Plus Health Tech Ventures Private Limited (“Company”, “we” or “us”) owns and operates the mobile application ‘ayu.health’ (“Website”). This Privacy Policy (“Privacy Policy”) explains how the Company collects, uses, shares, discloses and protects the Users of the Website, including the partnered Hospitals and Practitioners (as defined in the Terms of Use) and the Users (referred to as “You” or “Users” or individually “User” in this Privacy Policy, as defined in the Terms of Use). We created this Privacy Policy to demonstrate our commitment to the protection of Your privacy and Your personal information. Your use of and access to the Website is subject to this Privacy Policy and our Terms of Use. Any capitalized term used but not defined in this Privacy Policy shall have the meaning attributed to it in our Terms of Use.
BY CONFIRMING THAT YOU ARE BOUND BY THIS PRIVACY POLICY (BY THE MEANS PROVIDED ON THIS WEBSITE OR APP), BY USING THE SERVICES OR BY OTHERWISE GIVING US YOUR INFORMATION, YOU AGREE TO THE POLICIES AND PRACTICES OUTLINED IN THIS PRIVACY POLICY AND YOU HEREBY CONSENT TO OUR COLLECTION, USE AND SHARING OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY.WE RESERVE THE RIGHT TO CHANGE, MODIFY, ADD OR DELETE PORTIONS OF THE TERMS OF THIS PRIVACY POLICY, AT OUR SOLE DISCRETION, AT ANY TIME. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY AT ANY TIME, DO NOT USE THE WEBSITE OR GIVE US ANY OF YOUR INFORMATION. IF YOU USE THE WEBSITE ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD) OR AN ENTITY (SUCH AS YOUR EMPLOYER), YOU REPRESENT THAT YOU ARE AUTHORISED BY SUCH INDIVIDUAL OR ENTITY TO (I) ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF, AND (II) CONSENT ON BEHALF OF SUCH INDIVIDUAL OR ENTITY TO OUR COLLECTION, USE AND DISCLOSURE OF SUCH INDIVIDUAL’S OR ENTITY’S INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY. YOU AGREE AND ACKNOWLEDGE THAT THIS WEBSITE DOES NOT PROVIDE MEDICAL ADVICE OR INFORMATION SHARED ON THE WEBSITE CANNOT BE CONSIDERED MEDICAL ADVICE OR ANY ALTERNATE TO MEDICAL ADVICE. THE WEBSITE IS A PLATFORM TO ONLY FACILITATE APPOINTMENT BOOKINGS WITH PARTNERED HOSPITALS.
1.1. This Privacy Policy is published in compliance with, inter alia: (i) Section 43A of the Information Technology Act, 2000; (ii) Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPDI Rules”); (iii) Regulation 3(1) of the Information Technology (“Intermediaries Guidelines”) Rules, 2011.
1.2. This Privacy Policy states the following: (i) The type of information collected from the Users, including Personal Information (as defined in paragraph 2 below) and Sensitive Personal Data or Information (as defined in paragraph 2 below) relating to an individual; (ii) Purpose, means and modes of collection, usage, processing, retention and destruction of such information; and (iii) How and to whom the Company will disclose such information.
2.1 The nature of services provided (“Services”) provided by the Company and/or Website require us to know who you are so that we can best meet your needs. When you access the Services, We may ask you to voluntarily provide us with certain information that personally identifies you or could be used to personally identify you. You hereby consent to the collection of such information by the Company. Without prejudice to the generality of the above, information collected by us from you may include (but is not limited to) the following: (i) contact data (such as your email address and phone number); (ii) demographic data (such as your gender, your date of birth and your pin code); (iii) data regarding your usage of the services and history of the appointments made by or with you through the use of Services; (iv) History of health issue and present health issues; (v) insurance data, such as your insurance carrier and insurance plan; (vi) other information that you voluntarily choose to provide to us (such as information shared by you with us through emails or letters.
2.2 The information collected from you by the Company may constitute ‘personal information’ or ‘sensitive personal data or information’ under the SPDI Rules.
2.3 “Personal Information”is defined under the SPDI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, can identify such person.
