Tymli Health - Privacy Policy

Effective Date: December 1, 2025

Entity: TechNeat Info Solutions Pvt. Ltd. ("TechNeat", "we", "our", "us")

Jurisdiction: India

TechNeat is committed to safeguarding your personal and health information in compliance with applicable Indian laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("IT Rules"), and the Digital Personal Data Protection Act, 2023 ("DPDPA 2023").

By using the Tymli Health application, website, or services ("Services"), you consent to the collection, processing, storage, sharing, and use of your information as described in this Privacy Policy.

1. Applicability

  • This Privacy Policy applies to all users of Tymli Services within India, including patients, caregivers, healthcare professionals, and others who interact with the platform.
  • It governs all personal data and Sensitive Personal Data or Information (SPDI) as defined under Indian law (e.g., health information, personal data, financial data).

2. Consent

  • By registering and using the Services, you provide free, specific, informed, and consent to the collection and processing of your personal data.
  • You may withdraw your consent at any time by writing to us at privacy@tymlihealth.com. Withdrawal may limit or disable access to certain features.
  • Some processing (for legal, compliance, or security purposes) may continue even after withdrawal, in accordance with Indian law.

3. Information We Collect

(a) Personal Information

  • Name, date of birth, gender, contact details (phone and email), relationship.

(b) Sensitive Personal Data or Information (SPDI)

  • Health data: medical history, prescriptions, lab results, diagnostic reports, discharge summaries
  • Images of medical documents you upload (prescriptions, lab reports, scans)
  • General health vitals like body weight, blood group, allergies, past medical conditions, surgeries.
  • Financial/payment information (e.g. UPI, credit card, debit card, G-pay)

(c) Technical/Device Data

  • Device identifiers, IP address, OS version, app version
  • Usage analytics, crash reports, cookies, and session data

We only collect information necessary for delivering the Services, improving the Services or as required by Indian law.

4. Purpose of Collection & Use

Your data will be used for:

  • Delivering healthcare record management services, including digitization, organization and secure storage of your health documents
  • Facilitating consultations, appointments, lab integrations, pharmacy services (where applicable)
  • Personalizing your experience and providing health reminders/alerts
  • Processing payments (when applicable)
  • Analytics, research, and product improvement (only using anonymized or aggregated data)
  • Ensuring compliance with Indian laws and responding to lawful requests from authorities
  • Protecting against fraud, misuse, or unauthorized access

We do NOT sell your data to any third parties or use your personal and health data for advertising.

5. Data Sharing & Disclosure

We may share your data with:

  • Healthcare providers: only with your consent or request
  • Service providers & partners:
    • We share your payment information with RazorPay to process your payments. We do not share your payment information with any other third parties.
    • We share extracted medical information from your medical documents with Google (to use their Gemini AI engine) to generate summary information.
  • Government bodies & regulators: if mandated under Indian law (e.g., court orders, law enforcement)
  • Business transfers: if Tymli app undergoes merger, acquisition, or restructuring

We do NOT disclose your personally identifiable health data without your consent, except where required by law.

6. Data Retention

  • We retain your personal and health information only as long as necessary for providing Services, complying with Indian laws, or resolving disputes.
  • You may request account deletion and data erasure by contacting us at privacy@tymlihealth.com.
  • Some data may be retained for statutory record-keeping (e.g., under healthcare regulations).

7. Security Practices

We follow reasonable security practices and procedures as per Rule 8 of the IT Rules, 2011, including:

  • Encryption of data at rest and in transit
  • Access controls and authentication
  • Security audits, penetration tests, and monitoring – as needed

Despite safeguards, no system is 100% secure. We will notify users and relevant authorities of any data breach as required under the DPDPA 2023.

8. Your Rights (as per DPDPA 2023)

As a data principal in India, you have the right to:

  • Access: request a copy of your personal data
  • Correction: request updates or corrections to inaccurate data
  • Erasure: request deletion of your personal data
  • Consent withdrawal: revoke permissions previously granted
  • Grievance redressal: approach our Grievance Officer (details below)

Requests may be subject to verification and applicable legal limits.

9. Children's Privacy

  • Our Services are intended for users 18 years and older.
  • For minors (under 18), parental/guardian consent is required to use the Services.
  • We do not knowingly collect health data from children without proper consent.

10. Updates to Policy

We may update this Privacy Policy from time to time to comply with Indian laws or service changes. Updated versions will be available in-app and on our website.

11. Contact & Grievance Officer

As per the IT Rules, 2011 and DPDPA 2023, we have appointed a Grievance Officer:

Grievance Officer

TechNeat Info Solutions Pvt. Ltd

Email: privacy@tymlihealth.com

Address: No. 14, North Mada Street, Srinagar, Saidapet, Chennai – 600032. India.

Response Time: Within 15 days of receiving a complaint/request

12. Governing Law & Jurisdiction

This Privacy Policy is governed by the laws of India. Any disputes shall be subject to the exclusive jurisdiction of courts in Chennai, Tamil Nadu.