top of page
India Care Desk - Wht BCK Logo.png

INDIA CARE DESK

Privacy Policy

Last updated: [6th February 2026]

This Privacy Policy explains how India Care Desk, operated by Kim Piessen Zorg (“we”, “us”, “our”), collects, uses, stores, accesses, and protects personal data.

This Policy is aligned with the India Care Desk Terms and Conditions and applies to all individuals who access our website, purchase a membership, or otherwise interact with our services (“Clients”).

India Care Desk is a non-clinical medical concierge service.

For the avoidance of doubt, we do not provide medical care and we do not process medical data for clinical purposes.

1. Data Controller Identification

India Care Desk is operated by:

Kim Piessen Zorg
Registered in the Netherlands
KvK (Chamber of Commerce) Number: 89276043
VAT (BTW) Number: NL004732671B92

For the purposes of the General Data Protection Regulation (GDPR), India Care Desk is the data controller within the meaning of Article 4(7) GDPR.

India Care Desk determines the purposes and means of processing personal data collected through its website, forms, communications, and services.

Privacy-related requests may be submitted via the contact details provided on our website.

2. Scope of This Privacy Policy

 

This Privacy Policy applies to:

  • Visitors to the India Care Desk website

  • Clients who purchase or use a membership

  • Individuals who communicate with us via email, telephone, WhatsApp, VoIP services, or online forms
     

This Policy does not apply to third-party websites, medical providers, diagnostic centres, or services accessed independently by Clients.

 

 

3. Categories of Personal Data We Process

 

We process only the minimum personal data necessary to provide our non-clinical concierge and coordination services.

3.1 Identity & Contact Data

  • Full name

  • Nationality

  • Country of residence

  • Email address

  • Telephone number
     

3.2 Membership & Administrative Data

  • Membership plan type

  • Membership start and end dates

  • Payment confirmation status
    (No credit card or bank details are stored by us.)
     

3.3 Service Coordination & Communication Data

  • Email correspondence

  • WhatsApp messages

  • Call logs and call summaries
    (Call recordings are not stored.)
     

3.4 Technical & Usage Data

  • IP address

  • Browser and device information

  • Website usage data (via cookies where applicable)
     

 

4. Special Category Data (Health-Related Information)

 

India Care Desk does not require, request, or process medical or health data.

If a Client voluntarily shares health-related information:

  • Such information is processed only to facilitate communication or coordination at the Client’s request

  • Sharing is entirely optional

  • No medical assessment, interpretation, or clinical storage is performed
     

Clients remain solely responsible for deciding whether to share any health-related information.

 

 

5. Purposes and Legal Bases for Processing

 

Personal data is processed solely for the following purposes and legal bases under GDPR:

  • Purpose - Legal Basis

  • Provision of concierge services - Performance of a contract

  • Client communication - Performance of a contract / Legitimate interest

  • Membership administration - Legal obligation

  • Customer support - Legitimate interest

  • Legal and regulatory compliance - Legal obligation

  • Website functionality - Legitimate interest / Consent

  • Personal data shall not be processed for purposes incompatible with the above.

 

 

6. Systems Used & Data Storage

 

Personal data is stored and processed using:

  • Zoho (servers located within the European Union) for client correspondence and administration

  • Telephone, WhatsApp, and VoIP services (including Exotel) for operational communication
     

We do not control how third-party communication platforms process data once communication occurs through their services.

7. Use of Offshore Processing & Access

To deliver its services efficiently, India Care Desk may allow authorised personnel or service providers located outside the European Union, including in India, to access and process personal data on its behalf for administrative, coordination, and customer support purposes.

Such personnel and service providers:

  • Act exclusively as data processors

  • Process personal data solely on the documented instructions of India Care Desk

  • Do not process data for their own purposes
     

India Care Desk remains fully responsible for all processing carried out on its behalf.

 

 

8. Safeguards for International Data Transfers

 

Where personal data is accessed or processed outside the European Union, India Care Desk ensures appropriate safeguards in accordance with Articles 44–49 GDPR, including:

  • European Commission–approved Standard Contractual Clauses (SCCs)

  • Contractual data protection and confidentiality obligations imposed on processors

  • Role-based access controls

  • Appropriate organisational and technical security measures
     

India Care Desk remains fully accountable for the protection of personal data processed on its behalf.

 

 

9. Data Sharing & Disclosure

 

India Care Desk follows a strict no data sharing policy.

We do not sell, rent, share, or disclose personal data to:

  • Hospitals or clinics

  • Diagnostic centres

  • Travel partners

  • Hotels

  • Marketing or advertising partners
     

Personal data may be disclosed only:

  • Where legally required by competent Dutch or EU authorities

  • In response to a valid court order or statutory obligation
     

10. Data Retention

 

Personal data is retained only for as long as necessary to:

  • Fulfil contractual obligations

  • Comply with legal, tax, and regulatory requirements

  • Resolve disputes
     

After the applicable retention period, data is securely deleted or anonymised.

 

11. Data Security Measures

 

We implement appropriate technical and organisational measures to protect personal data, including:

  • Access controls and authentication measures

  • Secure systems and credentials

  • Internal access limited on a strict need-to-know basis
     

Despite these measures, no system can guarantee absolute security.

 

 

12. Data Subject Rights (GDPR)

 

Clients have the following rights under the GDPR:

  • Right of access

  • Right to rectification

  • Right to erasure (where legally permissible)

  • Right to restriction of processing

  • Right to object to processing

  • Right to data portability

  • Right to withdraw consent (where applicable)
     

All requests relating to personal data are handled directly by India Care Desk, irrespective of where the data is processed.

Requests may be submitted using the contact details provided on our website.

13. Cookies & Website Tracking

 

Our website may use essential and functional cookies to ensure proper operation.

Where required by law, cookie consent will be requested. Detailed information is provided in the separate Cookie Policy available on our website.

 

 

14. Complaints & Supervisory Authority

 

Clients have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if they believe their personal data has been processed unlawfully.

 

 

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The most current version will always be available on our website.

Continued use of our services after changes constitutes acceptance of the updated Privacy Policy.

 

 

16. Acceptance

 

By purchasing a membership, using our services, or interacting with India Care Desk, you acknowledge that you have read and understood this Privacy Policy.

bottom of page