transparent-logo

Privacy Policy for Posture Clinic

Last Updated: October 6, 2025

At Posture Clinic, accessible from www.postureclinic.in, protecting the privacy of our visitors and patients is our top priority. This Privacy Policy explains what information we collect, how we use it, and your rights under India's Digital Personal Data Protection Act (DPDPA) 2023 and DPDP Rules 2025.

If you have questions or require more information about our Privacy Policy, please contact us at info@postureclinic.in or call us at (+91) 77601-37578.

Scope of This Policy

This Privacy Policy applies only to our online activities on www.postureclinic.in and is valid for visitors with regards to the information they share and/or we collect through this website. This policy does not apply to information collected offline, in-person at our clinic, or via channels other than this website.

Consent

By using our website, you consent to this Privacy Policy and agree to its terms. You may withdraw consent at any time by:

  • Adjusting your cookie preferences via the banner on our site

  • Emailing us at info@postureclinic.in

  • Unsubscribing from emails using the link in our communications

Information We Collect

We collect the following types of personal information:

Information You Provide Directly

  • Contact Forms & Inquiries: Name, email address, phone number, message content when you contact us

  • Appointment Bookings: Name, phone number, email, preferred date/time, and reason for visit (via Booking Calendar plugin)

  • Account Registration: Contact details including name, email, and phone number if you create an account

Information Collected Automatically

  • Log Files: Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), date/time stamps, referring/exit pages, and number of clicks. This data is not linked to personally identifiable information and is used for analyzing trends, administering the site, and gathering demographic information.

  • Cookies and Tracking Technologies: See detailed section below.

How We Use Your Information

We use the information we collect for the following purposes:

  • Provide, operate, and maintain our website and booking system

  • Process and manage your physiotherapy appointment requests

  • Respond to your inquiries and provide customer service

  • Improve, personalize, and expand our website functionality

  • Understand and analyze how you use our website through analytics

  • Communicate with you about appointments, services, and updates

  • Send you promotional emails (only with your explicit consent; you can unsubscribe anytime)

  • Prevent fraud and ensure website security

  • Comply with legal obligations under Indian law

Cookies and Tracking Technologies

Posture Clinic uses cookies to enhance your browsing experience and provide essential website functions. A cookie is a small text file stored on your device that helps us remember your preferences and understand site usage.

Types of Cookies We Use

1. Necessary Cookies (Always Active - No Consent Required) These cookies are essential for the website to function properly and cannot be disabled.

  • Session Cookies: Maintain your login session and booking form data temporarily

  • Security Cookies: Protect against cross-site request forgery and unauthorized access

2. Analytics Cookies (Requires Your Consent) These cookies help us understand how visitors interact with our website.

  • Google Tag Manager / gtag.js (_ga, _gid, _gat):

    • Purpose: Track page views, user demographics, traffic sources, and site performance

    • Retention: 2 years from last visit

    • Data Processor: Google LLC (USA) under Standard Contractual Clauses

    • Privacy Policy: https://policies.google.com/privacy

3. Functional Cookies (Requires Your Consent) These cookies enable enhanced functionality and personalization.

  • Tawk.to Live Chat Cookies (TawkConnectionTime, Tawk_*, ss-id):

    • Purpose: Store chat history, enable live support conversations, remember chat preferences

    • Retention: 1 year or until you clear browser cookies

    • Data Processor: Tawk.to (Global CDN, may process data outside India)

    • Privacy Policy: https://www.tawk.to/privacy-policy/

  • Booking Calendar Cookies (bookingpress_session, bookingpress_timezone):

    • Purpose: Remember your appointment selections, timezone preferences, and booking form data

    • Retention: Session-based (deleted when you close browser) or 30 days

    • Data Processor: Booking Calendar plugin (data stored on our Hostinger server in India)

Managing Your Cookie Preferences

You can control cookies through:

  • Our Cookie Consent Banner: Appears on your first visit; click "Accept" or "Reject" for non-essential cookies

  • Browser Settings: Most browsers allow you to refuse cookies or alert you when cookies are being sent. Instructions:

    • Chrome: Settings > Privacy and Security > Cookies

    • Safari: Preferences > Privacy > Cookies and Website Data

    • Firefox: Options > Privacy & Security > Cookies

Note: Blocking necessary cookies may affect website functionality (e.g., appointment booking may not work).

For more general information on cookies, visit: https://www.allaboutcookies.org/

Compliance with India's Digital Personal Data Protection Act (DPDPA)

This Privacy Policy complies with India's Digital Personal Data Protection Act (DPDPA) 2023 and DPDP Rules 2025. As a Data Fiduciary operating in India, we process your personal data lawfully, transparently, and with your explicit consent.

