post image

Privacy Policy

Last Updated: August 2025

This Privacy Policy explains how Carachi Clinic ("we", "us", "our") collects, uses, discloses, and protects your personal and health-related information. We are committed to safeguarding your privacy in compliance with applicable laws and regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA) (where applicable), and the CAN-SPAM Act..

Data Controller and Contact Information

Carachi Clinic Email: echo.mint@carachi.com
Phone: +1 856 930 6841
Address: Penthouse Suite, W 55th St., Manhattan Center Residences, New York, NY 10019, US.

What Data We Collect

We may collect the following personal and sensitive health-related data:

  • Name, email address, phone number, and postal address
  • Date of birth, gender, and demographic information
  • Medical history, symptoms, diagnosis, treatment details, lab results
  • Appointment history and preferences
  • IP address, device/browser information, and access logs (when using our website)
  • Insurance and billing information
  • Communications and messages sent to us via forms, email, or other means

    • How We Collect Data

  • Directly from you: via appointment bookings, registration forms, consultations, emails, phone calls, or website contact forms
  • Automatically: through cookies and analytics on our website
  • From third parties: such as referring physicians, insurance providers, or diagnostic labs (only with your consent or as permitted by law)

    • Legal Basis for Processing

    We process your data based on the following lawful bases:

  • Your explicit consent (e.g., for marketing or digital communications)
  • Performance of a contract (e.g., providing you with medical services)
  • Compliance with legal obligations (e.g., medical record retention, public health reporting)
  • Legitimate interests (e.g., clinic management, fraud prevention, service improvement)
  • Vital interests (in emergencies where your consent cannot be obtained)

    • How We Use Your Data

  • To provide healthcare and medical services
  • To manage appointments and patient records
  • To communicate with you about your care and send reminders
  • To process payments and insurance claims
  • To improve our services and ensure website functionality
  • To send updates, newsletters, or promotional messages (with your consent)
  • To comply with applicable laws and regulations
  • To prevent fraud and ensure data security

    • Data Retention

    We retain personal and medical data:

  • As long as required to provide healthcare services and manage the patient relationship
  • As required by law for medical recordkeeping and compliance (e.g., 7–10 years, depending on jurisdiction)
  • Longer where necessary for legal, regulatory, or audit purposes

    • Data Sharing and Processors

  • We do not sell your personal data. We may share it only with:
  • Authorized medical professionals and staff involved in your care
  • Third-party service providers (e.g., lab services, billing software, secure hosting providers), under strict confidentiality and data protection agreements
  • Government or regulatory authorities, when legally required
  • Insurance providers for claim processing (with your authorization)

    • International Data Transfers

    If your data is transferred outside your country of residence (e.g., to cloud servers), we ensure it is protected by:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions or other legally approved safeguards

    • Data Security

    We implement industry-standard security measures:

  • Encrypted data storage and transmission
  • Access controls and authentication for authorized personnel only
  • Secure servers, firewalls, and routine security audits

    • Your Rights

    Depending on your location, you have the right to:

  • Access your data
  • Correct inaccurate or incomplete data
  • Request deletion (right to be forgotten)
  • Restrict or object to data processing
  • Withdraw consent at any time
  • Request a copy of your data (data portability)
  • File a complaint with a data protection authority
  • To prevent fraud and ensure data security
    • To exercise these rights, please contact us at echo.mint@carachi.com

    Children’s Privacy

    Carachi Clinic does not knowingly collect personal data from children under 16 without parental or guardian consent. If you believe we have collected data from a minor, please contact us for immediate removal.

    HIPAA and Medical Data Compliance

    Where applicable, Carachi Clinic complies with HIPAA regulations:

  • Medical data is used strictly for healthcare delivery, billing, and clinic operations
  • Access is limited to authorized personnel only
  • Patient information is never shared without consent, unless required by law

    • Cookies and Website Tracking

    We use cookies and similar technologies on our website for:

  • Site functionality and performance
  • Visitor analytics and usage patterns
  • Improving user experience
    • For more information, see our Cookie Policy.

    Changes to This Policy

    We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated revision date. If the changes are significant, we will notify you via email or our website.

    Contact Us

    If you have any questions or concerns about this Privacy Policy or your data, please contact us at:
    Email: echo.mint@carachi.com
    Phone: +1 856 930 6841
    Address: Penthouse Suite, W 55th St., Manhattan Center Residences, New York, NY 10019, US.