Trusted by 10,000+ families across Delhi NCR Call: +91 87507 73438

Privacy Policy

Last updated: 16 April 2026

CareShield ("we", "our", or "us") operates home nursing and healthcare services across Delhi NCR, India. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, or avail of our healthcare services. By using our services, you consent to the practices described in this policy.

1. Information We Collect

We collect information necessary to deliver safe and effective home healthcare services. This includes:

1.1 Personal Information

  • Identity details: Full name, date of birth, gender
  • Contact details: Phone number, email address, residential address
  • Emergency contact: Name and phone number of a family member or guardian
  • Government ID: Aadhaar number or other identity proof (when required for service verification)

1.2 Medical and Health Information

  • Medical history and current diagnoses
  • Prescription details and ongoing medications
  • Doctor's instructions and care plans
  • Vitals, observations, and nursing notes recorded during service delivery
  • Diagnostic reports and hospital discharge summaries shared with us

1.3 Service and Transaction Information

  • Service bookings, schedules, and preferences
  • Payment details (processed securely through third-party payment gateways)
  • Feedback, ratings, and correspondence with our support team

1.4 Technical Information

  • Device type, browser, and operating system
  • IP address and approximate location
  • Pages visited, time spent, and interaction patterns on our website

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: To assign qualified nursing staff, create care plans, and provide home healthcare services tailored to the patient's needs
  • Communication: To confirm bookings, send service reminders, share care updates with family members, and respond to inquiries
  • Quality assurance: To monitor service quality, conduct internal audits, and improve our care protocols
  • Safety and compliance: To ensure patient safety, maintain medical records as required by applicable laws, and handle any complaints or incidents
  • Billing and payments: To process payments, issue invoices, and manage your account
  • Service improvement: To analyse usage patterns and feedback to enhance our offerings and user experience

3. Data Sharing and Disclosure

We take your privacy seriously and share your information only in the following limited circumstances:

  • Assigned healthcare staff: Your medical and personal details are shared only with the nurses, caregivers, and medical professionals directly assigned to your care. Each staff member is bound by strict confidentiality obligations.
  • Referring physicians: With your consent, we may share relevant care updates or observations with your treating doctor or hospital.
  • Payment processors: Transaction data is shared with secure, PCI-DSS compliant payment gateways solely for processing payments.
  • Legal requirements: We may disclose information if required by law, court order, or government authority, or to protect the safety of our patients, staff, or the public.

We do not sell, rent, or trade your personal or medical information to third parties for marketing purposes.

4. Data Security Measures

We implement appropriate technical and organisational safeguards to protect your data, including:

  • Encryption of data in transit (SSL/TLS) and at rest
  • Role-based access controls ensuring only authorised personnel can access patient data
  • Regular security assessments and vulnerability testing
  • Secure storage of medical records with access logging and audit trails
  • Staff training on data protection and patient confidentiality
  • Incident response procedures for prompt handling of any data breach

5. Patient Medical Data Handling

We recognise the highly sensitive nature of medical information and adhere to the following principles, aligned with the Digital Personal Data Protection Act, 2023 (DPDP Act) and healthcare data handling best practices in India:

  • Minimisation: We collect only the medical information necessary to deliver safe and effective care.
  • Purpose limitation: Medical data is used exclusively for healthcare delivery, care coordination, and regulatory compliance -- never for marketing or unrelated purposes.
  • Confidentiality: All healthcare staff sign confidentiality agreements. Access to patient records is restricted on a need-to-know basis.
  • Consent: We obtain informed consent before collecting medical information. You may withdraw consent at any time, subject to legal and safety considerations.
  • De-identification: When using data for internal analytics or quality improvement, we remove personally identifiable details wherever possible.

6. Cookies and Website Analytics

Our website uses cookies and similar tracking technologies to improve your browsing experience. These include:

  • Essential cookies: Required for basic website functionality such as page navigation and form submission.
  • Analytics cookies: We use Google Analytics to understand how visitors interact with our site. This helps us improve content and usability. Google Analytics collects anonymised data such as pages visited, session duration, and referral sources.
  • Preference cookies: To remember your settings and preferences for future visits.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

7. Third-Party Services

We integrate with the following third-party services to deliver and improve our offerings:

  • WhatsApp (Meta): We use WhatsApp for service communication, booking confirmations, and care updates. Messages sent via WhatsApp are subject to WhatsApp's Privacy Policy.
  • Google Services: We use Google Analytics for website analytics and may use Google Maps for service area verification. These services are governed by Google's Privacy Policy.
  • Payment gateways: Online payments are processed through PCI-DSS compliant third-party gateways. We do not store your full card or bank account details on our servers.

We encourage you to review the privacy policies of these third-party services.

8. Data Retention

We retain your information for the following periods:

  • Medical records: Retained for a minimum of 3 years from the date of last service, in accordance with Indian medical record-keeping guidelines, or longer if required by applicable law.
  • Personal and contact information: Retained for as long as you have an active relationship with us, plus 2 years after your last service engagement.
  • Transaction and billing records: Retained for 7 years as required under Indian tax and financial regulations.
  • Website analytics data: Retained in anonymised form for up to 26 months.

After the applicable retention period, data is securely deleted or anonymised.

9. Your Rights

Under applicable Indian data protection laws, you have the following rights regarding your personal data:

  • Right to access: You may request a copy of the personal and medical information we hold about you.
  • Right to correction: You may request correction of any inaccurate or incomplete information.
  • Right to deletion: You may request deletion of your personal data, subject to our legal obligations to retain certain records (such as medical and financial records).
  • Right to withdraw consent: You may withdraw consent for data processing at any time. This will not affect the lawfulness of processing carried out before withdrawal.
  • Right to grievance redressal: You may raise concerns about how your data is handled, and we will address them promptly.

To exercise any of these rights, please contact us using the details provided below.

10. Contact for Privacy Concerns

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us at:

CareShield Privacy Team

Phone / WhatsApp: +91 87507 73438

Address: Delhi NCR, India

We aim to respond to all privacy-related inquiries within 7 working days.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website.

We encourage you to review this policy periodically. Your continued use of our services after any changes constitutes acceptance of the updated policy.

12. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023, and any rules or regulations made thereunder. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of the courts in New Delhi, India.