2.4 The SPDI Rules further define “Sensitive Personal Data or Information” of a person to mean personal information about that person relating to: (i) passwords; (ii) financial information such as bank accounts, credit and debit card details or other payment instrument details; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) biometric information; (vii) information received by body corporate under lawful contract or otherwise; (viii) visitor details as provided at the time of registration or thereafter; and (ix) call data records.
2.5 Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be regarded as personal information or sensitive personal data or information.
3.1 An indicative list of information that the Company may require you to provide to enable your use of the Services is provided in the Schedule 1 annexed to this Privacy Policy.
3.2 Accordingly, a condition of each User’s use of and access to the Services is their acceptance of the Terms of Use, which also involves acceptance of the terms of this Privacy Policy. Any User that does not agree with any provisions of the same has the option to discontinue the Services provided by the Company immediately.
3.3 All the information provided to the Company by a User, including Personal Information or any Sensitive Personal Data or Information, is voluntary. You understand that the Company may use certain information of yours, which has been designated as Personal Information or ‘Sensitive Personal Data or Information’ under the SPDI Rules, (a) for the purpose of providing you the Services, (b) for commercial purposes and in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, (c) for sale or transfer of such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates (d) for communication purpose so as to provide you a better way of booking appointments and for obtaining feedback in relation to the Practitioners and their practice, (e) debugging customer support related issues, (f) for the purpose of contacting you to complete any transaction if you do not complete a transaction after having provided us with your contact information in the course of completing such steps that are designed for completion of the transaction. The Company also reserves the right to use information provided by or about the User for the following purposes: (i) Contacting Users for offering new services. (ii) Contacting Users for taking service feedback. (iii) Analyzing software usage patterns for improving Services and utility. (iv) Analyzing anonymized practice information for commercial use.
3.4 If you have voluntarily provided your Personal Information to the Company for any of the purposes stated above, you hereby consent to such collection and use of such information by the Company. However, the Company shall not contact you on your telephone number(s) for any purpose including those mentioned in this sub- section 4.1(iii), if such telephone number is registered with the Do Not Call registry (“DNC Registry”), without your express and clear written consent.
3.5 Collection use and disclosure of information which has been designated as Personal Information or Sensitive Personal Data or Information’ under the SPDI Rules requires your express consent. By affirming your assent to this Privacy Policy, you provide your consent to such use, collection and disclosure as required under applicable law.
3.6 The Company does not control or endorse the content, messages or information found in any Services and, therefore, the Company specifically disclaims any liability with regard to the Services and any actions resulting from your participation in any Services, and you agree that you waive any claims against the Company relating to same, and to the extent such waiver may be ineffective, you agree to release any claims against the Company relating to the same.
3.7 You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of account registration. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on our member information page or by contacting us through email on contact@ayu.health. We will make reasonable efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or the Company has reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, the Company may, at its sole discretion, discontinue the provision of the Services to you. There may be circumstances where the Company will not correct, delete or update your Personal Data, including (a) where the Personal Data is opinion data that is kept solely for evaluative purpose; and (b) the Personal Data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
3.8 If you wish to cancel your account or request that we no longer use your information to provide you Services, contact us through email on contact@ayu.health. We will retain your information for as long as your account with the Services is active and as needed to provide you the Services. We shall not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. After a period, your data may be anonymized and aggregated, and then may be held by us if necessary for us to provide our Services effectively, but our use of the anonymized data will be solely for analytic purposes. Please note that your withdrawal of consent, or cancellation of account may result in the Company being unable to provide you with its Services or to terminate any existing relationship the Company may have with you.
3.9 If you wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the Services, please send us an email at contact@ayu.health.
3.10 The Company may require the User to pay with a credit card, wire transfer, debit card or cheque for Services for which subscription amount(s) is/are payable. The Company will collect such User’s credit card number and/or other financial institution information such as bank account numbers and will use that information for the billing and payment processes, including but not limited to the use and disclosure of such credit card number and information to third parties as necessary to complete such billing operation. Verification of credit information, however, is accomplished solely by the User through the authentication process. User’s credit- card/debit card details are transacted upon secure sites of approved payment gateways which are digitally under encryption, thereby providing the highest possible degree of care as per current technology. However, the Company provides you an option not to save your payment details. User is advised, however, that internet technology is not full proof safe, and User should exercise discretion on using the same.
