Health Data Agreement

Last updated: June 2026

1. What is Health Data

For the purposes of this agreement, health data includes: diagnostic test results, medical reports, health metrics extracted from reports (e.g. blood glucose, haemoglobin), booking history, and any other information that relates to your physical health status.

2. Your Consent

By creating an account and ticking the consent checkbox, you explicitly consent to Co-Labs collecting, storing, and processing your health data for the purposes described below. This consent is required to use the platform and can be withdrawn at any time by contacting us.

3. Permitted Uses

We process your health data only to: (a) deliver your diagnostic reports, (b) populate your health locker and trend charts, (c) send you reminders and health insights relevant to your bookings, and (d) improve platform algorithms for report extraction — using anonymised, aggregated data only.

4. Prohibited Uses

We will never: sell your health data to insurers, employers, or advertisers; use your health data for credit scoring; or share identifiable health data with any third party beyond the lab fulfilling your booking.

5. Security Measures

Health data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is restricted to authorised personnel on a need-to-know basis. All data processors are bound by data processing agreements.

6. Withdrawing Consent

You may withdraw consent and request deletion of your health data by emailing privacy@co-labs.in. Deletion of health data will be completed within 30 days, subject to legal retention requirements.

7. Applicable Law

This agreement is governed by the Digital Personal Data Protection Act 2023 (India) and applicable health data regulations. We comply with DPDPA requirements for processing sensitive personal data.