Be Among the First.
Save 40% on 50 Cycle Packs.
Limited time for Australian and New Zealand IVF clinics.
LEARN MORE
Log In

iConceive Data Privacy Policy

Last Updated: [03 Jan 2026]
This Privacy Policy sets out the manner in which iConceive India (“Company”, “we”, “us”, “our”) collects, uses, processes, stores, shares, and protects Personal Data of users of its IVF Clinic Management Software (“Software”). The Software enables, among other functions, fertility cycle monitoring, appointment booking, treatment cycle management, fertility injections tracking, communication between patients and clinics, medical records management, and related clinical workflow services.
This Privacy Policy is drafted in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian laws. By accessing, installing, or using the Software, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.

1. Definitions

For purposes of this Privacy Policy:

  • “Personal Data” means any data about an individual who is identifiable by or in relation to such data;
  • “Sensitive Personal Data” includes, without limitation, health-related information, medical records, reproductive health data, fertility treatment data, genetic data, biometric data, and any other category that may be classified as sensitive under applicable laws;
  • “Data Principal” refers to the individual to whom the Personal Data relates;
  •  “Data Fiduciary” refers to the Company, which determines the purpose and means of processing Personal Data;
  •  “Data Processor” means either data and/or any third party engaged by the Company to process Personal Data on its behalf;

2. Scope and Application

  • This Privacy Policy applies to:
  • Patients using the Software directly,
  • Patients registered or onboarded by fertility clinics,
  • Clinic administrators and authorized medical professionals,
  • Any individual accessing or using the Software or submitting Personal Data.
  • This Policy does not apply to anonymised data, aggregated datasets, or data rendered incapable of identifying an individual.

3. Categories of Personal Data Collected

We may collect and process the following categories of Personal Data:

Identity and Contact Information

  • Full name
  • Age and date of birth
  • Gender
  • Contact number
  • Email address
  • Residential address
  • Identity verification details (if required by a clinic)

Health and Medical Information

  • Fertility history and treatment details
  • Hormone levels and diagnostic reports
  • Ultrasound scans and medical imaging
  • IVF/ICSI cycle tracking information
  • Medication and injection schedules
  • Doctor notes, prognosis, and treatment plans
  • Menstrual cycle data
  • Pregnancy test results

Technical and Usage Information

  • Device identifiers
  • IP address
  • Application usage logs
  • Login logs and timestamps
  • Cookies and analytics data
  • Financial Information (if applicable)
  • Payment method details (excluding full card numbers)
  • Transaction records

Communications

  • In-app messages between patients and clinics
  • Support queries and call records

4. Lawful Basis for Processing

  • We process Personal Data only when one or more of the following lawful bases exist:
  • Consent obtained from the Data Principal for specific purposes.
  • Performance of a clinical or service contract with the Data Principal.
  • Compliance with legal obligations, including medical record retention requirements.
  • Legitimate interests of the Company or the clinic, provided such interests do not override the rights of the Data Principal.

5. Purpose of Processing Personal Data

  • Your Personal Data may be processed for the following purposes:
  • Creating and managing user accounts.
  • Enabling IVF cycle monitoring and treatment tracking.
  • Scheduling, modifying, and managing appointments.
  • Maintaining electronic medical records.
  • Facilitating communication between patients and clinics.
  • Providing treatment schedules, medication reminders, and alerts.
  • Processing payments and billing.
  • Ensuring clinical compliance, audit, and medical documentation.
  • Improving Software performance and user experience.
  • Detecting and preventing fraud or unauthorized access.
  • Responding to support requests, queries, and grievances.We will process Sensitive Personal Data strictly for purposes necessary for clinical care, diagnostics, treatment facilitation, and as permitted under the DPDP Act.

6. Consent Framework

  • We obtain consent in a clear, specific, informed, and unambiguous manner, including electronically.
  • Data Principals have the right to withdraw consent at any time. However, withdrawal of consent may affect ongoing treatment or limit the ability to use certain Software features.
  • We may continue to retain certain medical records as required under Indian laws, even after withdrawal of consent.

