Call Now +91 87075 04822 Book Appointment
Legal Document

Privacy Policy

Last updated: January 2026. Your privacy is our priority.

1. Introduction

At The Crown Multispeciality Dental Clinic & Implant Center (“The Crown,” “we,” “us,” or “our”), we are deeply committed to protecting the privacy and personal data of our patients and website visitors. This Privacy Policy explains in clear, plain English how we collect, use, share, and safeguard your information when you visit our website, schedule appointments, or receive dental treatment at our clinic in Kanpur.

This policy is prepared in compliance with the Digital Personal Data Protection Act, 2023 (DPDPA 2023) of India, the Information Technology Act, 2000, and applicable Indian medical record regulations. The data controller for your personal information is Dr. Apurva Chaturvedi and Dr. Priyanka Chaturvedi, operating from our clinic at O Block 133/105, Marble Market, Site No. 1, Kidwai Nagar, Kanpur, Uttar Pradesh 208011, India. By using our website or services, you agree to the practices described in this policy.

2. Information We Collect

To provide you with the highest quality dental care and seamless service, we collect the following categories of information:

Personal Identification Information

When you book an appointment, fill out forms, or contact us, we collect your full name, phone number, email address, residential address, age, gender, and government-issued ID (Aadhaar/PAN) when required for insurance processing or identity verification.

Medical and Dental Information

As part of your dental treatment, we maintain detailed records including dental and medical history, current conditions and symptoms, diagnostic X-rays (intraoral, panoramic, and CBCT scans), treatment plans, prescriptions, clinical photographs for treatment documentation and progress tracking, consent forms, and follow-up notes. This information is essential for safe and effective treatment.

Technical Information

When you visit our website, we automatically collect technical data including your IP address, browser type and version, device information, operating system, referring URLs, pages visited, time spent on pages, and cookies/tracking data through Google Analytics. This helps us improve our website experience and diagnose technical issues.

Payment Information

For billing purposes, we collect billing names, addresses, transaction IDs, and payment dates. Important: Credit/debit card details and UPI credentials are never stored on our servers — they are processed securely by PCI-DSS compliant third-party payment processors who maintain the highest security standards.

3. How We Use Your Information

We use your personal data only for legitimate, lawful purposes directly related to your care and our services:

  • Provide professional dental treatment and related healthcare services
  • Schedule, confirm, and manage your appointments (via SMS, WhatsApp, email, or phone)
  • Communicate with you about your treatment, follow-ups, test results, and prescription refills
  • Send appointment reminders, pre-visit instructions, and post-treatment care guidance
  • Process payments, generate invoices, and handle insurance/TPA claim processing
  • Maintain medical records as required by Indian medical regulations and dental council guidelines
  • Improve our services through anonymized analysis of treatment outcomes and patient feedback
  • Send marketing communications, health tips, and clinic updates — only with your explicit consent, and you may opt out anytime
  • Comply with legal obligations, respond to lawful requests from government authorities, and protect our legal rights

5. Data Sharing and Disclosure

We never sell, rent, or trade your personal data to any third party for marketing purposes. However, we may share your information only in the following limited circumstances:

  • Treating doctors and dental staff within The Crown who are directly involved in your care
  • Accredited dental laboratories for prosthetic work (crowns, bridges, dentures) under strict confidentiality agreements
  • Insurance companies and Third Party Administrators (TPAs) for claim processing — only the minimum necessary information is shared
  • Government authorities when required by law, court order, or to protect public safety
  • Service providers such as IT support, cloud hosting, payment processors, and email/SMS service providers — all bound by strict data processing agreements and confidentiality obligations

Your trust is sacred to us. We share only the minimum information necessary, always with your best interests and safety in mind.

6. Data Security

We employ industry-leading security measures to protect your personal and medical information against unauthorized access, loss, or misuse:

  • SSL/TLS encryption on our entire website (look for the padlock in your browser address bar)
  • Secure encrypted cloud storage with AES-256 encryption at rest for digital records
  • Hospital-grade automated backup systems with off-site redundancy and disaster recovery protocols
  • Strict access controls — only authorized staff with role-based permissions can access patient data
  • Regular staff training on data protection, patient confidentiality, and IT security best practices
  • Quarterly security audits by independent cybersecurity experts
  • Physical security for paper records stored in locked, fireproof cabinets with restricted access
  • Retention period: Patient records are retained for 5-10 years as required by Indian medical regulations, after which they are securely destroyed

7. Your Rights Under DPDPA 2023

As a data principal under Indian law, you have the following rights regarding your personal data:

Right to Access

You may request a copy of all personal data we hold about you, including your medical records, in a portable, commonly used format.

