User Consent for Collection & Processing of Medical Data
Last Updated: May 31, 2025

This User Consent (“Consent”) describes how Thinktail Global Pvt. Ltd. (“Thinktail,” “we,” “us,” or “our”) collects, uses, discloses, and protects the medical and health-related data you (“User,” “you,” or “your”) provide on the Snoutiq website and mobile application (together, “Snoutiq” or the “Platform”). This Consent is a standalone document supplementing Snoutiq’s Privacy Policy. By providing any medical or health information (including pet-related health data) through Snoutiq—whether during a consultation, by uploading documents, or when completing forms—you acknowledge and agree to the terms of this Consent. If you do not consent, please do not submit any medical data on Snoutiq.

1. Why We Need Your Consent

Snoutiq is a pet marketplace that offers veterinary teleconsultations, in-person appointments, and access to educational medical content. In order to:

• Facilitate accurate diagnosis and treatment,
  
• Enable veterinarians to provide personalized care,
  
• Store and access pet health records securely, and
  
• Comply with applicable regulations on processing “Sensitive Personal Data or Information” (SPDI) under India’s Information Technology Act (IT Act) and related rules—
  

we must obtain your explicit, informed consent before collecting, storing, or processing any medical or health-related data you provide.

2. Types of Medical Data Collected

When you use Snoutiq’s veterinary services or upload health information, we may collect some or all of the following categories of data:

1. Pet Identification & Demographics
   
   • Pet’s name, species, breed, age, sex, and microchip ID (if available).
     
   • Owner’s relationship to pet (e.g., owner, caretaker).
     
2. Medical History & Health Records
   
   • Past diagnoses or illnesses.
     
   • Vaccination and immunization records.
     
   • Ongoing or past medications (drug names, dosages, administration schedule).
     
   • Allergies or known adverse reactions.
     
   • Surgical history, injuries, or hospitalizations.
     
   • Diagnostic reports (laboratory results, imaging reports, pathology findings).
     
   • Photographs or videos of the pet (e.g., wound photos, gait assessments, skin conditions).
     
3. Symptoms & Current Condition
   
   • Descriptions of presenting symptoms (e.g., vomiting, diarrhea, lameness).
     
   • Duration, frequency, severity, and any triggering factors.
     
4. Treatment & Prescription Data
   
   • Prescribed medications or therapies (drug name, dosage, administration route, frequency, duration).
     
   • Dietary plans or nutritional recommendations.
     
   • Follow-up instructions, recheck dates, or referral notes.
     
5. Consultation & Communication Records
   
   • Audio/video records of teleconsultations (if recorded with your permission).
     
   • Chat transcripts, text messages, emails, or in-App messages exchanged with veterinarians.
     
   • Notes or summaries created by the veterinarian during or after your consultation.
     
6. Billing & Payment-Related Medical Information
   
   • Fee breakdowns for diagnostics or specialized procedures.
     
   • Insurance policy numbers and related claim information (if applicable).
     
7. Third-Party Health Data (with separate permission)
   
   • Integration with third-party veterinary diagnostic platforms or wearable pet trackers (GPS collars, fitness monitors), if you elect to link those services.
     

3. Purpose & Legal Basis for Processing

We process your medical data solely for the following purposes:

1. Provision of Veterinary Services
   
   • To enable veterinarians to review your pet’s history, make diagnoses, prescribe medications, and create individualized treatment plans.
     
   • To schedule and conduct teleconsultations or in-person appointments.
     
   • To maintain continuity of care (storing records for future visits).
     
2. Medical Record Maintenance & Compliance
   
   • To comply with professional guidelines and statutory requirements (e.g., Veterinary Council of India rules, IT Act SPDI Rules).
     
   • To ensure proper record-keeping, audits, and quality control.
     
3. Regulatory & Legal Requirements
   
   • To respond to lawful requests from regulators or authorities (e.g., animal welfare boards, public health agencies).
     
   • To prevent, detect, and investigate fraud, abuse, or other unlawful activities.
     
4. Security & Quality Improvement
   
   • To monitor and improve the quality, safety, and effectiveness of veterinary services.
     
   • To train our personnel and veterinarians (using anonymized case studies).
     
5. Emergency Care & Follow-Up
   
   • To quickly access critical information in case of medical emergencies involving your pet.
     
   • To send appointment reminders, follow-up notifications, or test result alerts.
     

Legal Basis: Under India’s IT Act and Rules, processing SPDI is permitted with the “explicit consent” of the data principal (you). By accepting this Consent, you authorize Thinktail to process your medical data for the above purposes.

