Likhyani Healthcare Solutions

Ready to Scale?

Privacy Policy

Effective Date: January 1, 2026

Last Updated: March 10, 2026
Applicable Laws: Digital Personal Data Protection Act 2023, India | Personal Data Protection Act 2012, Singapore

1. Who We Are

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit www.likhyani.com or engage with our services.

The entities responsible for your personal data are:

Data Fiduciary under India’s DPDPA 2023:
Likhyani Healthcare Solutions OPC Private Limited
231/10, R.H.B., Pratap Nagar, Opposite Pratap Enclave, Sector 23, Jaipur, Rajasthan 302017, India
Email: [email protected]

Data Controller under Singapore’s PDPA 2012:
Likhyani Group Pte Limited (UEN: 202605292W)
160 Robinson Road, #14-04, Singapore Business Federation Centre, Singapore 068914
Email: [email protected]

Both entities are referred to in this Policy as “we”, “us”, or “our”.

2. What Personal Data We Collect

2.1 Data You Provide Directly

When you submit a contact form, book a consultation, or send an enquiry through this website, we may collect:

  • Full name
  • Email address
  • Phone number including country code
  • Business or organisation name
  • Designation or job title
  • Country or city of operation
  • Nature of your healthcare business and details of your enquiry
  • Billing information processed through Razorpay or Stripe (see Section 5)

2.2 Data Collected Automatically

When you visit this website, the following data is collected automatically through cookies and tracking technologies:

  • IP address and approximate geographic location
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent on each page, and navigation behaviour
  • Referral source showing how you arrived at this website
  • Session duration and interaction data

2.3 Data Collected Through Third-Party Technologies

This website uses third-party technologies that collect data independently when you visit or interact with the site.

Google Analytics. Collects anonymised usage and behaviour data. Processed by Google LLC under Google’s Privacy Policy. Data may be transferred to Google servers internationally.

Meta Pixel (Facebook and Instagram). Tracks website visits and interactions for advertising attribution and remarketing. Processed by Meta Platforms Inc. under Meta’s Data Policy. If you are logged into Facebook or Instagram when you visit this site, your visit may be associated with your profile.

LinkedIn Insight Tag. Tracks website visits for campaign measurement and audience building on LinkedIn. Processed by LinkedIn Corporation under LinkedIn’s Privacy Policy.

Frappe CRM. Contact form submissions from this website are captured into our self-hosted CRM system running on a cloud server. Data stored in the CRM is subject to the security standards described in Section 7.

WhatsApp Business Widget. If you initiate contact through the WhatsApp widget on this website, your message and phone number are processed through Meta’s WhatsApp Business API. By initiating contact via WhatsApp, you are subject to WhatsApp’s Terms of Service and Meta’s Privacy Policy.

Booking and Scheduling Tool. Consultations may be booked through an embedded third-party scheduling tool. When you book, your name, email address, and scheduling preferences are processed by that platform under its own privacy policy.

Pabbly Connect. Used as middleware to route form submission data between this website and our CRM. Acts as a data processor on our behalf.

We do not sell your personal data to any third party. The platforms listed above process data as service providers in the course of operating this website. We encourage you to review the privacy policies of Google, Meta, LinkedIn, and any scheduling platform you interact with.

3. How We Use Your Personal Data

We collect and use your personal data only for the following purposes:

Responding to enquiries and consultation requests. We use your name, email, phone number, and business details to respond to your contact form submission or booking.

Booking and scheduling consultations. We use your name, email, and scheduling preferences to confirm and manage booked calls.

Delivering contracted services. For active clients, we use all contact and business data provided to perform the agreed scope of work.

Processing payments. Billing information is used solely for payment processing through Razorpay or Stripe.

Email follow-up and marketing communications. With your consent, we send follow-up emails relevant to your enquiry and our services. See Section 4 for opt-out instructions.

WhatsApp outreach. With your consent, we may follow up via WhatsApp on the phone number you provide through the contact form.

Website analytics. IP address, device data, and behaviour data are used to understand how visitors use this website and to improve its content and performance.

Advertising retargeting. Browsing data collected through Meta Pixel and Google Analytics may be used for remarketing to website visitors through Google and Meta advertising platforms.