Your Rights Under DPDPA

As a user, you have the following rights:

1. Right to Access: Request copies of your personal data we hold (free of charge for the first request).

2. Right to Correction: Ask us to correct inaccurate or incomplete information about you.

3. Right to Erasure: Request deletion of your personal data under certain conditions (e.g., data no longer necessary, consent withdrawn).

4. Right to Withdraw Consent: Revoke consent for data processing at any time via our cookie banner or by emailing us.

5. Right to Nominate: Designate someone to exercise your rights on your behalf in case of death or incapacity.

6. Right to Grievance Redressal: File a complaint with the Data Protection Board of India if you believe your rights have been violated.

How to Exercise Your Rights: Email info@postureclinic.in with your request. We will respond within 30 days as mandated by DPDPA. For complex requests, we may extend this by an additional 30 days with notification.

Data Retention and Deletion

We retain personal data only as long as necessary for the purposes stated in this policy:

  • Inquiry Forms & Contact Requests: 3 years from last contact

  • Appointment Booking Records: 5 years (to meet medical record-keeping requirements under Indian healthcare regulations)

  • Analytics Cookies (gtag): 2 years from last website visit

  • Tawk.to Chat History: 1 year from last interaction

  • Email Marketing Lists: Until you unsubscribe or request deletion

Automatic Deletion Under DPDPA Rules 2025

If you have not interacted with our website or services for 3 consecutive years, we will:

  1. Send you an email notification 48 hours before deletion

  2. Permanently delete your personal data unless you respond requesting retention

  3. Retain only anonymized analytics data for statistical purposes

You may request immediate deletion at any time by contacting us at info@postureclinic.in.

Data Security

We implement reasonable security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:

  • SSL/TLS Encryption: Secures data transmission between your browser and our server

  • Access Controls: Restricted access to personal data on a need-to-know basis

  • Regular Backups: Automated backups via UpdraftPlus stored securely on cloud servers

  • Plugin & Software Updates: Regular updates to WordPress, Astra theme, and plugins (Pagelayer, Booking Calendar, etc.) to patch security vulnerabilities

Data Breach Notification

In the event of a data breach affecting your personal information, we will:

  • Notify affected users via email within 72 hours of discovering the breach

  • Report the breach to the Data Protection Board of India within 72 hours as required by DPDPA

  • Provide details of the breach, data affected, and remedial actions taken

Cross-Border Data Transfers

Some of our service providers process data outside India:

Google Tag Manager / Analytics (gtag.js):

  • Data may be transferred to Google LLC servers in the United States

  • Safeguards: Google complies with Standard Contractual Clauses (SCCs) approved under DPDPA and GDPR for lawful international transfers

  • Privacy Shield: Google participates in the EU-U.S. Data Privacy Framework

Tawk.to Live Chat:

  • Data may be processed on global Content Delivery Networks (CDNs) outside India

  • Safeguards: Tawk.to uses encryption and access controls; complies with international data protection standards

By using our website and accepting cookies, you consent to these cross-border data transfers under the safeguards described above.

Children's Privacy

Posture Clinic does not knowingly collect Personal Identifiable Information from individuals under the age of 18 years without verifiable parental consent, as required by DPDPA.

If you are under 18 and wish to book an appointment or use our services:

  • We require consent from a parent or legal guardian

  • Consent is verified via government-issued ID (Aadhaar, PAN) or DigiLocker tokens as per DPDP Rules 2025

If you believe your child under 18 has provided personal information without consent, please contact us immediately at info@postureclinic.in, and we will promptly delete such information from our records.

Third-Party Links

Our website may contain links to third-party websites (e.g., Google Maps for directions, social media platforms). We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

GDPR Data Protection Rights (For International Visitors)

If you are visiting from the European Union or UK, you are entitled to additional rights under GDPR:

  • Right to access, rectification, erasure, and data portability (as described in the DPDPA section above)

  • Right to restrict processing and object to processing

  • Right to lodge a complaint with your local Data Protection Authority

We handle data in accordance with both DPDPA (for Indian users) and GDPR (for EU/UK users) to ensure global compliance.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. Updates will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy periodically.

For significant changes affecting your rights, we will notify you via:

  • Email (if you have provided contact information)

  • A prominent notice on our website homepage

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Posture Clinic Email: info@postureclinic.in Phone: (+91) 77601-37578 Address: 1198, 22nd A Cross Rd, Sector 3, HSR Layout, Bangalore, Karnataka, 560102 Business Hours: 7am-9pm

For complaints or grievances under DPDPA, you may also contact the Data Protection Board of India at www.dataprotection.gov.in (once operational).

By continuing to use www.postureclinic.in, you acknowledge that you have read, understood, and agree to this Privacy Policy and our use of cookies as described.

Scroll to Top