Privacy Policy
Last updated: April 22, 2024
Thank you for shopping at ilumina Health.
If, for any reason, You are not completely satisfied with a purchase We invite You to review
our policy on privacy. This Privacy Policy has been created with the
help of the Privacy Policy Generator.
The following terms are applicable for any products that You purchased with Us.
With effect from 01 April 2024
This document is published in accordance with the provisions of Digital Personal Data Protection Act, 2023, Information Technology Act, 2000 and the rules made thereunder that require publishing the rules2011 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 made regulations, privacy policy and terms of use on an online portal of the Company. We request you to go through this Privacy Policy and the Terms of Use carefully before you decide to access this Platform.
For the purposes of this Privacy Policy, the words “us”, “we”, and “our” refer to the Company and all references to “you”, “your” or “user”, as applicable mean the person who accesses, uses and/or participates in the Platform in any manner or capacity.
The Company is strongly committed to protecting the privacy of its users and has taken all necessary and reasonable measures to protect the confidentiality of the user information and its transmission through the internet. The Company will not be held liable for disclosure of any information if such disclosure is in accordance with this Privacy Policy, the Terms of Use and/or applicable law. If you object to your information being transferred or used in accordance with this Privacy Policy, please do not use the Platform.
All capitalized terms used but not defined herein shall have the meaning ascribed to in the Terms of Use.
1. Information Collection
- You (i.e. the User) are the sole owner of your (i.e. User’s) information. The Company just collects your information through the Platform for providing the products and services you have signed up for. We will not sell, share, transfer or rent any personalOffice no 1001, 10th floor, Wave Silver Tower, Sector 18, Noida 201301 5 information to others in ways different from what is disclosed in this privacy policy and the Terms of Use.
- Purpose Limitation: We collect your personal data for specific, explicit, and legitimate purposes. We do not use your information for purposes beyond those stated without obtaining your consent.
- Relevance: We limit the collection of personal data to what is directly relevant and necessary for the intended purpose. We avoid collecting excessive or irrelevant information.
- The Company collects information from you on the Register/Log-in page of the Platform. In the sign-up page, you are required to give your personally identifiable contact information (such as name, mobile number, and email ID etc.). A verification process is used to confirm your identity through the contact information that you provide. When the Platform requests your identity, the Platform will clearly indicate the purpose of the inquiry before the information is requested.
- Once a registered participant, you have the option of providing additional personally identifiable, health and other information including but not limited to age, height, weight, occupation, name of your doctor, hospital or other healthcare provider, location, data relating to your diet, activity levels, exercise, medical reports (if any), medical history, mobile number, email ID, name of a primary caregiver, contact details of the primary caregiver and other personal information to avail of the Services provided through the Platform. Providing additional information beyond what is required at registration is entirely optional and can be altered or removed by you at any time. We assume that any information provided by you relating to a primary caregiver has been provided after obtaining due consent of such primary caregiver.
- Every computer/mobile device connected to the Internet is given a domain name and a set of numbers that serve as that computer's Internet Protocol or "IP" address. When you request a page from any page within the Company platform, our web servers automatically recognize your domain name and IP address. The domain name and IP address reveal nothing personal about you other than the IP address from which you have accessed the Platform.
2.Children's and Minor's Privacy
3. Data Retention
4. Opt-Out Procedures
5. Company as a Pass-Through Facilitator
Please note however, that in respect of any information received by the Company under certain specific patient support program: (a) the Company shall retain identified data for a period of 5 (Five) years from the date of termination of such agreement, for performance of its contractual obligations, audits, diligence thereunder; and (b) the Company shall thereafter be permitted to retain only de-identified data for such period of time as may be necessary. The de-identified data at any point of time will be used for the purpose of compliance with applicable law, carrying on its contractual obligations, for carrying on audits and for improvement of its technology All personal identification data will be deleted after a period of 5 years from the date of termination of agreement.
Company may retain additional time point data related to you if there is a legal obligation to retain the data, if required to comply with any statutory or regulatory retention requirement by law.
6. Use of The Information Collected
6.1. Use Of the Information for Services
c. Provide you with further information, products, and services.
d. Better understand users’ needs and interests.
e. Personalize your experience and customizing experience.
f. Diagnosing and assisting you in your clinical, health and general wellbeing progress.
g. Run statistical research and undertake scientific publications.
h. Improving the product and services offered to current and future users and partners by improving parts of the Platform, including but not limited to the algorithms, logic systems, content, decision support, engineering.
i. Providing access to your information to healthcare practitioners and partners.
j. Providing data to clients or partners under the terms of agreement with them.
k. Providing access to your “User Profile” to other users of the Platform, Company administrators, Company moderators, Health Coaches and Primary Caregivers.
l. For carrying on audits, due diligence for effecting investments in the company.
m. Detect and protect us against error, fraud, and other criminal activity.
n. Make disclosures as may be required under applicable law.
o. Improve our Platform to better serve the user.
p. Allow us to better service the user in responding to customer service requests.
q. Administer a contest, promotion, survey, or other site feature; and
r. Provide access to other users as part of a social feed, to provide motivation or assistance to such other users.
s. Google Fit Data: When you connect your Google Fit account to the " Ilumina “App, we may access and collect the following data:
- Health and fitness data, including activity, blood glucose, heart rate, sleep, and nutrition information.
