Privacy Policy

DIAREV Health Pvt. Ltd. operates doctor-guided lifestyle disease-reversal camps, events, a 1-Year Support Plan, and a wellness shop. We act as the “Data Fiduciary” for the personal data we process.

By creating an account, booking a camp or event, enrolling in the Support Plan, submitting a form, or otherwise using our services, you consent to the collection and processing of your information as described in this policy. Where we process sensitive personal data such as health information, we rely on your explicit consent, which you may withdraw at any time (see “Your rights” below).

We collect the following categories of information:

• Identity & contact data: name, age, gender, phone number, WhatsApp number, email address, residential address, city/state, and emergency-contact details.
• Health & sensitive personal data: medical history, current medicines, allergies, diagnostic reports, blood-sugar readings, blood-pressure readings, weight records, lifestyle details, and other health metrics you choose to share. This is treated as Sensitive Personal Data or Information under the IT (Reasonable Security Practices) Rules, 2011 and is processed only with your explicit consent to deliver and personalise our medical lifestyle programmes.
• Booking & transaction data: camp/session and occupancy selected, program preferences, payment plan, amounts, and payment references (Razorpay order, payment, and refund IDs). We do not store your card, UPI, or bank details.
• Account data: authentication identifiers managed via Firebase Authentication (e.g. user ID, sign-in method).
• User-generated content: testimonials, reviews, ratings, before/after progress details, health-journey stories, and photos you submit.
• Communications: contact-form, callback, and enquiry messages, WhatsApp/phone/email correspondence, and newsletter subscriptions.
• Technical & usage data: device, browser, IP address, and analytics events collected via cookies and similar technologies (Google Analytics and Vercel Analytics).

• To provide, schedule, and manage camp bookings, events, Support Plan enrollments, and shop orders.
• To process payments and refunds through our payment partner.
• To personalise and deliver our medical lifestyle programmes and let our medical team prepare for your care.
• To communicate confirmations, reminders, service updates, and (with consent) marketing.
• To respond to enquiries, provide support, and handle grievances.
• To maintain security, prevent fraud, and comply with legal and regulatory obligations.
• To analyse and improve our website and services (analytics is used only after you accept analytics cookies).

We process your data on the basis of your consent and for the legitimate uses permitted under the Digital Personal Data Protection Act, 2023, including providing a service you have requested and complying with the law. You may withdraw consent at any time; withdrawal does not affect processing already carried out.

We do not sell your personal or medical data. We share it only with trusted parties who process it on our behalf or as required to deliver our services, under appropriate safeguards:

• Our medical team of certified doctors and nurses, and program coordinators — to deliver consultation, your programme, and care.
• Razorpay — payment processing (PCI-DSS compliant; card/UPI details are handled directly by Razorpay, not by us).
• Google / Firebase & Google Cloud — authentication, database, file storage, and infrastructure.
• Google Analytics and Vercel — website hosting and usage analytics.
• Email and SMS providers — to send confirmations, reminders, and notices.
• Diagnostic and technology partners — where needed for report review or service delivery.
• Legal & regulatory authorities — where required by law, court order, or to protect legal rights, safety, fraud prevention, or dispute resolution.

We use strictly necessary cookies to operate the site, and analytics cookies (via Google Analytics) only after you accept them through our cookie banner. You can change your choice at any time by clearing your browser’s site data. Vercel Analytics is privacy-friendly and does not use cookies to identify you.

DIAREV may collect or request patient photos, videos, feedback, reviews, written testimonials, before-and-after progress details, health-journey stories, or success stories for educational, awareness, or promotional purposes. Such material is used for promotional purposes only with your consent. You have the right to refuse permission for promotional use of your image, video, name, voice, health journey, or testimonial, and refusal will not affect your eligibility to receive DIAREV services. If you previously gave consent, you may ask us to stop future use; we will make reasonable efforts to do so, though material already printed, published, shared, or archived on third-party platforms may not always be fully removable.

By submitting an enquiry, booking a program, sharing contact details, making a payment, joining a session, or communicating with us, you agree to receive communication through phone calls, WhatsApp, SMS, email, online meeting links, or other channels — including program details, consultation updates, reminders, payment confirmations, health follow-up, report-submission reminders, educational content, and service information. These channels are for non-emergency communication only. You are responsible for providing correct, active contact details. You may opt out of promotional communication at any time; however, we may still send essential service-related messages about active programs, payments, follow-ups, safety, or legal and administrative matters.

All content on the DIAREV website — including blogs, videos, recipes, health tips, articles, testimonials, FAQs, and program descriptions — is provided for general awareness, education, and information only. It is not personal medical advice, diagnosis, prescription, or a replacement for consultation with a qualified medical practitioner. Every person’s medical condition is different; do not start, stop, reduce, increase, or change any medicine, diet, supplement, exercise, or treatment based only on website content. Consult a qualified doctor before applying any health-related information, especially if you have a chronic condition, are pregnant, are elderly, or are taking prescribed medicines.

We retain your personal data only for as long as necessary to fulfil the purposes described here, including to provide services, maintain medical and transaction records, and meet legal, tax, and accounting obligations. When data is no longer required, we delete or anonymise it.

We implement reasonable security practices and procedures in line with the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 — including access controls, encryption in transit, and vetted processors. Payment information is handled exclusively by our PCI-DSS compliant payment partner. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.

Subject to applicable law, you have the right to:

• Access a summary of the personal data we process about you.
• Request correction, completion, or updating of inaccurate data.
• Request erasure of your data where it is no longer needed.
• Withdraw consent to processing (including marketing and analytics).
• Nominate another individual to exercise your rights in case of death or incapacity.
• Raise a grievance with our Grievance Officer (below) and, if unresolved, with the Data Protection Board of India.

To exercise any right, contact us using the details in the grievance section.

Our services and bookings are intended for individuals aged 18 and above. We do not knowingly collect personal data of children. If you believe a child has provided us data, contact us and we will delete it.

Some of our processors (such as Google and Vercel) may store or process data on servers located outside India. Where this happens, we take steps to ensure your data continues to be protected and transfers comply with applicable Indian law.

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date above. Continued use of our services after an update constitutes acceptance of the revised policy.

This policy is governed by the laws of India. See also our Terms & Conditions and Cancellation & Refund Policy.