Classic Diagnostics ("we", "us", "our") operates classicdiagnostics.in and provides diagnostic services across Delhi & Noida. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over your data. By using our website or services, you agree to this Policy.
We are committed to safeguarding the privacy of every patient and visitor in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act), the Indian Medical Council (Professional Conduct) Regulations, and all applicable patient-confidentiality laws.
1. Information we collect
1.1 Information you provide directly
- Identity & contact details — name, age, gender, phone, email, postal address.
- Health information — referring doctor, prescriptions, medical history relevant to the test ordered, sample-collection address, test results.
- Payment details — billed at the time of test; we use third-party payment gateways and do not store full card / bank credentials.
- Communication — messages you send via contact forms, WhatsApp, email or phone.
1.2 Information collected automatically
- Usage data — pages visited, time on page, referrer, device type, browser — collected via Google Analytics only if you consent to analytics cookies.
- Cookies & similar technologies — essential cookies for site functionality and your selected location; analytics cookies only after consent (see Section 5).
1.3 What this website collects — and the specific purpose for each item
This website is our public information and enquiry site. The personal data it collects, and the exact purpose of each, is:
| Data item | Collected via | Purpose |
|---|---|---|
| Name | Contact / feedback / complaint forms | To address you and respond to your enquiry. |
| Mobile number | Contact / feedback / complaint forms | To call or message you back about your enquiry/booking. |
| Email address | Contact / feedback / complaint forms | To reply to your enquiry and send information you request. |
| City & message | Contact / complaint forms | To understand and route your request to the right team. |
| Usage & analytics data | Cookies (only with consent) | To understand site usage in aggregate and improve the website. |
| Consent record (time, IP, version) | Automatically on form submission | To keep an auditable record that you gave consent, as the law requires. |
Detailed clinical information (prescriptions, sample details, test results) is collected at the centre or by phone and held in our separate, access-controlled laboratory system — not on this public website.
2. How we use your information
- To schedule, perform and deliver the diagnostic tests you book.
- To share reports with you and (with your consent) with your treating doctor.
- To process payments and issue invoices.
- To contact you about appointments, sample collection, reports, and follow-ups.
- To comply with legal, regulatory and accreditation requirements (NABL, ICMR, statutory reporting of notifiable diseases).
- To improve our services, website and patient experience.
3. Who we share your information with
We do not sell your personal or health data to anyone. Sharing happens only in the following limited situations:
- Your treating doctor — when you provide their details at the time of booking.
- Empanelled health schemes (CGHS, ECHS, ONGC, BHEL etc.) and your insurance provider — only the information required for claim processing.
- Service providers — payment gateways, SMS/email delivery, cloud hosting, all under strict confidentiality agreements.
- Statutory authorities — when required by law (e.g. notifiable infectious diseases, court orders).
4. How we protect your data
- All reports are stored on encrypted servers with access restricted to authorised personnel only.
- HTTPS / TLS encryption on every page of our website.
- Strict role-based access control inside the lab management system.
- Regular security reviews and staff training on patient-data confidentiality.
- Physical samples are processed in our NABL-accredited lab under barcoded chain-of-custody.
5. Cookies & tracking
When you first visit, a consent banner lets you choose which categories of cookies to allow. Analytics and marketing cookies do not load until you opt in. The categories are:
- Essential cookies (always on) — site functionality, your selected location (Delhi / Noida), session management and security. These do not track you.
- Analytics cookies (off by default) — Google Analytics with IP anonymisation, and aggregate performance metrics, to understand site usage. Loaded only with your consent.
- Marketing cookies (off by default) — not currently used; reserved for any future campaigns and would require your consent.
You can change your choice at any time using the Cookie Preferences link in the footer, or by clearing cookies in your browser. Withdrawing analytics consent is as easy as giving it.
6. Your rights under the DPDP Act
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or outdated information.
- Withdraw consent for non-essential processing (e.g. promotional communications) at any time.
- Request deletion (erasure) of personal data, subject to legal retention requirements applicable to medical records.
- Nominate another person to exercise these rights on your behalf in the event of your death or incapacity.
- Grievance redressal — raise a complaint with our Grievance Officer (details below). You should use this internal channel first before escalating to the Data Protection Board of India.
To exercise any of these rights, use our Data Rights Request form or email our Grievance Officer. We respond within the statutory period (up to 90 days), usually much sooner.
7. Data retention
We keep personal data only for as long as needed for the purpose it was collected, plus any period the law independently requires:
- Website enquiries / feedback / complaints — retained for up to 24 months, then automatically erased, unless you ask us to delete them sooner.
- Diagnostic reports & clinical records (held in our laboratory system, not this website) — retained for at least 3 years in line with NABL norms and the Clinical Establishments (Registration and Regulation) Act.
- Consent records — retained as an audit trail for as long as required to demonstrate lawful processing.
8. Children's data
Tests for children under 18 are booked and consented to by a parent or legal guardian. We do not knowingly collect data directly from minors.
9. Changes to this Policy
We may update this Policy from time to time. Significant changes will be notified on this page and, where appropriate, by email to registered patients. The "Last updated" date at the top of this page always reflects the most recent revision.
10. Contact & grievance redressal
Email: [email protected]
Phone: 0120 434 4900
Response time: within 30 days of receipt.