Legal Policies

Gbooks Infotech Pvt Ltd - Complete Terms and Conditions

Privacy Policy

Effective Date: January 1, 2024 | Last Updated: 12/02/2024

Gbooks Infotech Pvt Ltd ("Company," "we," "our," or "us"), a leading provider of ERP Cloud Solutions for Healthcare, Education, and Business Management, respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (gbooksindia.com), use our Hospital Management System, Educational ERP, or other software solutions, or engage with us in any capacity.

1. Information We Collect

Personal Information:

  • • Full name, email address, phone number, postal address
  • • Company name, job title, business contact information
  • • Government-issued ID numbers (when required for contracts)
  • • Payment information, billing address, tax identification
  • • Professional credentials and work experience

Technical Information:

  • • IP address, browser type, operating system
  • • Device identifiers, screen resolution, time zone
  • • Cookies, web beacons, and similar tracking technologies
  • • Website usage patterns, pages visited, click-through rates
  • • Server logs, error reports, performance data

Healthcare & ERP Solutions Data:

  • • Patient registration and medical information (for HMS users)
  • • Student records and academic data (for Educational ERP users)
  • • Appointment scheduling and consultation notes
  • • Billing information and payment processing data
  • • SMS and WhatsApp integration data for automated messaging
  • • Prescription records and medical documentation
  • • Time slot bookings and specialist consultations

Communication Data:

  • • Email correspondence, chat logs, support tickets
  • • Phone call records (when permitted by law)
  • • Meeting notes, project documentation
  • • Feedback, surveys, testimonials
  • • SMS and WhatsApp communications through our integrated services

2. How We Use Your Information

  • ERP Service Delivery: To provide Hospital Management System, Educational ERP, and other cloud-based solutions
  • Healthcare Operations: Patient registration, appointment scheduling, prescription management, and billing
  • Educational Management: Student records, academic tracking, and institutional administration
  • Communication Services: SMS and WhatsApp integration for automated messaging and notifications
  • Technical Support: To respond to inquiries, provide support, and system maintenance
  • Payment Processing: To process subscription fees, service charges, and billing
  • Legal Compliance: To comply with healthcare regulations, educational standards, and applicable laws
  • Service Improvement: To analyze usage patterns and enhance our ERP solutions
  • Security & Fraud Prevention: To protect against unauthorized access and maintain system security

3. Legal Basis for Processing

  • Contract Performance: Processing necessary for service delivery
  • Legitimate Interest: Business operations, fraud prevention, direct marketing
  • Legal Obligation: Tax reporting, regulatory compliance
  • Consent: Marketing communications, cookies, optional data collection

4. Data Sharing and Disclosure

  • Service Providers: Third-party vendors who assist in our operations (hosting, payment processing, analytics)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In case of merger, acquisition, or sale of assets
  • Consent: When you explicitly authorize disclosure
  • Protection: To protect rights, property, or safety of our company or others
  • • We do NOT sell, rent, or trade personal information to third parties for marketing purposes

5. Data Security Measures

  • • Industry-standard SSL/TLS encryption for data transmission
  • • AES-256 encryption for data at rest
  • • Multi-factor authentication for system access
  • • Regular security audits and penetration testing
  • • Employee background checks and confidentiality agreements
  • • Secure data centers with 24/7 monitoring
  • • Regular backup and disaster recovery procedures
  • • Incident response and breach notification procedures

6. Data Retention

  • • Active client data: Duration of business relationship plus 7 years
  • • Financial records: 10 years as per tax regulations
  • • Marketing data: Until consent is withdrawn
  • • Website analytics: 26 months maximum
  • • Support tickets: 5 years for quality assurance
  • • Legal documents: As required by applicable laws

7. Your Rights and Choices

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your personal data (subject to legal requirements)
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Limit processing of your personal data
  • Objection: Object to processing for direct marketing or legitimate interests
  • Withdraw Consent: Withdraw previously given consent at any time
  • Lodge Complaints: File complaints with relevant data protection authorities

8. International Data Transfers

We may transfer your personal data to countries outside your jurisdiction. When we do so, we ensure adequate protection through:

  • • Standard contractual clauses approved by relevant authorities
  • • Data processing agreements with third parties
  • • Adequacy decisions by competent authorities
  • • Appropriate safeguards as required by applicable laws