Right to Correction

You may request correction or updating of any inaccurate, incomplete, or outdated information we hold about you.

Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data, subject to legal retention requirements for medical records that we are obligated to maintain.

Right to Withdraw Consent

For processing based on consent (such as marketing communications), you may withdraw your consent at any time without affecting the lawfulness of prior processing.

Right to Grievance Redressal

You have the right to file a complaint with our Grievance Officer and to escalate unresolved matters to the Data Protection Board of India.

Right to Nominate

You may nominate another individual to exercise your rights in the event of your death or incapacity.

How to exercise your rights: Email privacy@thecrowndental.in with your request. We will verify your identity and respond within 30 days as required by law. There is no fee for reasonable requests.

8. Cookies and Tracking

Our website uses cookies — small text files stored on your device — to enhance your experience. We use the following types:

  • Essential Cookies — Required for core functionality like the appointment booking form, login sessions, and security. These cannot be disabled.
  • Analytics Cookies — Google Analytics helps us understand how visitors use our site (pages visited, time spent) so we can improve it. These are anonymized.
  • No Advertising Cookies — We do not use third-party advertising or retargeting cookies. Your browsing data is never sold to advertisers.

You can disable non-essential cookies in your browser settings at any time. Visit your browser’s help section (Chrome, Firefox, Safari, Edge) for instructions. For Google Analytics specifically, you may install the Google Analytics Opt-out Browser Add-on.

9. Third-Party Services

To provide our services, we use the following trusted third-party providers, each with their own privacy practices:

  • Google Maps — For embedded clinic location maps and directions. See Google’s Privacy Policy.
  • WhatsApp Business — For appointment communication. See WhatsApp’s Privacy Policy.
  • Google Analytics — For anonymized website usage analytics. See Google’s Privacy Policy.
  • Payment Gateway — For secure online payment processing (Razorpay/Stripe). They handle card data per PCI-DSS standards.
  • Hosting Provider — For website and database hosting with servers located in secure data centers.

We recommend reviewing the privacy policies of these third parties to understand their practices. We are not responsible for their independent handling of your data.

10. Children’s Privacy

For patients under 18 years of age, we require the explicit consent of a parent or legal guardian before collecting, processing, or using any personal or medical information. We do not knowingly collect data from children without verifiable guardian consent. Parents and guardians have the right to review their child’s records, request corrections, and withdraw consent for non-essential processing (such as marketing). If you believe we have inadvertently collected data from a child without proper consent, please contact us immediately at privacy@thecrowndental.in.

11. International Data Transfers

Your personal data is primarily stored and processed within India in compliance with DPDPA 2023. However, some of our service providers (such as global cloud hosting or analytics platforms) may process data outside India. In such cases, we ensure:

  • The recipient country has adequate data protection standards recognized by the Indian government
  • Strict contractual data protection clauses are in place with the third party
  • Transfers are limited to the minimum necessary data
  • Equivalent security and privacy safeguards are maintained as required by DPDPA 2023

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will notify you through:

  • Email notification to your registered email address (at least 30 days in advance)
  • A prominent banner on our website homepage
  • Posted notice in our clinic reception area

The “Last Updated” date at the top of this policy will always reflect the most recent revision. Your continued use of our website and services after such changes constitutes your acceptance of the updated policy. If you do not agree with material changes, you have the right to discontinue use of our services and request deletion of your data (subject to legal retention requirements).

13. Grievance Officer & Contact

For any privacy-related questions, concerns, requests, or to exercise your rights under DPDPA 2023, please contact our Grievance Officer:

DetailInformation
NameDr. Apurva Chaturvedi
Emailprivacy@thecrowndental.in
Phone+91 87075 04822
Postal AddressGrievance Officer, The Crown Multispeciality Dental Clinic & Implant Center, O Block 133/105, Marble Market, Site No. 1, Kidwai Nagar, Kanpur, Uttar Pradesh 208011, India
Response TimeWe acknowledge within 7 business days and resolve within 30 days as required by DPDPA 2023

Escalation: If your grievance is not resolved satisfactorily within 30 days, you have the right to escalate to the Data Protection Board of India (DPBI) at www.meity.gov.in.

