PRIVACY POLICY
We are dedicated to safeguarding and preserving your privacy during any of your interactions with us. This Privacy Policy explains what happens to any personal information that you provide to us, or that we collect from you.
Last Updated: August 21st, 2025
​​​
1. Introduction
MG Health Tech Inc. (“MG Health Tech,” “we,” “us,” or “our”) is committed to safeguarding your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, store, disclose, and protect your information when you use our mobile application, related web services, and connected wearable devices. By using our application, you agree to the terms of this Privacy Policy. This policy applies to all users worldwide, regardless of location.
2. Definitions
​a) Protected Health Information (PHI)
I. ​This refers to any individually identifiable health information
II. ​Any individually identifiable health information that is created, received, maintained, or transmitted by our mobile application, web application and includes an individual’s past present or future physical and mental health or condition
b) Health Data
Information related to an individual's health status, medical history and other health-related information that can identify an individual and includes vital signs such as heart rate, blood pressure and respiratory rate in addition to health history, medical records, and health related information.
c) Personal Data
Refers to any information that can identify an individual and is related to their use of this application. This includes:
I. Identifying Information: Name, address, email address, phone number, date of birth, and other contact details.
II. Technical Information: Device identifiers, IP addresses, browser type, and usage data related to the application.
III. Account Information: Usernames, passwords, and other credentials used to access the application.
IV. Preferences and Settings: User preferences, settings, and configurations within the application.
V. Interaction Data: Records of interactions with customer support, feedback, and communication history.
VI. Third-Party Service Providers: External organizations that assist us in providing our services may have access to your data. These include but are not limited to infrastructure providers, Analytics providers, customer support services, security services, payment processers, marketing and communication services, wearable device manufacturers and compliance and legal service providers.
3. Information We Collect
We may collect and process the following types of information:
​a) Personal Data - Personal data is collected when you
I. ​Register or interact with our application.
II. ​Contact our customer support.
III. ​Automatically through device analytics.
This includes any information that identifies you as an individual or relates to you, including but not limited to:
1. Name
2. Contact information (email address, phone number)
3. Technical access details (such as your device or browser information)
Personal data may be collected directly from users through forms submitted via our app, direct interactions with our staff, or automatically through usage analytics.
​a) Health Data - Health data refers to any information about an individual's health status or healthcare services provided. This includes, but is not limited to:
I. ​Vital Signs
II. ​Health history
III. ​Medical records
Health data is collected through a connected wearable device via our mobile application. Once collected, this data is securely stored and can be accessed by users through both our mobile and web applications. In addition, we also collect Usage data, Device Data, Analytical data and compliance data. By setting up and using the wearable device with our mobile app, users provide informed consent for the collection, storage, and processing of their health data as described in this Privacy Policy.
In instances where a wearable device is configured for use by individual, the user setting up the device is responsible for ensuring that appropriate implicit or explicit consent has been obtained from that person prior to data collection.
We do not sell, share, or use your health data for marketing without your explicit consent. Any analytics are conducted on anonymized, aggregated data only.
4. Permissions & Device Access
To provide the core functionality of our wearable device and mobile application, we require certain system permissions:
​a) Bluetooth Access – Used to connect and communicate with your wearable device.
​b) Notification Access – Used to send alerts, reminders, and updates related to your wearable device.
c) Location Access – Required to:
I. ​Enable Bluetooth Low Energy (BLE) scanning (as required by the operating system)
II. ​Adjust and display the correct date and time based on your region or device settings.
We do not use this information to track your movements or determine your exact geographic location.
5. Usage of Your Information
​a) Personal Data
I. ​We use your Personal Data that we collect for the following purposes:
II. ​To provide and maintain our services.
III. ​To notify you about changes to our services or policies.
IV. ​To provide customer support.
V. ​To comply with any legal obligations under HIPAA or any act.
VI. ​To analyze usage of our services and improve user experience.
b) Health Data
The health data collected through our application is solely used to fulfill the features and functionalities of the application, including but not limited to:
I. Health Analytics: To provide insights and trends related to the user's health status based on the information entered.
II. We do not use any of your health data for any purpose other than to fulfil the features of the app. Your health information will not be sold, shared, or used for marketing purposes without your explicit consent.
III. In cases where we may use health data for any analytic purposes, it will be done in an anonymized and aggregated manner, ensuring that individual users cannot be identified from the data. This allows us to analyze trends and improve our services while maintaining your privacy.
c) Permissions & Device Access
Region or location data (from device settings or system services) is used solely for adjusting date, time, and localization of services. This data is not stored for tracking purposes.
6. Access to Your Information
​a) Personal Data
Where applicable, any member (full-time or part-time) of our company or any authorised third party service provider, who is involved in fulfilling any services will have access to the personal data. Third-party service providers, such as cloud storage providers, analytics services, and customer support teams, may have access to data to perform their functions. These providers are contractually obligated to protect the data and comply with our privacy standards to the extent necessary only to fulfil the service on hand. Such services may also include, but not limited to, contacting you to resolve any issues raised by you, sending marketing content (if you had opted in) and so on.