7 . Disclosure and Sharing of Personal Data

We may share Personal Data only under the following circumstances:

  • With Fertility Clinics and Authorized Medical Professionals to provide treatment, consultations, diagnostics, or follow-up care.
  • With Third-Party Service Providers Such as:
  • Cloud hosting providers
  • IT security providers
  • Laboratory partners
  • Payment gateways
  • Each such entity acts as a Data Processor and is contractually bound to maintain confidentiality and comply with security requirements.
  • With Government or Regulatory Authorities when required under law, court order, or
    medical regulatory obligations.
  • For Legal or Compliance Purposes to detect fraud, enforce rights, or protect the
    interests of patients and clinics.
  • We do not sell, rent, or trade Personal Data to third parties.

8. Cross-Border Data Transfer

If Personal Data is transferred outside India for hosting, processing, or storage, such transfer shall be carried out only:

  • In compliance with the DPDP Act;
  • With appropriate technical and contractual safeguards;
  • To jurisdictions permitted under applicable Indian laws.

8. Data Retention

  • We retain Personal Data only for as long as necessary for:
  • Providing services;
  • Fulfilling medical record retention obligations under Indian law;
  • Complying with legal or regulatory requirements;
  • Handling disputes and enforcing rights.
  • Upon expiry of the retention period, Personal Data shall be securely deleted, anonymised, or archived.

9. Data Retention

  • We retain Personal Data only for as long as necessary for:
  • Providing services;
  • Fulfilling medical record retention obligations under Indian law;
  • Complying with legal or regulatory requirements;
  • Handling disputes and enforcing rights.
  • Upon expiry of the retention period, Personal Data shall be securely deleted, anonymised, or archived.

10. Data Security Measures

  • We implement reasonable technical, organizational, and administrative security safeguards to protect Personal Data, including:
  • Encryption of data in transit and at rest,
  • Access control and role-based permissions,
  • Multi-factor authentication for clinic users,
  • Regular security audits and penetration testing,
  • Secure cloud hosting with redundancy,
  • Logging and monitoring of system access.
  • No system is entirely free from risk, but we adopt industry-standard practices to
    reduce risk of unauthorized access, disclosure, alteration, or destruction of Personal
    Data.

11. Data Principal Rights

  • Data Principals are entitled to exercise the following rights under the DPDP Act:
  • Right to Access Personal Data processed.
  • Right to Correction and Updating of inaccurate or incomplete data.
  • Right to Erasure subject to legal retention requirements.
  •  Right to Data Portability where technically feasible.
  • Right to Withdraw Consent without affecting past processing done lawfully.
  • Right to Nominate another individual to exercise rights in the event of death or incapacity.
  • Requests for exercising rights may be submitted to the Grievance Officer.

 

12. Children’s Privacy

  • If Personal Data of minors is processed for fertility-related treatment of parents, such processing shall be undertaken strictly with the consent of the parent or lawful guardian and in compliance with applicable laws.

13. Grievance Redressal

We have designated a Grievance Officer in compliance with the DPDP Act. Any request, complaint, or concern relating to Personal Data may be addressed to:

Name: [Insert Name]

Email: [Insert Email Address]

Address: [Insert Office Address]

Response Time: Not exceeding 90 days.

14. Updates to this Privacy Policy

We reserve the right to update, modify, or amend this Privacy Policy at any time. Material changes will be communicated through the Software or via email. Continued use of the Software after publication of changes shall constitute deemed acceptance of the updated Policy.

15. Governing Law and Jurisdiction

This Privacy Policy shall be governed by and interpreted in accordance with the laws of India. Any disputes arising out of or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the courts situated in New Delhi, India.

16. Contact Information

For any questions regarding this Privacy Policy or data protection practices, you may contact us at:

Email: [Insert Email]

Phone: [Insert Number]

Address: [Insert Address]

 

keyboard_arrow_up