Statement :
https://www.twilio.com/legal/
privacy
https://www.twilio.com/legal/
privacy
Data Protection Addendum
https://www.twilio.com/legal/data-protection-addendum
Insert MSG91 facilitates automated appointment notifications.
  • With a person who, in our reasonable judgment, based on the identification provided, is seeking the information as an agent of a Health Care Provider entitled to receive such information;
  • Where you explicitly consent to such disclosure
  • To comply with any legal obligation that requires or permits the disclosure of personal information (for example, in the context of an investigation of the contravention of a law)
Only our employees with a business-related need to know, or whose duties reasonably so require, are granted access to Personal Information about customers.
All information you provide us, through support calls or e-mails, will only be available to the NAVA team responsible for providing the services requested. Once the issue has been addressed, the support ticket will be closed, and information archived.
We do not and will not sell any Personal Information to third parties for marketing or any other commercial purposes.
7. Access and Correction Rights
We make reasonable efforts to keep Personal Information as accurate, complete, and up to date as is necessary to fulfil the purposes for which the information is to be used.
We rely upon the Health Care Providers to keep your Personal Information up to date and or you to ensure the accuracy of the Personal Information that you provide us at time registration to the Application. You may review the information you have provided and update Personal Information by accessing the profile page from the setting menu of the Application. Any modification to your Personal Information recorded by a Health Care Provider affiliated with NAVA will entail a modification in our records and in the records of all other Health Cara Providers affiliated with NAVA.
If you are registered with the Application, you can contact us at contact@navatech.ca for help with the following scenarios:
  • Request access to the information that NAVA Application has on you.
  • Request correction to the information that we have on you.
In the above cases, to provide the necessary support, we will have to verify your identity by asking to confirm some personal information and authenticate your account.
If you are not registered to the Application, you can contact your Health Care Provider to request correction to your Personal Information that is in the Health Provider system.
NAVA believes privacy is a fundamental human right. Therefore, our Website and Application are designed to centralize and minimize the data collection, while enhancing transparency and control over the information of Health Care Providers and their Patients. If you believe your rights have been violated, please contact us to address and rectify any concerns.
8. Retention and Destruction:
We retain Personal Information only as long as it is deemed necessary to fulfil the identified purposes for which the information was collected, that is to say for (i) as long as your account is active, (ii) as long as a Health Care Provider uses the Application to manage your Personal Information, or (iii) otherwise for a limited period of time as long as we need to fulfill the purposes for which we have initially collected it, unless otherwise required by law.
Personal Information no longer necessary or relevant for the identified purposes, or no longer required to be retained by law, shall be securely destroyed, erased, or made anonymous.
We shall maintain reasonable and systematic controls, schedules, and practices for such information, its retention and destruction.
9. Security Safeguards
9.1 How We Protect Your Information
We protect Personal Information with security safeguards appropriate to the sensitivity of the information.
With the use of appropriate physical, administrative, and technical security measures, we protect Personal Information against a variety of risks, such as, loss, theft, unauthorized access, disclosure, copying, use, modification, or destruction of such information.
We use commercially reasonable efforts to ensure the protection of Personal Information that we disclose to third parties. For example, contracts with third parties’ stipulate responsibilities to protect Personal Information and only use it for specific purposes.
The measures that we take towards ensuring the protection of Personal Information include the encryption of our database. All communication from our Application to our servers use SSL encryption. In addition, your user session expires periodically requiring you to re-login. We don’t store user passwords in clear text on our servers.
All our employees with access to Personal Information shall be required, as a condition of employment, to respect the privacy of Personal Information accessible to them. All employees are required to sign an agreement including provisions regarding the safeguarding of Personal Information upon hire, and annually thereafter.
As described above, we have security measures and tools in place to help protect against the loss, misuse, and alteration of the information under our control. However, no method of transmitting or storing data is completely secure. If you have reason to believe that your interaction with us is no longer secure, or that the security of your account with us has been compromised, you must immediately notify us of the problem by contacting us at security@navatech.ca
9.2 How We Store and Process Your Information
The information collected by NAVA is processed and/or stored in India. NAVA will not transfer information that we collect, including personally identifiable information, to affiliated entities, or other third parties across borders.
Personal information is hosted by our hosting provider, Amazon Web Services on servers located in India.
Information about security measures in place at AWS may be found here: https://aws.amazon.com/fr/security/.
Information specific to privacy compliance may be found here: https://aws.amazon.com/fr/compli ance/data-privacy-faq/?nc=sn&loc=4.
10. Other Important Notes regarding our Privacy Policies and Practices
  • Children: We advise that all Personal Information on users below the age of eighteen (18) be provided by a parent or legal guardian.
  • Other Third-Party Websites or Applications: The Application may integrate with software provided by third party service providers used by Health Care Providers. This third-party software is not under our control and we are not responsible for their working functions or maintenance and privacy practices or contents, including for their third party to other websites.