14. Disclaimer

The information provided on this website is for general informational purposes only and does not constitute medical, dental, or professional advice. While we strive to keep the information up-to-date and accurate, we make no warranties about completeness, reliability, or suitability of the information.

  • Website content should never replace professional dental consultation. Always consult our qualified doctors for diagnosis, treatment, and personalized care.
  • Before/after images and testimonials represent individual results; actual outcomes may vary based on individual circumstances.
  • Links to external third-party websites are provided for convenience only. We do not endorse, control, or take responsibility for the content, privacy practices, or accuracy of any external sites.
  • Emergency situations should not rely on this website — call +91 87075 04822 or visit the clinic directly.

By using our website and services, you acknowledge that you have read, understood, and agreed to this Privacy Policy. If you have any questions, please don’t hesitate to reach out.

I’ve created a comprehensive, authoritative Privacy Policy page for The Crown Multispeciality Dental Clinic that fully complies with India’s DPDPA 2023. Here’s what’s included: **Page Structure (15 sections total):** 1. **Hero (40vh)** — Clean cream background (no parallax/dramatic imagery per legal document convention), “LEGAL” gold-bordered badge with shield icon, “Privacy Policy” H1 (Playfair 48px navy), auto-generated current date subhead, “Download PDF” outline button (uses `window.print()`) 2. **Sticky Table of Contents (right sidebar, desktop only, position:sticky top:100px)** — Gold-bordered card with 14 numbered anchor links, active-state gold highlight on scroll, smooth-scroll behavior, scrollable list 3. **14 Main Privacy Sections:** – **§1 Introduction** — 2 paragraphs (commitment, DPDPA 2023 compliance, data controller) – **§2 Information We Collect** — 4 H3 subsections (Personal ID, Medical/Dental, Technical, Payment) – **§3 How We Use Your Information** — 9-bullet gold ✦ list – **§4 Legal Basis for Processing** — 4-item gold-numbered ordered list – **§5 Data Sharing and Disclosure** — 5-bullet list + Playfair italic blockquote with gold left-border – **§6 Data Security** — 8-bullet list with SSL, encryption, retention periods – **§7 Your Rights (DPDPA 2023)** — 6 H3 sub-rights (Access, Correction, Erasure, Withdraw Consent, Grievance, Nominate) with “how to exercise” + 30-day response – **§8 Cookies and Tracking** — Essential/Analytics/None-advertising + opt-out instructions – **§9 Third-Party Services** — 5 services (Google Maps, WhatsApp, Analytics, Payment, Hosting) with linked policies – **§10 Children’s Privacy** — Under-18 guardian consent – **§11 International Data Transfers** — India-primary with compliant frameworks – **§12 Changes to This Policy** — Notification methods + opt-out rights – **§13 Grievance Officer** — Full contact table (Dr. Apurva, email, phone, address, response times, DPBI escalation) – **§14 Disclaimer** — Informational only, no medical advice, external links not endorsed 4. **Acknowledgment Box** — Dashed gold border, pulsing icon, “I Acknowledge” gold button with shimmer effect (state persists in localStorage) **Styling Features (as specified):** – ✅ Generous line-height 1.75, Inter 16px body, slate gray – ✅ H2 Playfair 28px navy with gold underline accent (3px × 40px) – ✅ H3 Playfair 20px navy with gold ▸ prefix – ✅ Gold ✦ custom bullet points – ✅ Gold circled numbers for ordered lists – ✅ Gold underlined links with `underline-grow` hover effect – ✅ Gold 4px left-border blockquote with italic Playfair – ✅ Gold header row tables with alternating row colors – ✅ Print stylesheet (white bg, black text, no shadows, no nav/footer) – ✅ `prefers-reduced-motion` support **Heavy Animations:** – **Three.js** subtle gold particles in hero – **GSAP + ScrollTrigger** for h2 fade-up reveals per section – **AOS** with subtle fade-up – **Custom JS**: reading progress bar (tracks privacy content), active TOC on scroll, smooth scroll, dynamic last-updated date, back-to-top button (appears after 500px scroll), localStorage acknowledgment persistence, print functionality – **CSS animations**: legal badge fade, acknowledgment pulse, back-to-top slide, gold shimmer button **Page also includes:** – Floating WhatsApp button (bottom-left, with pulsing gold ring) – 4-column navy footer – Print stylesheet for clean PDF export – Mobile responsive (sidebar TOC hidden on mobile, stacked layout)