Skip to main content

Privacy · Compliance

GDPR & HIPAA compliance — zero data collection

This website is designed to be compliant with the EU General Data Protection Regulation (GDPR), the Digital Personal Data Protection Act 2023 (India), and the safeguards in the US Health Insurance Portability and Accountability Act (HIPAA) — by not collecting personal or protected health information (PHI) on the website at all.

What we do not collect

  • No contact forms that store data on our servers.
  • No newsletter database. No CRM. No lead capture.
  • No account creation, login, or user profiles.
  • No cookies for tracking or advertising by default.
  • No medical records, symptoms, images or files are uploaded here.

How bookings work

Every "Book", "Contact", "Home visit" or "Online consult" button opens WhatsApp with a prefilled message on your own device. You decide whether to press send. Your personal information travels over WhatsApp's end-to-end encrypted channel directly to our clinic phone (+91 97878 02818), not through this website.

GDPR alignment

  • Lawful basis: No processing takes place on the website — Art. 6 does not apply here.
  • Data minimisation (Art. 5): We collect zero personal data on-site.
  • Right to access / erasure (Art. 15, 17): If you have shared information with our clinic via WhatsApp, email care@vellorephysio.com and we will delete it within 30 days.
  • International transfers: None initiated by the website.

HIPAA alignment

  • No Protected Health Information (PHI) is transmitted, received or stored by this website.
  • Clinical records created inside the clinic are stored on paper / a secure offline EMR — not on this website's infrastructure.
  • WhatsApp messages you initiate are encrypted end-to-end and reach our clinic phone directly.
  • We do not share, sell or disclose patient information to third parties.

India — DPDP Act 2023

Because no personal data is collected on this site, no notice or consent artefact is required under section 5 of the DPDP Act. Concessional pricing (kids, students, seniors, BPL, army veterans, persons with disability) is verified in the clinic on presentation of physical ID.

Cookies

The site sets a small technical sessionStorage flag to remember whether you have dismissed the offers strip during your visit. This never leaves your browser. Analytics scripts (Google Analytics, Meta Pixel, Microsoft Clarity) are loaded only when the operator has explicitly configured an ID. See our Cookie Policy.

Contact the data controller

Dr. Karolin Rockson PT
Katpadi Rd, Suthanthira Ponvizha Nagar, Church Colony, Viruthampattu, Vellore, Tamil Nadu 632006, India
Phone: +91 97878 02818
Email: care@vellorephysio.com

Last reviewed: 2026. This page describes the website only. Our clinic complies with the Clinical Establishments Act and TNMC record-keeping requirements for in-clinic records.

FAQ · Vellore

10 privacy & compliance questions — answered

How we stay aligned with GDPR, HIPAA and India's DPDP Act 2023 by collecting zero data on this website — every booking is a WhatsApp handoff.

Zero. This website has no contact form database, no CRM, no newsletter list, no login, and no advertising cookies by default. Every 'Book' or 'Contact' button opens WhatsApp on your device with a prefilled message — you choose whether to send it.

Related searches: gdpr physiotherapy website, hipaa compliant physio india, dpdp act 2023 clinic, no data collection website, whatsapp booking privacy, physiotherapist near me, physio clinic in Vellore, home visit physiotherapy, online physiotherapy consultation India.