3.11 To have access to all the features and benefits on the Website, a User must first create an account on the Website. To create an account, a User is required to provide the following information which such User recognizes and expressly acknowledges is personal information allowing others, including the Company, to identify the User: name, User ID, email address, address, date of birth, gender, phone number and password chosen by the User. Other optional information may be requested on the registration page. We may, in future, include other optional requests for information from the User to help us to customize the Services to deliver personalized information to the User. However, we assume your consent in relation to various matters, once you complete the registration process.
3.12 The Services may enable a User to communicate with other Users or to post information to be accessed by others, whereupon other Users may collect such data. Such Users, including any moderators or administrators, are not authorized representatives or agents of the Company, and their opinions or statements do not reflect those of the Company and they are not authorized to bind the Company to any contract. The Company hereby expressly disclaims any liability for any reliance or misuse of such information that is made available by Users or visitors in such a manner.
3.13 The Company may periodically ask users to complete surveys asking about their experiences with features of the Website and Services. Our surveys may ask visitors for demographic information such as age, gender, and education. We use survey information for evaluation and quality improvement purposes, including helping the Company to improve information and services offered. In addition, users giving feedback may be individually contacted for follow-up due to concerns raised during such evaluation. Demographic information and log data may be stored for future evaluation and quality improvement activities.
3.14 Comments or questions sent to us using email or secure messaging forms will be shared with our employees and partnered hospitals who are most able to address the comment or question. We will archive your messages once we have made our best effort to provide you with a complete and satisfactory response.
3.15 Users using the Website by registering and creating an account provide information regarding your name, mobile number, email address, and such other information as requested on the page. This is to enable us to provide Users with the facility to use the account to book appointments and store other health related information. The Company hereby reserves the right to not provide you the Services for which such Personal Information is sought. Such records are dealt with only in accordance with this Privacy Policy.
3.16 If you are using the Website, with your permission, we will use the geolocation feature of your mobile device. When you download and use the Website, we automatically collect information on the type of device you use, operating system version, and the device identifier. The Company will not share your location information with other any third party. It is to merely provide automated location- based Hospital listings. You may opt out of location-based services on your mobile phone by changing the relevant/applicable setting at your device level.
3.17 The Company has implemented best international market practices and security policies, rules and technical measures to protect the personal data that it has under its control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss. However, for any data loss or theft due to unauthorized access to the User’s electronic devices through which the User avails the Services, the Company shall not be held liable for any loss whatsoever incurred by the User.
3.18 The Company implements reasonable security practices and procedures and has a comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of the Company’s Business.
3.19 The Company considers the Users right to privacy seriously and other than as specifically stated in this Privacy Policy, will only disclose your Personal Information in the event it is required to do so by law, rule, regulation, law enforcement agency, governmental official, legal authority or similar requirements or when the Company, in its sole discretion, deems it necessary in order to protect its rights or the rights of others, to prevent harm to persons or property, to fight fraud and credit risk, or to enforce or apply the Terms of Use.
3.20 The Company does not collect information about the visitors of the Website from other sources, such as public records or bodies, or private organizations, save and except for the purposes of registration of the Users (the collection, usage, storage, transmission and disclosure of which each User must agree to abide by the terms of use in order for Company to effectively render the Services)
4.1 As part of the registration/application creation and submission process that is available to Users on the Website, certain information, including Personal Information or Sensitive Personal Data or Information is collected from the Users with such accounts.
4.2 All the statements in this Privacy Policy apply to all Users with registered accounts and are therefore required to read and understand the privacy statements set out herein prior to submitting any Personal Information or Sensitive Personal Data or Information to the Company failing which they are required to leave the Website immediately.
4.3 If you have inadvertently submitted any such information to the Company prior to reading the privacy statements set out herein, and you do not agree with the manner in which such information is collected, processed, stored, used or disclosed, then you may access, modify and delete such information by using options provided on the Website. In addition, you can do so, by sending an email to contact@ayu.health and enquire whether the Company is in possession of your personal data, or if you may also require the Company to delete and destroy all such information.