​b) Health Data
We have restricted manual access to your Health data, even for our own employees and our infrastructure providers. The access is limited for all parties only for the purpose of debugging any issues reported on the product.
7. Transfer of Your Data Abroad
By voluntarily providing us with your Personal & Health Data, you are consenting to our use of it in accordance with this Privacy Policy. Due to the nature of the internet, your information will inevitably result in the transfer of information across international boundaries. You acknowledge and agree that your data may be transferred from your current location to the offices and servers our authorized affiliates, agents and service providers located across the world, in accordance to our global Privacy policy and local laws applicable. In the event that data is transferred to a country whose laws do not provide equivalent data protection, we shall ensure adequate protection of such Personal Data in accordance with this policy. We may share or process personal and health data already stored in our systems, where necessary for service continuity, lawful processing, or any other purpose disclosed in this Privacy Policy.
8. Disclosure of Your Data
We may also disclose your data to third parties in certain cases, including but not limited to the following scenarios.
a) Sale or merger :- In case of sale or merger of business your data may be transferred to the new owner. We shall promptly inform you of such transfer and ensure that the new owner respects your privacy rights
b) Legal Requirements:- We may disclose your data to comply with legal obligations, such as responding to subpoenas, court orders, or Regulatory Authorities: We may share your data with regulatory authorities to comply with healthcare regulations and standards. other legal processes.
c) Protection of Rights:
​I. Fraud Prevention: We may disclose your data to prevent fraud, protect our rights, and ensure the safety of our users.
​II. Risk Management : WE may share data to minimize risks and protect against potential threats
​III. Third-Party Services: We may share your data with third-party service providers who assist us in providing our services. These providers are contractually obligated to protect your data and comply with our policies for Data Protection
​IV. Explicit Consent: We may disclose your data to third parties with your explicit consent. You have the right to withdraw your consent at any time.privacy standards.
​V. Public Health and Safety: We may disclose your data if it is necessary to protect public health and safety, such as reporting infectious diseases or responding to health emergencies.
​VI. Anonymized Data: We may share anonymized and aggregated data for research and development purposes. This data cannot be used to identify individual users.
9. Data Security
During its entire lifecycle, we will take all reasonable steps to make sure that your personal data is treated securely and in accordance with this policy. We implement appropriate technical and organizational measures to protect your personal data and health data from unauthorized access, loss, or misuse. Some of these measures are:
​a) Secure access controls to limit who can view PHI.
​b) Regular security audits and assessments to ensure compliance with HIPAA regulations.
​c) To fulfil some of our internal operations, we may use the services of some third party vendors or service providers (such as our infrastructure providers or third party software vendors). All our service providers are governed by their own privacy policies, which are on par with industry standards.
​d) However, no method of transmission over the internet or method of electronic storage is 100% secure; therefore, while we strive to protect your data, we cannot guarantee its absolute security beyond the scope of our applications or devices.
10. User Rights
You have certain rights regarding your personal data under HIPAA and other applicable laws:
​a) Right to Access:- You have the right to access your Protected Health Information (PHI) upon request.
​b) Right to Request Corrections:- You have the right to request corrections to your health data if you believe it is inaccurate or incomplete.
​c) Right to Request Deletion:- You have the right to request the deletion of your personal data from our systems, subject to certain exceptions. We will review your request and respond in accordance with applicable laws. Please note that we may retain certain information as required by law or for legitimate business purposes.
​d) Right to Request Restrictions:- You have the right to request restrictions on certain uses and disclosures of your health data.
​e) Right to Receive Notifications:- You have the right to receive notifications regarding breaches involving your PHI.
​f) Most of these rights can be fulfilled directly through the app’s user interface. For rights that cannot be fulfilled in this manner, users must submit their requests via email to privacy@mghealthtech.com. We will process the request within the timeframe as required by law.
11. Data Retention Policy
We retain personal and health data only as long as necessary for the purposes outlined in this Privacy Policy or as required by law. When we no longer need your data, we will securely dispose of it in accordance with industry standards.
12. Data Breach Notification
In the unlikely event of a data breach affecting your PHI, we will notify you within 60 days through Email and in app notifications. Notifications will include details about the nature of the breach, the types of information affected, steps you can take to protect yourself and an overview of what we are doing to investigate the breach, mitigate harm, and prevent future breaches.
13. Governing Law and Dispute Resolution
This Privacy Policy shall be governed by and construed in accordance with the laws of Tamil Nadu, India, without regard to its conflict of law provisions. Any disputes arising from or relating to this Privacy Policy will be handled in accordance with the dispute resolution process described in our Terms of Service, which may include mandatory arbitration. The seat and venue of arbitration shall be Salem, Tamil Nadu, India, and proceedings shall be conducted in English.
14. Changes to This Privacy Policy
We may update our Privacy Policy periodically to reflect changes in our practices or applicable laws. When we make significant changes to this policy, we will notify our customers via email and/or through a notice on our software prior to the change becoming effective.
15. We welcome any queries, comments, or requests you may have regarding this Privacy Policy. Please do not hesitate to write to us at privacy@mghealthtech.com.