Privacy Policy of Medi Assist Insurance TPA Pvt. Ltd.

This Privacy Policy sets out how we use and protect any information that you share with us when you use this website/mobile application. The purpose of this Privacy Policy (as amended from time to time) is to give you an understanding on how we intend to collect, store, transfer, disclose, process and use the information you provide to us through our platform.

We are committed to ensuring that your privacy is protected at all times. We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are in agreement with all such updated terms and conditions or changes.

The term ‘Company’ or ‘us’ or ‘we’ refers to Medi Assist Insurance TPA Private Limited having its registered office at Tower D, 4th Floor, IBC Knowledge Park, 4/1 Bannerghatta Road, Bangalore – 560029 India and the terms ‘you’ or ‘your’ refer to the Registered Users or viewers including hospitals, healthcare providers, insured customers, patients etc. of our website/mobile application or portal. The use of this platform is subject to the following terms of use.

By providing your information to us, you hereby consent to the collection, storage, disclosure, processing and transfer of such information for the purposes as disclosed in this Policy. You are providing the information out of your free will. You have the option not to provide the data or Personal Information or Sensitive Personal Data or Information sought to be collected if you do not agree with this Policy.

  1. Collection of Information and Usage:

    We may collect certain Personal Information, Sensitive Personal Data or Information from you while using our website or directly from the concerned insurer and your employer, if applicable.

    Personal Information means any information that relates to you and may include date of birth, employee code, email address, residential address, mobile number, alternate telephone number, etc.

    Further, you would be required to give us certain Sensitive Personal Data or Information about you, Sensitive Personal Data or Information shall mean such personal information which consists of information relating to;-

    1. financial information such as bank account or any other payment instrument details;
    2. physical, physiological and mental health condition;
    3. medical records and history;
    4. any detail relating to the above clauses as provided to body corporate for providing service; and
    5. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise:

    Provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as Sensitive Personal Data or Information.

    We inform you that our website may collect certain Personal Information and/or Sensitive Personal Data or Information about you such as medical and health records including but not limited to your prescription, test reports, past medical history, etc. We understand that the Personal Information and/or Sensitive Personal Data or Information is extremely private to you and assure you that it will be used only for providing required healthcare services as mutually agreed to be rendered by us.

    While using our website and for availing any of our services you would be required to give us your Personal Information and/or Sensitive Personal Data or Information​.This could be done post login on our website using the credentials given by us, which will be shared with you by email, which is unique to you and you will be required to change the password at the time of first login.

  2. Access:

    You may be given the privilege to upload and store your medical and health records on our website to which only you shall have access to by using your unique username. This will help you have access to all your medical and health records. We would like to reiterate that barring you, no one shall have access to these records except to the parties as mentioned in the Clause 5 of this Privacy Policy and the same shall be transmitted by us in encrypted form to avoid being hacked and decoded.

  3. Purpose for which Personal Information and/or Sensitive Personal Data or Information is collected and processed:

    We would like to state that we collect Personal Information and/or Sensitive Personal Data or Information that is absolutely necessary and relevant for us to make your experience hassle-free, convenient, smooth and most importantly, safe. This will also help us in providing you with customized services, assist you with all your queries, resolve the issues faced by you, to follow up with you in order to ensure a long, sustained relationship and most importantly to safeguard you from any kind of fraudulent and unlawful usage.

    Personal Information and/or Sensitive Personal Data or Information may be collected by us directly from you for the purpose of processing your medical claims (both, cashless and/or reimbursement) and/or extending cashless facility to you.

    For the purpose of extending cashless facility and to ensure your stay at and discharge from the network provider / hospital is seamless, we, through our hospital portal, require certain Personal Information and/or Sensitive Personal Data or Information about you to be provided to us by our network provider(s). This Personal Information and/or Sensitive Personal Data or Information shall be collected by us from the concerned network provider(s) through our hospital portal

    Further, for the purpose of processing a reimbursement medical claim, we collect certain Personal Information and/or Sensitive Personal Data or Information about you including but not limited to physical originals / photocopies of medical and health reports, discharge summaries, invoices etc. as issued by network provider(s) or non-network provider(s) to you and as submitted to our designated offices by you.

    We use data collection methods / mechanisms such as "Cookies" on certain pages of the website to help analyse our web page flow and promote trust and safety. "Cookies" are small files placed on your hard drive that assist us in providing our services. We offer certain features that are only available through the use of "Cookies".

  4. Use of Cookies:

    We also use “Cookies” to allow you to enter your password less frequently during a session. Most “Cookies” are “Session Cookies”, meaning that they are automatically deleted from your hard drive at the end of a session. A cookie is a small file which asks permission to be placed on your computers/mobile phone’s hard drive. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our portal in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better user experience, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to any information stored on your computer, mobile phone or any device through which you access the portal. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the portal.