4. How We Share & Disclose Your Medical Data

We treat your medical data as “Sensitive Personal Data or Information” (SPDI) under applicable law. We will not share this data with any party except under the circumstances described below:

1. With Your Explicit Consent
   
   • If you request a referral to a specialist or a second opinion outside Snoutiq, we may share relevant medical records with the referred provider. Before doing so, we will obtain your affirmative confirmation (e.g., “Yes, share my pet’s records with Dr. X”).
     
2. Authorized Service Providers
   
   • Cloud Storage & Encryption Services: We store your medical records on secure, encrypted cloud servers. These providers have no direct access to unencrypted data.
     
   • Telemedicine Technology Partners: During video consultations, data (audio/video streams, chat logs) may temporarily reside on third-party, HIPAA-compliant telehealth servers; recordings (if permitted) are stored in encrypted form.
     
3. Regulatory Authorities
   
   • If required by law or a court order, we may disclose medical data to animal health regulators, government agencies, or law enforcement. We will notify you unless prohibited by law.
     
4. Emergency Situations
   
   • If your pet’s condition is life-threatening and you are unreachable, we may share necessary medical information with local emergency veterinary hospitals to facilitate immediate care.
     
5. Anonymized or Aggregated Data
   
   • We may use de-identified, aggregated medical data (stripped of personal identifiers) for research, analytics, or to improve Snoutiq’s services. Individual pets cannot be re-identified from that data.
     

5. Your Rights Regarding Medical Data

You have the following rights concerning the medical data Snoutiq collects and processes:

1. Right to Access
   
   • You may request a copy of your pet’s medical records, consultation notes, prescriptions, and any diagnostic results stored on Snoutiq. To do so, email [email protected] with the subject “Medical Data Access Request.” We will respond within thirty (30) days.
     
2. Right to Rectification
   
   • If you believe any medical data is inaccurate or incomplete (e.g., incorrect dosage, mis-entered allergy), you may request correction. Submit your request via Snoutiq’s in-App messaging or to [email protected]. We will verify and, if validated, correct the records within fifteen (15) days.
     
3. Right to Restrict or Withdraw Consent
   
   • You may withdraw this Consent at any time for future processing. However:
     
     • Withdrawal does not affect data processed before you withdrew consent.
       
     • We may continue to retain data if necessary to comply with legal obligations (e.g., veterinary record-keeping laws) or to defend legal claims.
       
   • To withdraw consent, contact [email protected] with “Withdraw Medical Data Consent” in the subject line. We will confirm receipt and log your request.
     
4. Right to Erasure (“Right to be Forgotten”)
   
   • You may request deletion of your pet’s medical records from our active systems. We will honor this request unless:
     
     • We need to retain records for legal or regulatory compliance (e.g., mandatory retention for seven years).
       
     • We need data to investigate or defend against a legal claim.
       
     • Deleting the data would impair continuity of care (e.g., ongoing treatment plans).
       
   • If deletion is permitted, we will remove records from active systems within thirty (30) days. Backups may be retained for a reasonable period (up to 90 days) before secure erasure.
     
5. Right to Data Portability
   
   • You may request a machine-readable copy (e.g., PDF or standardized health-record format) of your pet’s medical data for transfer to another platform or offline storage. We will provide this within thirty (30) days of your request to [email protected].
     
6. Right to Object to Processing
   
   • You may object to any processing of your pet’s data that is not strictly necessary for providing the requested veterinary services (e.g., marketing or research uses). We will cease such processing unless we have a compelling legal basis (e.g., legal requirement to retain certain records).
     
7. Right to Lodge a Complaint with a Supervisory Authority
   
   • If you believe we have violated applicable data protection laws or your rights herein, you may contact our Data Protection Officer (see Section 10) or file a complaint with the relevant authority (e.g., local data protection agency).
     

6. Retention & Secure Storage

1. Retention Period
   
   • We retain medical records (consultation notes, prescriptions, diagnostic results) for a minimum of seven (7) years from the date of the last consultation, as required by veterinary professional standards and Indian record-keeping regulations.
     
   • After seven years, records are anonymized or securely deleted unless needed for ongoing treatment or legal obligations.
     
2. Security Measures
   
   • All medical data is encrypted at rest using AES-256 encryption. Data in transit (e.g., between your device and our servers) is protected with TLS 1.2+ encryption.
     
   • Access controls: Only licensed veterinarians, authorized veterinary staff, and designated Thinktail personnel with a “need-to-know” basis can access unencrypted medical records.
     
   • Regular security audits, vulnerability assessments, and penetration tests are conducted to ensure our systems comply with industry best practices.
     