- Permissions you grant to access specific data types within Google Fit.
6.2 Disclosure to primary caregiver
b. The Company may, at its sole discretion, be entitled to contact the primary caregiver (as identified by you) at scheduled intervals and at unscheduled times and provide any information relating to you, as may be deemed beneficial or essential by the Company. The Company shall periodically update the primary caregiver relating to your health and progress based on the statistics available in the Platform, and any other relevant information that the Company believes is relevant to improve your health, clinical and Office no 1001, 10th floor, Wave Silver Tower, Sector 18, Noida 201301 8 general wellbeing outcomes. The Company may also reach out to the primary caregivers at unscheduled times upon occurrence of an Adverse Event, emergency event, or if you have not engaged with the Platform or your Health Coach for a long duration.
For the purposes of this Privacy Policy, the term “Adverse Event” shall refer to any adverse health consequences, or adverse medical events, that occur consequent to, or resulting out usage of any drug, medical device or as part of any therapy or consultation that the user is currently on or has been on.
6.3. Sale of Assets, Merger, Acquisition
6.4. Cookies
6.5. Ownership of work products
6.6. Non-disclosure of Information
a. The Company may disclose your personal information in the event it is required to do so by law, rule, regulation, law, enforcement, governmental official, legal, or regulatory authorities and, or, to such other statutory bodies who have appropriate authorisation to access the same for any specific legal purposes.
b. The Company may disclose your information to provide you the Services, enforce or apply the Terms of Use, or to protect the rights, property or safety of the Company, its users, or others. This includes exchanging information with other companies / agencies that work for fraud prevention.
c. The Company may disclose your information to such third parties to whom it transfers its rights and duties under any agreement entered with such third parties; and
d. The Company may disclose your information to any of its affiliates or related entity.
6.7 Data Subject Rights
Right to Access: You have the right to request access to the personal data we have collected about you.
Right to Rectification: If you believe that the personal data, we hold about you is inaccurate or incomplete, you may request corrections. To request rectifications, please contact our data protection officer.
Right to Erasure (Right to Be Forgotten): You have the right to request the deletion of your personal data, subject to legal exceptions. To request erasure, please contact our data protection officer.
Right to Data Portability: You may request a copy of your data in a commonly used, machine-readable format. To request a data copy, please contact our data protection officer. Right to Object: If you wish to object to the processing of your data for certain purposes, such as marketing, you can do so by contacting us at dpo@iiumina.health
Right to Restriction of Processing: You have the right to request the temporary suspension of processing your data under certain conditions. To request processing restrictions, please contact our data protection officer.
Right to Withdraw Consent: If we rely on your consent for data processing, you can withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of data processing before consent was withdrawn. To withdraw consent, please contact us at dpo@iiumina.health
Automated Decision-Making and Profiling: If we engage in automated decision-making processes or user profiling, you have the right to request human intervention or express your point of view. Please contact our data protection officer to exercise this right.
Right to Lodge a Complaint: If you believe your data rights have been violated, you have the right to lodge a complaint with a supervisory authority. Please contact grievance.redressal@iiumina.health
7. Sharing of Information
7.1 Sharing
7.2. Consulting and Sub-Contracting
7.3. With Whom (Third Party) We are sharing your Personal Information
- Cloud service providers who we rely on for compute and data storage, including
Amazon Web Services, based in India. - Platform support providers who help us manage and monitor the Services.
- Data labelling service providers who provide annotation services and use the data
we share to create training and evaluation data for Ilumina Health Private Limited
product features. - Mobile advertising tracking providers who help us measure our advertising
effectiveness. - Analytics providers who provide analytics, segmentation and mobile measurement
services and help us understand our user base. We work with several analytics
providers, including Google LLC, which is based in the U.S. You can learn about
Google’s practices by going to Google Partner Sites Policy,
and opt-out of them by downloading the Google Analytics opt-out browser add-on,
available at Google Analytics Opt-out Browser Add-on. - Advertising Partners: We work with third party advertising partners to show you ads
that we think may interest you. If you do not wish to receive personalized ads, please
contact helpdesk@iiumina.health to learn about how you may opt out of receiving
web-based personalized ads from member companies. You can access any settings
offered by your mobile operating system to limit ad tracking, or you can install the
AppChoices mobile app to learn more about how you may opt out of personalized
ads in mobile apps. - Providers of integrated third-party programs, apps, or platforms, such as Google
Calendar and Google fit. When you connect third party platforms to our Services,
you authorize us to share designated information and data created and/or uploaded
by you to our servers with these third-party programs on your behalf. - Payment processors, these payment processors are responsible for the processing of
your Personal Information and may use your Personal Information for their own
purposes in accordance with their privacy policies.