  5. Data Storage:

    All your Personal Information and/or Sensitive Personal Data or Information is hosted and/or processed by us at the Company’s data centers located at our registered office situated at Bangalore, India or at such location(s) in India as the Company may so desire to store.

    Your Personal Information and/or Sensitive Personal Data or Information is retained by us only for the purpose of providing the required services or for historical or statistical or legal purposes and such retention shall be for a period as required under applicable law.

  6. Transfer / Sharing of Information:

    We respect your privacy and hereby declare we do not transfer and / or disclose your Personal Information and/or Sensitive Personal Data or Information except as under:

    • To law enforcement agencies in connection with an investigation having the interest of general public at large, after having been approved by the due process of law;
    • To our associates and affiliates to help detect and prevent fraud, identity theft and other illegal activities, correlate related or multiple accounts to prevent abuse of our services; and to facilitate joint or co-branded services that you request where such services are provided by more than one corporate entity;
    • To our full time employees and associates on a need to know basis for the purpose of enabling the Company to provide the necessary services to you;
    • We shall also share such information with our associates or affiliates should the Company decide to undergo restructuring in anyway or is acquired by any other entity and ensure that in such an event the other entity continues to follow this policy strictly;
    • With the concerned insurer;
    • With your employer, if applicable, and on receipt of a formal request from your employer and upon receipt of necessary approval(s).
  7. Advertisements and links to third-party websites:

    Our website may contain certain advertisements and links to third-party websites. We would like to clarify that we do not control or guarantee the accuracy, safety and integrity of the Personal Information and/or Sensitive Personal Data or Information you provide, if you choose to, share your information with these advertisers and third-party websites. It is, therefore, advised that you go through their terms and conditions and privacy policy before providing any Personal Information and/or Sensitive Personal Data or Information about you on these websites.

  8. Safety Precautions:

    We have stringent, strong, security measures undertaken to ensure against the loss, misuse or alteration of your Personal Information and/or Sensitive Personal Data or Information shared with us. We shall take all necessary precautions to safeguard your information and protect it from any unauthorized use. We have SSL Certificate issued by trusted certification authority and other safety measures in place to safeguard your information with us against any theft or unlawful usage or modification thereof. You are advised, however, that internet technology is not 100% safe and you should exercise discretion on using the same. The Information Security Management System of the Company conforms to the ISO 27001:2013 standard.

  9. Consent:

    By using our website and providing your Personal Information and/or Sensitive Personal Data or Information, you hereby consent to the collection, storage, disclosure, transfer, processing and usage of your Personal Information and/or Sensitive Personal Data or Information by us as per the terms of this Privacy Policy. Kindly frequent this section to keep yourself updated of any changes made by us in the Privacy Policy.

    You hereby confirm to the Company that wherever applicable you have taken necessary consent from your family members and/or your dependents for submission of their Personal Information and/or Sensitive Personal Data or Information with us.

    Right to opt out: The Company respects your privacy considerations and hence provides an option to you, to not provide the Personal Information and/or Sensitive Personal Data or Information sought to be collected. Further, you can also withdraw your consent which was earlier given to the Company, and the same must be communicated to the Company in writing. However, we inform you that on your electing to opt out (as envisaged in this section) or on withdrawal of your consent, the Company may not be in a position to provide you necessary services / benefits for which the Personal Information and/or Sensitive Personal Data or Information was sought to be collected.
    Further, you will have the option to not provide your consent, or withdraw any consent given earlier, provided that the decision to not provide consent / withdrawal of the consent is communicated to us at grievance.officer@mediassist.in

  10. Grievance Officer:

    The name and contact details of the Grievance Officer is provided hereunder to address all your queries and grievances in accordance with the Information Technology Act, 2000, and Rules made thereunder.

    Grievance Officer: Mr. Ganesh K (Chief Administrative Officer)
    Email address: grievance.officer@mediassist.in
    Contact no: +91 80 4969 8000
    Address: Medi Assist Insurance TPA Private Limited, Tower D, 4th Floor, IBC Knowledge Park, 4/1 Bannerghatta Road, Bangalore - 560029

    If you have any reason to believe that we or any company associated with us has misused any of your Personal Information and/or Sensitive Personal Data or Information please contact us immediately and report such misuse.

    We can address any questions, comments and concerns about our online privacy practices and policy. Please write to our Grievance Officer at the above mentioned email address.

  11. Governing law:

    If you choose to visit our website, your visit and any dispute over privacy is subject to this Privacy Policy and the website's terms of use. In addition to the foregoing, any disputes arising under this Privacy Policy shall be governed by the laws of India.

    This Privacy Policy is compliant with the provisions of The Information Technology Act, 2000 and Rules made thereunder including any modifications or amendments made thereto. The Company may made necessary changes to this Privacy Policy consequent upon any changes or modification in the law. It is hence imperative that you frequently read this Privacy Policy to keep yourself updated of any changes made by us.

