Data Processing Agreement & Service Commitment
1. Data Processing Agreement (DPA)
This Data Processing Agreement (“DPA”) is entered into between Thinkwide Digital Health Pvt. Ltd. and the Customer, subject to the terms of the Principal Agreement(s). The DPA governs how Thinkwide processes personal data on behalf of the Customer and complements the principal service agreements already in place. (thinkwide.in)
The Customer, as the data controller, appoints Thinkwide as the data processor for personal data defined in the Schedule(s) and the Principal Agreement(s). Each party agrees to perform its data protection obligations in accordance with applicable law. Key definitions such as “controller”, “processor”, “personal data”, and “data subject” have the meanings set out under applicable data protection laws.
2. Data Ownership & Controller / Processor Roles
- All patient, billing, financial, clinical, and operational data collected, stored, or processed by ThinkLab remains the exclusive property of the Customer / Diagnostic Centre.
- Thinkwide acts as a Data Processor with access only for service delivery.
- Thinkwide does not claim ownership over customer data and does not use it beyond the purposes of providing agreed services.
3. Data Security, Backup & Recovery
Backup Frequency: ThinkLab performs automated daily backups of all transactional, financial, and clinical records to secure cloud infrastructure.
Recovery Targets:
- Minor failures: Recovery within 4–8 working hours.
- Major server issues: Recovery within 24 hours.
- Catastrophic disruption: Recovery within 48 hours
Data Loss Responsibility: Thinkwide holds responsibility for recovery from system or infrastructure-level failures. However, negligible isolated record inconsistencies resulting from user actions, credential misuse, or external connectivity issues are outside Thinkwide liability.
4. System Availability, Support & Emergency Response
Thinkwide provides dedicated support for ThinkLab, including troubleshooting, issue resolution, and emergency assistance. Support channels and contact procedures are as per the official support section of the website.
Issue Response & Resolution Standards:
- Response time: Within 30 minutes
- Troubleshooting start: Within 1 hour
- Resolution target: 4–6 hours for critical systems, especially billing and core operations
Support Hour
- Support services are available as defined in the support terms; in critical situations, support may be provided beyond regular hours. (For full details of support terms, response protocols, and contact procedures, visit the Thinkwide’s Terms of Support Page).
(For full details of support terms, response protocols, and contact procedures, visit the Thinkwide’s Terms of Support Page).
| Escalation Level | Role | Responsibility | Trigger Point (If unresolved) |
|---|---|---|---|
| Level 1 | Support Executive | First point of contact; basic troubleshooting and ticket logging. | Initial contact to 1 hour |
| Level 2 | Technical Lead | Deep-dive technical analysis; database and server-side checks. | 2 hours without resolution |
| Level 3 | Senior Technical Head | Infrastructure-level fixes and complex bug resolution. | 4 hours (Critical) / 24 hours (Standard) |
| Level 4 | Management Escalation | Strategic oversight, compliance issues, and service recovery updates. | 48 hours or Breach of SLA |
Critical outages or billing interruptions receive highest priority.
5. Service Level Commitment (SLA)
- ThinkLab maintains a 99% uptime commitment annually, barring scheduled maintenance.
- Billing-related issues are treated as Critical Priority (P1) with expedited support.
- Scheduled maintenance windows will be communicated in advance.
6. Data Retention & Storage Policies
| Data Type | Retention Period |
|---|---|
| Financial Data | Up to 10 Years |
| Clinical Data | As per subscription & compliance |
| Reports | Up to 3 Years (Subscription Dependent) |
| Historical Data | Up to 2 Years (Subscription Dependent) |
| Activity Logs | Up to 180 Days |
| Machine Data | Up to 60 Days |
Extended storage may require subscription upgrade or additional charges.
7. Exit & Data Handover
Upon termination or expiration of agreements:
- Data export is available upon written request.
- Typical export preparation timeline: 7–15 working days
- Standard export remains in: Excel (.xlxs), CSV, PDF (Reports)
Transition support is provided, advanced migration assistance may incur service charges.
8. Bug Fixes vs. Enhancements
Bug Fixes (Included):
| Bug Fixes | Enhancement Requests |
|---|---|
| System errors | New features |
| Billing miscalculations | Workflow customizations |
| Report generation issues | UI changes |
| Security vulnerabilities | Third-party integrations |
*Bug fixing are resolved without additional charges but Enhancement requests may be chargeable.
9. Personal Data Breach & Notifications
In the event of a confirmed personal data breach, Thinkwide will:
- Notify the Customer promptly
- Provide cooperation and support to fulfill reporting duties under applicable laws
10. Security Measures & Sub-processors
Thinkwide implements organizational and technical security measures, including access controls, encryption, monitoring systems, security updates, employee training, and secure authentication protocols. Sub-processors may be engaged under strict data protection conditions, and Customers retain the right to object to new sub-processor arrangements.
11. Customer Responsibilities
The Customer is responsible for:
- Ensuring authorized use of login credentials
- Maintaining confidentiality of user accounts
- Verifying correctness of data entered into the system
- Ensuring adequate internet connectivity and infrastructure at their premises
- Compliance with applicable regulatory reporting obligations
Thinkwide shall not be liable for issues arising due to Customer-side misuse, unauthorized credential sharing, or infrastructure limitations.
12. Cooperation with Data Subject Rights
Thinkwide will assist Customers in responding to data subject rights requests (access, rectification, erasure, portability etc.) to the extent requested and compliant with applicable law.
13. Liability, Audit, and Legal Terms
Claims related to data protection are subject to limitations in the Principal Agreement. Thinkwide supports audits and may provide summary reports of third-party audit findings as requested under confidentiality constraints.