  • Assignment: We reserve the right to transfer any and all information that we collect from users of the Application to third parties who will commit to protecting personal information in accordance with this policy in the event of a merger, sale, joint venture, assignment, and transfer or other disposition of all or any portion of our assets or stock (including, without limitation, in connection with bankruptcy or similar proceedings).
  • Choice: We do not disclose your Personal Information to third parties, including to our affiliates, for marketing purposes. However, from time to time, we will occasionally send you e-mails or other information that matches your requests and offer you promotions of our services. If, at any time, you wish to stop receiving these e-mail communications from us, you may select the unsubscribe feature in the e-mails you receive.
11. Openness Concerning Policies and Practices
We make readily available, specific information about our Personal Information management policies and practices to our customers and the public upon request.
This information includes:
  • the name and contact email of the Privacy Officer to whom inquiries or complaints can be forwarded;
  • the means of gaining access to Personal Information that we hold;
  • a description of the type of Personal Information that we hold, including a general account of its use and disclosure;
  • a copy of any brochures or other information that explains our policies or information handling practices.
We make information available to help customers exercise choices regarding the use and disclosure of their Personal Information.
12. Your rights in respect of your Personal Information
  • Rights of Access and Rectification: We make reasonable efforts to keep Personal Information as accurate, complete, and up-to-date as is necessary to fulfill the purposes for which the information is to be used. We rely upon you to ensure the accuracy of the Personal Information that you provide us. You may review the information you have provided, and update Personal Information by accessing the profile page from the setting menu of the Application. If you would like a copy of the Personal Information stored within NAVA’s system or you believe that the personal information we have on record for you is inaccurate, out of date, incomplete irrelevant, please email contact@navatech.ca.
  • Rights to Deletion (Where applicable law allows for such right): You may have the right to request deletion of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable request, we will delete (and direct the relevant service providers to delete) your Personal Information from our records, unless an exception applies. Please note that we may need to retain certain information for record-keeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.
  • Submitting a Request: Where applicable law allows for such a right, if you would like to access, correct, decline consent, or delete Personal Information, you may submit a request to contact@navatech.ca with the subject line “Data Subject Request”. We will respond to your request consistent with the applicable law. NAVA has the right to request the payment of a small administrative fee for the service rendered.
For your protection, we may only implement requests with respect to the Personal Information associated with the particular mobile number that you used upon registering for a NAVA account, and we may need to verify your identity before implementing your request.
13. Challenging Compliance
A customer shall address a challenge concerning our compliance with the principles set out in this privacy policy to the Privacy Officer.
We maintain procedures for addressing and responding to all inquiries and complaints by customers with regard to our handling of Personal Information.
For more information, please contact: Privacy Officer, NAVA Technologies Inc. at vikramdas@navatech.ca
14. Changes of this Policy
We reserve the right to amend this policy, and any of our policies or procedures concerning the treatment of information collected through the Application . You can determine when this policy was last updated by referring to the “Last Updated” legend at the bottom of this page. Any changes to our policy will become effective upon the posting of the revised policy on the Website. Use of the website following such changes constitutes your acceptance of the revised policy.
If you have an account and provided an email address, we will inform you in advance of any change to this policy. We will not use your Personal Information for new purposes without your prior consent.
This policy represents the sole, authorized statement of our practices with respect to the collection of Personal Information through the Application, and our use of such information. Any summaries of this policy generated by third party software or otherwise shall have no legal effect, do not bind us, shall not be relied upon to substitute this policy, and will neither supersede not modify this policy.
15. Opt-Out and Closing Your Account
You may unsubscribe at any time from e-mail, SMS or in-phone App notifications. To unsubscribe from email, you may simply click on the unsubscribe link in the e-mail message. To unsubscribe from SMS notifications, reply with the text “STOP” to the message. You may turn off in-phone App notifications by simply accessing the Settings section in the Application menu.
You can close your NAVA Application account at any time from your mobile device by accessing the Settings section in the Application menu. However, this action will not remove your Patient file that is managed by you Health Care Provider using NAVA system. If you have any questions regarding your Patient file, please contact directly your Health Care Provider.
After closing your NAVA Application account, if you have not opted out from e-mail and SMS notifications, you may continue to receive appointment confirmation and reminder notifications for the appointments you have with the Health Care Provider. You can opt-out of e-mail and SMS notification following the instruction we have provided here, or you may request the Health Care Provider to turn off the notifications for you.
Note that NAVA may not be able to delete any de-identified data on you. This is data that has been dissociated from your identity and that is used for quality improvement or analytical purposes. Once this data has been deidentified, it may no longer be possible to determine which user it came from.
16. More Information
NAVA Application respects the laws that relate to privacy rights in India: Digital Personal Data Protection (DPDP) Act (https://www.meity.gov.in/writeread data/files/Digital%20Personal%20
Data%20Protection%20Act%202 023.pdf).
17. Contacts
If you have any questions regarding this Privacy Policy, please contact our Privacy Officer, Vikramdas Narayanan, by the following methods:
By Email: vikramdas@navatech.ca