CRM and client management. All collected data is stored in our CRM for lead management and client communication purposes.

Legal compliance. We may use or disclose relevant data where required by law, court order, or lawful government authority.

4. Marketing Communications

By submitting a contact form or booking a consultation on this website, you consent to receiving follow-up communications from us. These may include automated email sequences and WhatsApp messages sent through the WhatsApp Business API.

4.1 How to Opt Out

You may opt out of email communications at any time by clicking the Unsubscribe link in any email we send, or by writing to us at [email protected].

You may opt out of WhatsApp communications by replying STOP to any WhatsApp message from us, or by writing to us directly.

Opting out of marketing communications will not affect communications that are necessary for the delivery of services you have contracted with us.

4.2 Regulatory Compliance

We comply with India’s Telecom Commercial Communications Customer Preference Regulations (TRAI TCCCPR) and Singapore’s Spam Control Act and Do Not Call Registry provisions. We do not send unsolicited commercial messages to individuals registered on applicable Do Not Call registries.

5. Payment Data

We process payments through Razorpay (India) and Stripe (international). When you make a payment:

  • Your card or banking details are entered directly into the payment gateway’s secure interface and are not stored on our servers
  • We receive only transaction confirmation, invoice references, and metadata for billing reconciliation
  • Both Razorpay and Stripe are PCI-DSS compliant and use industry-standard encryption
  • Financial transaction records are retained by us for seven (7) years from the transaction date in compliance with the Companies Act 2013 (India) and applicable Singapore accounting standards

6. Data Sharing and Third-Party Processors

We do not sell, rent, or commercially trade your personal data to any third party.

In the course of operating this website and delivering our services, your data is processed by the following categories of service providers acting on our behalf:

Cloud Hosting and Infrastructure. Our self-hosted CRM and automation systems run on cloud infrastructure. Data may be stored in servers in India, Singapore, or the United States, subject to appropriate safeguards.

Payment Gateways. Razorpay (India) and Stripe (international), both PCI-DSS compliant.

Analytics and Advertising Platforms. Google Analytics, Meta Pixel, and LinkedIn Insight Tag process behavioural and device data for analytics and advertising purposes.

CRM and Automation. Frappe CRM and Pabbly Connect are used for lead management, client communication, and workflow automation.

Communication Platforms. WhatsApp Business API (Meta) and email service providers used for client and lead communications.

Scheduling Tools. Third-party booking platforms used to facilitate consultation scheduling.

All third-party processors are required to process personal data only for the purposes specified, to maintain appropriate security measures, and to comply with applicable data protection laws.

We may also disclose personal data where required by law, court order, or lawful government authority, or where necessary to protect our legal rights.

7. Data Security

We take reasonable technical and organisational steps to protect your personal data. These include:

  • SSL/TLS encryption for all data in transit
  • Access controls limiting data access to authorised personnel on a need-to-know basis
  • Secure cloud infrastructure with regular security patching
  • No storage of full payment card or banking details on our servers

No method of transmission over the internet is completely secure. We cannot guarantee absolute security and will not be liable for breaches that occur outside our reasonable control.

In the event of a personal data breach that poses a risk to your rights, we will notify the applicable regulatory authority and affected individuals within the timeframe required by law. This is 72 hours for high-risk breaches under India’s DPDPA and three (3) calendar days for notifiable breaches under Singapore’s PDPA.

8. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purposes for which it was collected or as required by applicable law.

Website enquiry and contact form data: 24 months from the date of last interaction.

Client data for active engagements: Duration of the engagement plus three (3) years.

Financial and payment records: Seven (7) years from the transaction date.

Analytics and behavioural data: Up to 26 months, in line with Google Analytics default retention settings.

Marketing communication data: Until opt-out plus twelve (12) months.

Legal records and correspondence: Seven (7) years from the date of creation.

After the applicable retention period, personal data is securely deleted or anonymised in a manner that prevents reconstruction.

9. Cross-Border Data Transfers

We operate across India and Singapore and use third-party service providers whose servers may be located in other countries including the United States.