   • We employ multi-factor authentication (MFA) for veterinary logins and privileged staff accounts.
     

7. Data Sharing & Third-Party Disclosures

1. Internal Veterinary Team
   
   • Veterinarians and clinical staff who treat your pet can access medical records to ensure safe, informed care. All personnel are bound by confidentiality and professional ethics.
     
2. Telemedicine Providers
   
   • When you book a teleconsultation, an encrypted video call is facilitated by a third-party telehealth SDK. Audio/video streams are not stored unless you explicitly grant permission to record. Any stored recordings remain encrypted and accessible only to you and the treating veterinarian.
     
3. Third-Party Diagnostic Labs
   
   • If your veterinarian orders laboratory tests via a partner lab, we may securely share relevant sample identifiers and shipping information. Results returned from the lab are imported into your Snoutiq file for veterinarian review. We only transmit data necessary to fulfill the test.
     
4. Shipping Partners (for Sample Transport)
   
   • If you order diagnostic kits or send in blood/urine samples, we share minimal pet and owner information (name, address, phone) with the shipping partner strictly for pickup and delivery of samples under proper cold-chain conditions. No medical test data is shared with the courier.
     
5. Emergencies & Legal Requirements
   
   • In life-threatening emergencies (e.g., anaphylactic reaction), we may share medical data with an emergency clinic or veterinarian near you if you cannot provide guidance. We will inform you afterward when feasible.
     
   • If required by court order, law enforcement, or regulatory mandate, we will disclose medical data to the requesting authority. We document all disclosures and attempt to notify you in advance unless legally prohibited.
     

8. How to Grant & Withdraw Consent

1. Granting Consent
   
   • When you first attempt to submit any medical data (e.g., before booking a teleconsultation, uploading pet health records), Snoutiq will display a prompt summarizing this Consent. You must click “I Agree” to proceed.
     
   • If you decline, you will not be able to complete any process requiring medical data (such as booking a consultation or uploading medical records). You may still use the Platform for non-medical functions (e.g., browsing products).
     
2. Withdrawing Consent
   
   • At any time, you may withdraw your consent for future medical data processing by:
     
     • Navigating to Account Settings > Privacy & Consent in the Snoutiq app and toggling off “Consent to Process Medical Data.”
       
     • Emailing [email protected] with the subject line “Withdraw Medical Data Consent.”
       
   • Upon receipt, we will:
     
     • Cease any new medical data collection or processing.
       
     • Prompt you to export any existing records you wish to keep.
       
     • Retain essential data for legal, regulatory, or professional obligations but will disable your account’s ability to book new consultations.
       
     • Confirm withdrawal via email within seven (7) business days.
       

9. Risks of Withdrawing Consent

1. Impact on Care
   
   • If you withdraw consent, veterinarians cannot access your pet’s prior medical history on Snoutiq. This may hinder accurate diagnosis and treatment planning.
     
   • Certain features (e.g., teleconsultation, automatic prescription filling, appointment reminders) will be disabled.
     
2. Emergency Situations
   
   • In a veterinary emergency, lack of access to your pet’s medical records may delay critical interventions. We recommend maintaining minimal essential data at all times.
     

10. Contact Information & Complaints

Data Protection Officer
If you have questions, concerns, or wish to exercise any rights described in this Consent, please contact our Data Protection Officer (DPO):

Data Protection Officer  

Thinktail Global Pvt. Ltd. (Snoutiq)  
Plot No. 20, Block H-1/A, Sector-63  
Noida-201301, Uttar Pradesh, India  
Email: [email protected]  
Phone: +91-120-XXXXXXX (Mon–Fri, 10:00 AM–5:00 PM IST)  

1. Filing a Complaint
   
   • If you believe we have violated this Consent or applicable data protection laws, you may:
     
     1. Submit a written complaint to the DPO at [email protected]. We will acknowledge within five (5) business days and aim to resolve within forty-five (45) days.
        
     2. File a complaint with the relevant supervisory authority (e.g., state or national data protection commission) if you remain unsatisfied with our response.
        

11. Amendments to This Consent

We may update this User Consent for Medical Data when necessary (e.g., changes in law, new features, improved security measures). If we make material revisions, we will:

1. Post the updated Consent on Snoutiq with an updated “Last Updated” date.
   
2. Send an email notification to all Registered Users at least seven (7) days before changes take effect.
   

Your continued submission of medical data or booking new consultations after the effective date of any revision will constitute acceptance of the updated Consent.

By clicking “I Agree” (or submitting any medical data), you confirm that you have read, understood, and consent to the terms set forth in this User Consent for Collection & Processing of Medical Data.