Legal

Privacy Policy

Last updated: March 2026

1. Introduction

OneHealth ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and services.

2. Information We Collect

We may collect the following types of information:

  • Personal identification information — name, email address, phone number, NIC/passport number.
  • Professional information (for doctors) — SLMC registration number, specialisation, clinic details.
  • Health information — medical records, appointment history, medication information, and consultation notes shared within the platform.
  • Usage data — pages visited, features used, device type, and IP address.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the OneHealth platform.
  • Facilitate communication between doctors and patients.
  • Process appointments and manage health records.
  • Send service-related notifications and updates.
  • Improve our platform and develop new features.
  • Comply with legal obligations.

4. Sharing of Information

We do not sell your personal information. We may share your information with:

  • Healthcare providers — doctors and their practice staff as necessary to deliver care.
  • Service providers — third-party vendors who assist in operating our platform (e.g. cloud hosting, payment processing), bound by confidentiality agreements.
  • Legal authorities — when required by law or to protect the rights and safety of our users.

5. Data Security

We implement industry-standard security measures including encryption in transit and at rest, access controls, and regular security audits to protect your data. However, no method of transmission over the internet is 100% secure.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services, comply with legal obligations, and resolve disputes.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data, subject to legal requirements.
  • Withdraw consent at any time where processing is based on consent.

8. Cookies

Our website uses cookies to improve your browsing experience and analyse site traffic. You can control cookie settings through your browser preferences.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page with an updated date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at hello@onehealth.lk.