Privacy Policy

This Privacy Policy describes how Trident Eye and Retina Hospital ("Trident", "we", "us", or "our"), operating under the medical supervision of Dr. Aakash Deep (MS, MCh.), Eye & Retina Surgeon, collects, uses, stores, and protects personal information that you provide when visiting our website or submitting an appointment request. We are committed to safeguarding your privacy and handling your data with care, transparency, and in compliance with applicable Indian laws — including the Information Technology Act, 2000 and the Information Technology (Amendment) Act, 2008.

By using our website and submitting any form, you consent to the data practices described in this Privacy Policy. We encourage you to read this document fully.

1. What Data We Collect

We collect only the minimum personal information necessary to schedule your appointment and provide appropriate medical care. The data we collect includes:

1.1 Information You Provide Directly (via Appointment Form)

• Full Name — to address you appropriately and create your patient record.
• Phone Number — to contact you for appointment confirmation and follow-up.
• Age — to help our clinical team prepare appropriately for your consultation.
• Affected Eye — preliminary clinical information about which eye(s) are experiencing symptoms.
• Preferred Appointment Date & Time Slot — to schedule your consultation.
• Symptoms or Message — any additional information you voluntarily share about your eye condition or concerns.
• Submission Timestamp — automatically recorded when your form is submitted.

1.2 Information Collected Automatically

When you visit our website, certain technical information may be collected automatically by our hosting server and analytics tools:

• IP Address — your internet protocol address (may be anonymised by analytics tools).
• Browser Type & Version — the web browser you use to access the site.
• Operating System — the platform or device type (e.g., Android, iOS, Windows).
• Pages Visited & Time Spent — which sections of the website you accessed and for how long.
• Referring URL — the web address of the page that linked you to our website.

This automatically collected data is used in aggregate, anonymised form for website performance monitoring and user experience improvement. It is not linked to your personal identity.

1.3 Information We Do NOT Collect

We do not collect:

• Government-issued ID numbers (Aadhaar, PAN, Passport, etc.) via this website.
• Financial information, credit card numbers, or bank details via this website.
• Biometric data via this website.
• Sensitive medical records (full patient records are maintained only within our physical clinic systems under applicable medical privacy standards).

2. How We Use Your Information

The personal information you provide via our website is used exclusively for the following purposes:

• Appointment Scheduling: To call you and confirm your free consultation appointment at Trident Eye and Retina Hospital.
• Clinical Preparation: To help Dr. Aakash Deep and the clinical team understand your preliminary concerns before your visit.
• Communication: To contact you via phone regarding your appointment, reminders, or any changes to your scheduled visit.
• Service Improvement: Aggregated, anonymised data may be used internally to improve our appointment management process and website user experience.
• Legal Compliance: To comply with any applicable legal or regulatory requirements as mandated under Indian law.

We will not use your personal information to send unsolicited marketing communications, promotional SMS, or spam emails. Any communication from us will be directly related to your appointment or medical care.

3. Google Sheets Data Storage

When you submit our online appointment booking form, your data is transmitted securely via Google Apps Script — a Google Cloud-based service — and stored in a Google Sheets spreadsheet that is accessible only to the authorised administrative team at Trident Eye and Retina Hospital.

We want to be transparent about this:

• Your form submission data (name, phone, age, eye affected, preferred date, time, and message) is stored in a Google Sheets file hosted on Google's servers.
• This Google Sheets file is accessible only by authorised Trident Eye Hospital staff members using secured Google accounts.
• Google's servers comply with internationally recognised data security standards. You can review Google's privacy practices at policies.google.com/privacy.
• Your data stored in Google Sheets is retained for as long as necessary to fulfill the purpose for which it was collected (i.e., scheduling and completing your consultation), and is deleted upon your request.

4. No Third-Party Data Selling or Sharing

Trident Eye and Retina Hospital does not sell, rent, lease, trade, or otherwise commercially transfer your personal information to any third party under any circumstances.

We may share your information only in the following strictly limited situations:

• With Your Consent: Only if you explicitly provide permission for a specific sharing purpose.
• Legal Obligation: If required to do so by a court order, law, or government authority under Indian law, we may disclose information as legally mandated. We will notify you of such requirements unless prohibited from doing so by law.
• Medical Emergency: In a situation where disclosure is necessary to protect your vital interests or the vital interests of another person.
• Service Providers: We use Google (Apps Script & Sheets) as a technical service provider for form data storage. This is the sole third-party service used and they are bound by their own privacy commitments (see Section 3).