4.4 The Users’ personally identifiable information, which they choose to provide on the Website is used to help the Users describe/identify themselves. Other information that does not personally identify the Users as an individual, is collected by the Company from Users (such as, patterns of utilization described above) and is exclusively owned by the Company. The Company may also use such information in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, and may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates.
4.5 The Company reserves the right to use anonymized User demographics information and anonymized User health information for the following purposes: (i) Analyzing software usage patterns for improving Services and utility. (ii) Analyzing such information for research and development of new technologies. (iii) Using analysis of such information in other commercial product offerings of the Company. (iv) Sharing analysis of such information with third parties for commercial use.
4.6 The Company will communicate with the registered Users through email, phone and notices or through other means available through the service, including text and other forms of messaging. The registered Users can change their e-mail and contact preferences at any time by logging into their account on the Website.
4.7 The Company conducts a User survey to collect information about Users’ preferences. These surveys are optional and if registered Users choose to respond, their responses will be kept anonymous. The information that the Company collects in the registration process and through surveys is used to help the Company improve its Services to meet the needs and preferences of registered Users.
4.8 The Company may keep records of electronic communications and telephone calls received and made for making appointments or other purposes for administration of Services, customer support, research and development and for better listing of Practitioners.
4.9 All employees and data processors of The Company, who have access to, and are associated with the processing of sensitive personal data or information, are obliged to respect the confidentiality of every Users’ Personal Information or Sensitive Personal Data and Information. The Company has put in place procedures and technologies as per good industry practices and in accordance with the applicable laws, to maintain security of all personal data from the point of collection to the point of destruction. Any third-party data processor to which the Company transfers Personal Data shall have to agree to comply with those procedures and policies or put in place adequate measures on their own.
4.10 To the extent necessary to provide Users with the Services, the Company may provide Users Personal Information to third party contractors who work on behalf of or with the Company to provide End-Users with such Services, to help the Company communicate with Users or to maintain the Website. Generally, the contractors do not have any independent right to share this information, however certain contractors who provide services on the Website, including the providers of online communications services, may use and disclose the personal information collected in connection with the provision of these Services in accordance with their own privacy policies. In such circumstances, you consent to us disclosing your Personal Information to contractors, solely for the intended purposes only. The Company the Company shall not be held liable for any loss whatsoever incurred by the User in such engagements.
5.1 As part of the registration as well as the application creation and submission process that is available to Hospitals and its Practitioners on the Website or required by the Company, certain information, including Personal Information or Sensitive Personal Data or Information is collected from the Hospitals and its Practitioners.
5.2 All the statements in this Privacy Policy apply to all Hospitals and its Practitioners, and all Hospitals and its Practitioners are therefore required to read and understand the privacy statements set out herein prior to submitting any Personal Information or Sensitive Personal Data or Information to the Company, failing which they are required to leave the Services immediately.
5.3 Hospitals and its Practitioners’ personally identifiable information, which they choose to provide to the Company is used to help the Hospitals and its Practitioners describe and identify themselves. This information is exclusively owned by the Company. You will be the owner of your information and you consent to the Company collecting, using, processing and/or disclosing this information for the purposes hereinafter stated. The Company may use such information for commercial purposes and in an aggregated or non-personally identifiable/anonymized form for research, statistical analysis and business intelligence purposes, and may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates. The Company also reserves the right to use information provided by or about the Hospitals and its Practitioner for the following purposes: (i) Contacting Hospitals for offering new products or services. (ii) Contacting Hospitals and its Practitioners for taking product feedback. (iii) Analyzing software usage patterns for improving Services and utility. (iv) Analyzing anonymized practice information including financial, and inventory information for commercial use.
5.4 The Company automatically enables the listing of Hospitals and its Practitioners’ information on its Website for every hospital added to a medical practice/field using its software. The Hospitals and its Practitioner information listed on Website is displayed when Users search for hospitals or doctors on the Website, and the Hospitals and its Practitioner information listed on the Website is used by Users to request the respective partnered Hospitals for appointments. Any personally identifiable information of the Practitioners listed on the Website is not generated by the Company and is provided to the Company by Practitioners who wish to enlist themselves on the Website or is collected by the Company from the public domain. The Company displays such information on its Website on an as-is basis making no representation or warranty on the accuracy or completeness of the information. As such, we strongly encourage Hospitals and its Practitioners to check the accuracy and completeness of their information from time to time, and inform us immediately of any discrepancies, changes or updates to such information. The Company will, however, take reasonable steps to ensure the accuracy and completeness of this information.
