Last Updated: July 4, 2026
This notice is provided under India's Digital Personal Data Protection Act, 2023 (the "DPDP Act") and the rules made under it. It explains how Mission Mad, as a Data Fiduciary, collects and processes your digital personal data, and the rights you have as a Data Principal.
Mission Mad is operated by [LEGAL ENTITY NAME], a company incorporated in India with its registered office at [REGISTERED OFFICE ADDRESS] ("Mission Mad", "we", "us"). We determine the purpose and means of processing your personal data and are the Data Fiduciary responsible for it.
We process your personal data on the basis of the consent you provide at registration (or as otherwise permitted as a "legitimate use" under the DPDP Act), for these purposes only:
We share your data with the verified hospital you engage (to provide your care), and with Data Processors who operate our platform under written contracts (hosting, communications, and payments). We do not sell your personal data. We disclose data to authorities only where required by law.
We keep your personal data only for as long as needed for the purposes above or as required by applicable medical-records and tax laws, after which it is deleted or irreversibly anonymised. If you withdraw consent and no legal obligation requires retention, we will erase your personal data.
Under the DPDP Act you have the right to:
Our services are intended for individuals aged 18 and above. We do not knowingly process the personal data of children without verifiable parental/guardian consent as required by the DPDP Act.
We apply reasonable security safeguards including encryption in transit, access controls, tenant isolation, and audit logging to protect your data, and will notify you and the Data Protection Board of a personal data breach as required by law.
To exercise your rights or raise a concern, contact our Grievance Officer:
We will acknowledge and respond to your request within the timelines prescribed under the DPDP Act.
Draft — action required before publishing: replace every [BRACKETED] placeholder with your registered entity, address, and a named Grievance Officer, and have this notice reviewed by legal counsel for DPDP compliance.