5. Cookies Policy

5.1 What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They are used to make websites function properly, improve user experience, and provide basic analytics information to website owners.

5.2 Cookies We Use

This website may use the following categories of cookies:

• Strictly Necessary Cookies: Essential for the website to function correctly. These do not collect personal information and cannot be disabled without affecting functionality.
• Analytics Cookies: Basic, anonymised website analytics may be tracked to understand how visitors interact with our website (e.g., which pages are most visited, session duration). No personally identifiable information is linked to these analytics.
• Third-Party Cookies: Our website embeds a Google Maps iframe. Google may set its own cookies when you interact with the map. These are governed by Google's cookie policy.

We do not use advertising cookies, retargeting cookies, or behavioural profiling cookies.

5.3 Managing Cookies

You can control and delete cookies through your browser settings. Most browsers allow you to refuse all cookies or to be notified when a cookie is set. Disabling cookies may affect the functionality of certain features on this website. For guidance on managing cookies in your specific browser, visit aboutcookies.org.

6. Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• HTTPS/SSL encryption for all data transmitted between your browser and our website.
• Encrypted data transmission to Google Apps Script using HTTPS.
• Restricted access to the Google Sheets database — accessible only by authorised hospital staff.
• Regular review of data access permissions and practices.

While we take every reasonable precaution, no method of data transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any identified security vulnerabilities.

7. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes for which it was collected — primarily for scheduling your consultation and any subsequent follow-up care that arises from your visit. Patient medical records created during clinical consultations are retained in accordance with applicable medical record-keeping requirements under Indian law (typically 3–7 years for clinical records).

Website form submission data stored in Google Sheets is reviewed periodically and deleted once the appointment purpose has been fulfilled, unless you have become an active patient of the hospital and we need to retain records for ongoing care.

8. Your Rights Under the Information Technology Act (India)

As a resident of India, you have certain rights regarding your personal data under the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (DPDPA) (as applicable):

• Right to Access: You have the right to request confirmation of whether we hold your personal data and to receive a copy of the data we hold about you.
• Right to Correction: You have the right to request correction of inaccurate or incomplete personal data we hold about you.
• Right to Erasure: You may request that we delete your personal data from our systems, subject to any legal obligations to retain records.
• Right to Grievance Redressal: You have the right to raise grievances with us regarding the handling of your personal data, and to receive a response within a reasonable timeframe.
• Right to Withdraw Consent: You may withdraw your consent for us to process your personal data at any time, noting that withdrawal may affect our ability to schedule or provide services to you.

To exercise any of these rights, please contact us using the details provided in Section 10 below.

9. Children's Privacy

Our website is not intentionally directed at children under the age of 18. We do not knowingly collect personal information directly from individuals under 18 years of age. If a parent or guardian submits information on behalf of a minor patient, such submission constitutes consent by the parent or guardian and the data will be used solely for the purpose of scheduling the child's medical consultation.

If you believe we have inadvertently collected information from a child under 18 without appropriate parental consent, please contact us immediately and we will promptly delete such data.

10. Contact Us for Data Requests & Privacy Concerns

If you wish to exercise your data rights, have concerns about how your data is handled, or wish to make a formal privacy complaint, please contact us:

• Data Controller: Trident Eye and Retina Hospital (under the medical supervision of Dr. Aakash Deep, MS, MCh.)
• Phone / WhatsApp: 090461 52200
• Address: ITI More, Sevoke Rd, opposite Aakashwani, Ward 43, Dasrath Pally, Bhanu Nagar, Siliguri, West Bengal 734001, India
• Facebook: facebook.com/tridentclinicslg

We will endeavour to respond to all privacy-related requests and complaints within 30 business days.

11. Changes to This Privacy Policy

Trident Eye and Retina Hospital reserves the right to update, modify, or replace this Privacy Policy at any time to reflect changes in our data practices, applicable law, or operational requirements. When we make material changes, we will update the "Last Updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website after any modification to this Privacy Policy constitutes your acceptance of the revised policy.

12. Governing Law

This Privacy Policy is governed by and interpreted in accordance with the laws of India, including the Information Technology Act 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, and the Digital Personal Data Protection Act 2023. Any disputes arising from this Privacy Policy shall be subject to the jurisdiction of the courts in Siliguri, West Bengal, India.