Corporate Social Responsibility Policy

This policy has been formulated based on the Corporate Social Responsibility (CSR) philosophy of Medi Assist Insurance TPA Private Limited and provisions of Section 135 of the Companies Act, 2013, read with Schedule VII of the Companies Act, 2013 and Companies (Corporate Social Responsibility Policy) Rules, 2013. This policy will at all times be subject to the provisions of the aforesaid act and rules (as amended from time to time). This Policy will come into force with immediate effect.

Overview and CSR Philosophy

Medi Assist Insurance TPA Private Limited (“Medi Assist” or “Company”) believes in a philosophy of adopting sustainable business practices which are beneficial to the various stakeholders including the society. Through its corporate values, Medi Assist constantly endeavours to actively contribute to the social and economic development of the communities in which it operates.

Medi Assist has always believed in giving back to the society and recognized its role and responsibility as a corporate citizen. Medi Assist has social values ingrained into its culture and manner of working. Medi Assist has been participating in various CSR initiatives over the years even before CSR spending came to be mandated under law.

To further the Company’s CSR philosophy, a formal policy on CSR is being formulated to align its practices with requirements of Companies Act, 2013 and rules made thereunder.

CSR Projects, Programs and Activities

Medi Assist may undertake various CSR projects, programs and activities from time to time. Medi Assist may also contribute towards any existing or ongoing CSR projects, programs and activities. Such projects, programs and activities will be undertaken keeping in mind the CSR philosophy of the Company and in alignment with the permissible activities under the Companies Act, 2013 and rules framed under (as amended from time to time). It shall be at the discretion of the Company to undertake, modify, implement and cancel CSR projects, programs and activities from time to time as it deems fit.

Without prejudice to the generality of the aforesaid, Medi Assist may from time to time undertake any project, program and activity on one or more of the following areas:

  • Supporting treatment of underprivileged and promoting awareness of healthcare including preventive health care through various activities including organizing campaigns, awareness sessions, events, marathons, etc. with reference to various chronic disease such as cancer, diabetes, hypertension, cardiac, etc.
  • Promoting education, including special education and employment enhancing vocational skills through various activities including organizing development projects/programs and livelihood enhancement projects.
  • Any other projects, programs and activities falling within the permissible activities prescribed under Companies Act, 2013, rules made thereunder, any circular/notification/guidelines/clarification issued thereunder including any amendment or modifications.

Mode of carrying out CSR activities

Medi Assist may carry out the CSR activities either on its own, or through a registered trust or registered society or through a company registered under Section 8 of the Companies Act, 2013 by the Company or its holding or subsidiary or associate company or through one or more of the modes in such manner as it deems fit. Medi Assist may also collaborate with other companies for undertaking projects, programs and activities in such manner as it deems fit.

CSR Committee

The Board of Directors of the Company shall constitute a committee called the “Corporate Social Responsibility Committee” (“CSR Committee”) in accordance with the provisions of Companies Act, 2013 and rules made thereunder. The CSR Committee will consist of 3 or more directors or such other number of directors as the Board of Directors of the Company may determine from time to time. The Board of Directors may change the composition of the CSR Committee from time to time in such manner as it thinks fit.

Subject to provisions of Companies Act, 2013 and rules made thereunder, the CSR Committee may meet at such intervals, in such manner and may carry out matters in such manner and function generally as per such guidelines as it deems fit.

The CSR Committee shall have, inter alia, the following roles, powers and responsibility:

  1. Formulate and recommend the CSR Policy and any amendments therein to the Board of Directors of the Company
  2. Develop and approve various CSR projects, programs and activities to be undertaken from time to time either directly by the Company or through other entities
  3. Determine modalities of execution of such CSR projects, programs and activities
  4. Undertake all necessary steps to implement the CSR activities
  5. Authorise and approve CSR expenditure from time to time subject to the limits approved by the Board of Directors
  6. Monitor the CSR activities in such manner as it deems fit
  7. Carry out all such acts, deeds, matters and things as may be required in connection with aforesaid matters and generally for any matter connected with the CSR policy of the Company
  8. To perform such functions as may be entrusted by the Board of Directors from time to time.

CSR Spending

The Company may, in every financial year, spend such amounts on its CSR activities as the CSR Committee may authorise from time to time subject to the limits as approved by the Board of Directors.

Any surplus arising out of CSR projects, programs and activities shall not form part of the business profits of the Company.

Monitoring Process

CSR Committee shall monitor the implementation of various programs, projects and activities in such manner as it deems fit. CSR Committee shall also determine the manner of submission of information, reports, files, etc. by third parties as a part of the monitoring process. CSR Committee shall ensure that a transparent monitoring mechanism is put in place.


Without prejudice to the generality of the contents of this policy, the Company may undertake CSR projects, programs and activities as permitted under the framework of Companies Act, 2013 from time to time (including any amendments, clarifications, circulars, notifications or other official communications from time to time). The Company may also carry out the purposes of this CSR policy in accordance with any amended position of law from time to time notwithstanding that such amended position is not reflected in this policy.