6.1 Your Personal Information is maintained by the Company in electronic form on its equipment, on the equipment of its employees and on the equipment of all the partnered Hospitals. Such information may also be converted to physical form from time to time. The Company takes all necessary precautions to protect your personal information both online and off-line and implements reasonable security practices and measures including certain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of the Company’s business.
6.2 No administrator at the Company will have knowledge of your password. It is important for you to protect against unauthorized access to your password and your mobile phone. The Company does not undertake any liability for any unauthorized use of your account and password. If you suspect any unauthorized use of your account, you must immediately notify the Company by sending an email to contact@ayu.health. You shall be liable to indemnify the Company due to any loss suffered by it due to such unauthorized use of your account and password.
6.3 The Company makes all User information accessible to its employees, agents or partners and third parties only on a need-to-know basis and binds only its employees to strict confidentiality obligations.
6.4 Part of the functionality of the Company is assisting the partnered Hospitals to maintain and organize such information. The Company may, therefore, retain and submit all such records to the appropriate authorities, or to doctors who request access to such information.
6.5 Part of the functionality of the Company is assisting the patients to access information relating to them. The Company may, therefore, retain and submit all such records to the relevant patients, or to their doctors at the partnered Hospitals.
6.6 Notwithstanding the above, the Company is not responsible for the confidentiality, security or distribution of your Personal Information by our partners and third parties outside the scope of our agreement with such partners and third parties. Further, the Company shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond the reasonable control of the Company including but not limited to, acts of government, computer hacking, unauthorized access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of Internet service or telephone service of the User etc.
7.1 The Company may update this Privacy Policy at any time, with or without notice. In the event there are significant changes in the way the Company treats User’s personal information, or in the Privacy Policy itself, the Company will display a notice on the Website or send Users an email, as provided for above, for the Users to review the changed terms prior to continuing to use the Services. In the event a User objects to any of the changes to the Privacy Policy, and no longer wishes to use the Services, the User may contact us on email at contact@ayu.health to deactivate the account. Unless stated otherwise, the Company’s current Privacy Policy applies to all information that the Company has about the Website Users and their accounts.
7.2 If a User uses the Services or accesses the Website after a notice of changes has been sent to such User or published on the Website, such User hereby provides consent to the changed terms.
8.1 The Company strongly encourages parents and guardians to supervise the online activities of their minor children and consider using parental control tools available from online services and software manufacturers to help provide a child-friendly online environment. These tools also can prevent minors from disclosing their name, address, and other personally identifiable information online without parental permission. Although the Website and Services are not intended for use by minors, the Company respects the privacy of minors who may inadvertently use the Website.
9.1 You agree and acknowledge that this Privacy Policy is a part of the Terms of Use of the Website and the other Services, and You unconditionally agree that becoming a User of the Website and its Services signifies Your (i) assent to this Privacy Policy, and (ii) consent to the Company using, collecting, processing and/or disclosing Your Personal Information in the manner and for the purposes set out in this Privacy Policy. Your downloading, visit and use of the Website and use of the Services is subject to this Privacy Policy and the Terms of Use.
10.1 Should you have questions about this Privacy Policy or the Company's information collection, use and disclosure practices, you may contact, the Grievance Officer appointed by the Company under the SDPI Rules and the Consumer Protection (E-commerce) Rules, 2020. The Officer will respond to the queries within 30 (thirty) days of receiving the queries. If You have any grievance with respect to Our use of Your information, You may communicate such grievance to the Grievance Officer:
Name: Himesh Joshi
Address: 185/A, 22nd Cross, 3rd Sector H.S.R. Layout Bangalore -560102 India, Bangalore, Bangalore, Karnataka, India, 560102
E-mail ID: himesh@ayu.health