If you choose to engage in public activities on the Sites, you should be aware that any
information you share there can be read, collected, or used by other users of these areas.
You should use caution in disclosing personal information while participating in these areas.
We are not responsible for the information you choose to submit in these public areas.
Note: Our Ilumina App not sharing any user data with any other third-party tools or AI
models.
7.4. Ilumina App limited use policy for the integration with Google services
(a) Sign-In with Gmail ID: You can conveniently sign in to the Ilumina App using your existing Gmail ID.
(b) Health Insights and Analysis: We use Google services to provide you with insights and in- depth analysis of your health data, delivering a comprehensive health and wellness experience.
In connection with this integration, it's essential to highlight our commitment to data protection and compliance:
Google APIs: Any data collected, stored, used, or transferred from Google APIs will consistently adhere to Google API Services User Data Policy, including its limited use requirements, ensuring that your information is handled responsibly and securely.
Google Health Connect: For data received through Google Health Connect/Google Fit, we remain dedicated to following the Health Connect Permissions Policy, which includes strict limited use requirements to safeguard your data and privacy.
8. Spam
9. Exclusion
- This Privacy Policy does not apply to any information other than information collected by the Company via any means, including the Platform, including such information collected in accordance with the clause on “Use of the Information Collected” above. This Privacy Policy will not apply to any unsolicited information provided by you through this Platform or through any other means. This includes, but is not limited to, information posted on any public areas of the Platform. All such unsolicited information shall be deemed to be non-confidential, and the Company will be free to use, disclose such unsolicited information without limitation.
- The Company also protects your personal information off-line other than as specifically mentioned in this Privacy Policy. Access to your personal information is limited to employees, agents, consultants, or partners and third parties, who the Company reasonably believes will need that information to enable the Company to provide Services to you. The Company will make best efforts to ensure that your personal contact information is protected. However, the Company is not responsible for the confidentiality, security, or distribution of your personal information by our partners and third parties outside the scope of our agreement with such partners and third parties.
10. The Company Forums
11. Protection of Information
11.1 Security of Information
a. The Company uses commercially reasonable precautions to preserve the integrity and security of your information against loss, theft, unauthorized access, disclosure, reproduction, use or amendment.
b. The information that is collected from you may be transferred to, stored, and processed at any destination within and / or outside India. By submitting information on the Platform, you agree to this transfer, storing and / or processing. The Company will take such steps as it considers reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.
c. In using the Platform, you accept the inherent security implications of data transmission over the internet. Therefore, the use of the Platform will be at your own risk and the Company assumes no liability for any disclosure of information due to errors in transmission, unauthorized third-party access, or other acts of third parties, or acts or omissions beyond its reasonable control and you agree not to hold the Company responsible for any breach of security.
d. In the event the Company becomes aware of any breach of the security of your personal information, it will promptly notify you and take appropriate action to the best of its ability to remedy such a breach.
12. Confidentiality
Other Links
The Platform may contain links to other sites, products, platforms, and services. These are not necessarily under the control of the Company. Please be aware that the Company is not responsible for the privacy practices of such other sites. The Company encourages you to read the privacy policies of each web site that collects personally identifiable information. If you decide to access any of the third-party sites linked to Platform, you do this entirely at your own risk. Any links to any partner of the Platform should be the responsibility of the linking party, and the Company shall not be responsible for notification of any change in name or location of any information on the Platform.
13. Notification of Changes
Using the Company Services or accessing the Platform after a notice of changes has been sent to you or published on our website shall constitute your consent to the changed terms.
14. Consent to This Policy
15. Grievance Officer
E-mail: grievance.redressal@iiumina.health
The Grievance Officer shall redress your grievances expeditiously, within 1 (one) month from the date of receipt of grievance. Except where required by law, the Company cannot ensure a response to questions or comments regarding topics unrelated to this policy or the Company's privacy practices.
16. Contact person in data protection matters
Data Protection Officer:
E-mail: dpo@iiumina.health
17. CONSENT
Consent Manager:
E-mail: helpdesk@iiumina.health
Contact Number: <Insert Contact Number>
You have read this privacy policy and agree to all the provisions contained above.
18. References