Where data is transferred internationally, we ensure:

  • Transfers from India comply with the cross-border transfer provisions of the Digital Personal Data Protection Act 2023, including any adequacy frameworks or standard contractual requirements notified by the Government of India
  • Transfers from Singapore comply with the PDPA’s overseas transfer requirements, ensuring the receiving party provides a standard of protection comparable to that required under PDPA
  • Transfers to third-party processors are governed by data processing agreements with appropriate safeguards

10. Your Rights

10.1 Rights Under India’s DPDPA 2023

If you are a Data Principal under the DPDPA, you have the right to:

  • Access the personal data we hold about you and information about how it is processed
  • Correct inaccurate or incomplete personal data
  • Request erasure of your personal data, subject to legal retention obligations
  • Raise a grievance with our Grievance Officer (see Section 11)
  • Nominate another individual to exercise your rights in the event of your death or incapacity
  • Withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal

10.2 Rights Under Singapore’s PDPA 2012

If you are an individual in Singapore, you have the right to:

  • Access personal data we hold about you
  • Request correction of inaccurate personal data
  • Withdraw consent for collection, use, or disclosure of your personal data
  • Request data portability where applicable under the PDPA data portability obligation
  • File a complaint with the Personal Data Protection Commission at www.pdpc.gov.sg

10.3 Rights for EU and EEA Individuals

Where visitors or clients are located in the EU or EEA and GDPR applies, we are committed to honouring equivalent rights including the right to access, rectification, erasure, restriction, portability, and objection.

To exercise any of the rights above, please submit a written request to [email protected]. We will respond within thirty (30) days and will verify your identity before processing any data access or deletion request.

11. Cookies and Tracking Technologies

This website uses cookies and tracking technologies to operate, measure performance, and support advertising.

Strictly Necessary Cookies. Required for basic website functionality including form submissions and security. These cannot be disabled.

Analytics Cookies (Google Analytics). Used to understand visitor behaviour and improve this website. Retained for up to 26 months. You can opt out via your browser settings or the Google Analytics opt-out tool.

Advertising Cookies (Meta Pixel). Used for advertising attribution, audience building, and remarketing via Meta platforms. Retained for up to 180 days. You can opt out via your Meta ad settings.

Advertising Cookies (LinkedIn Insight Tag). Used for LinkedIn campaign measurement and audience segmentation. Retained for up to 90 days. You can opt out via your LinkedIn settings.

Preference Cookies. Used to remember your language or region preferences. Retained for up to 12 months. You can opt out via your browser settings.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of this website. For more information on managing cookies, visit www.allaboutcookies.org.

12. Children’s Privacy

This website is directed at healthcare businesses, medical professionals, and organisations. It is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that personal data has been collected from a minor without appropriate consent, we will take steps to delete it promptly.

13. Contact, Grievance Officer, and Data Protection Officer

13.1 General Privacy Enquiries

For any questions, concerns, or requests related to this Privacy Policy or the handling of your personal data:

Email: [email protected]
Website: www.likhyani.com/contact

13.2 Grievance Officer (India, DPDPA 2023)

Name: Dr. Gireesh Likhyani
Designation: Director and Grievance Officer, Likhyani Healthcare Solutions OPC Private Limited
Email: [email protected]
Response Time: Within 30 days of receipt of grievance

13.3 Data Protection Officer (Singapore, PDPA 2012)

Name: [DPO NAME TO BE CONFIRMED]
Organisation: Likhyani Group Pte Limited
Email: [email protected]
Response Time: Within 30 days of receipt of request

13.4 Regulatory Authorities

If you are not satisfied with our response, you have the right to escalate to the relevant authority:

India: Data Protection Board of India (under DPDPA 2023) | www.meity.gov.in
Singapore: Personal Data Protection Commission | www.pdpc.gov.sg
EU and EEA: Your local Data Protection Authority

14. Changes to This Privacy Policy

We may update this Privacy Policy at any time to reflect changes in our data practices or applicable laws. When we make material changes, we will update the Last Updated date at the top of this page and, where required by law, notify you directly by email.

Your continued use of this website after changes are posted constitutes acknowledgement of those changes. We recommend reviewing this page periodically.

India India Schedule a Meeting Book Now Singapore Singapore

Schedule Your Call

Fill this out. We respond within 24 hours.

We respond within 24 hours. No spam. No automated sequences. A real person reads every message.