Section 43A of the Information Technology Act, 2000;
Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the ‘SPDI Rules’); and
Information Technology (Intermediaries Guidelines) Rules, 2011.
The type of information collected from the Users, including sensitive personal data or information;
The purpose, means and modes of usage of such information;
How and to whom such information will be disclosed; and
How the information collected is going to be protected?
Users will be asked to provide the Company / BeatO certain information (‘User Information’). User Information includes, among other things without limitation:
Contact data (personally identifiable information, such as Your name, email address and phone number) of the End-Users, visitors, Partnered Laboratories, Partnered Pharmacies and Registered Doctors/Hospitals;
Demographic data (such as gender, birthday, zip code, city, country);
c. Health data (information about End-User’s use of the Services including height, weight, lifestyle and exercise frequency, blood sugar levels, blood pressure, caloric intake, nutritional statistics, fitness activity, weight loss/gain, renal function data, blood work analysis and medicines consumed data);
Data regarding your usage of the services and history of the Partnered Laboratories appointments and doctor/hospital appointment made by or with you through the use of Services;
Medical data such as medical reports of any nature including every diagnostic test results, blood or urine analysis reports, either uploaded by the End-User or through the service of the Partnered Laboratories, prescriptions, electrocardiogram(ECG) tests, echocardiogram tests, ultrasound tests, health charts or other medical reports of the End-User provided by the Registered Doctors/Hospitals or otherwise;
With respect to the Registered Doctors/Hospitals data regarding the End-Users who are the patients of the Registered Doctors/Hospitals;
With respect to the Partnered Laboratories data regarding the End-Users who are the clients of the Partnered Laboratories;
With respect to the Partnered Pharmacies data regarding the End-Users who are the customers of the Partnered Pharmacies;
Medical History of the End-User including the current and previous doctors/hospitals of the End-User along with current and previous medication and other treatment provided by the Registered Doctors/Hospitals; and
Other information that you voluntarily choose to provide on the BeatO Website/App.
The information collected from you by the Company may constitute ‘Personal Information’ or ‘Sensitive Personal Data or Information’ under the SPDI Rules.
‘Personal Information’ is defined under the SPDI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
‘Sensitive Personal Data or Information’ is defined under the SPDI Rules to mean Personal Information about that person relating to:
financial information such as bank accounts, credit and debit card details or other payment instrument details;
physical, physiological and mental health condition;
medical records and history;
information received by body corporate under lawful contract or otherwise;
visitor details as provided at the time of registration or thereafter; and
call data records.
Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be regarded as Personal Information or sensitive personal data or information.
BeatO also reserves the right to use the User Information provided by or about the User for the following purposes:
Publishing such information on the End-User Account in the Application and for listing of the Partnered Laboratories, Partnered Pharmacies or Registered Doctors/Hospitals on the BeatO Website/App
Contacting Users for offering new products, features or services;
Contacting Users for taking service feedback;
Analyzing software usage patterns for improving product design and utility;
Analyzing anonymized practice information for commercial use;
Monitoring and improving the content and usage of BeatO;
Customizing the advertising and content you see; and
any other purpose for which the information was collected including medical research and analysis on chronic conditions.
Information that does not personally identify the Users as an individual, is collected by the Company from Users, stored in a non-personally identifiable aggregated form (such as, patterns of utilization described above) and is exclusively owned by the Company.
You hereby consent to such use of such information by the Company.
The Company will share the End-User’s User Information to the extent necessary for providing the Services with the Registered Doctors/Hospitals selected by the End User through the Website, with the Partnered Lab that is conducting the diagnostic tests and the Partnered Pharmacies to the extent that User Information such as contact data or demographic data is needed for providing the Services. The Company will share the User Information related to the Partnered Pharmacies, Partnered Laboratories and Registered Doctors/Hospitals with the End User for purposes including listing and booking of appointments. Any recipients of the User Information shall not further disclose such information to any other person.
The Company may share User Information in an aggregated non-personally identifiable manner with its partners and third parties for the purposes set out in paragraph 3 above. The Company maintains a strict ‘No-Spam’ policy, which means that the Company does not intend to sell, rent or otherwise give your e-mail address to a third party without your consent.
To the extent necessary to provide End-Users with the Services, the Company may provide their Personal Information to third party contractors who work on behalf of or with the Company to provide End-Users with such Services, to help the Company communicate with End-Users or to maintain the Application and/or Website. Generally these contractors do not have any independent right to share this information, however certain contractors who provide services on the Application, including the providers of online communications services, will have rights to use and disclose the Personal Information collected in connection with the provision of these Services in accordance with their own privacy policies.
The Company implements reasonable security practices and procedures and has a comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of the Company’s business. The reasonable security practices and procedures implemented by the Company include but are not limited to: encrypting data when it is on the move using industry standard practices, keeping all the data within private cloud, regularly changing production keys and password, secure and very limited access to all production servers, performing regular security updates on our servers and more.
Your Personal Information is maintained by the Company in electronic form on its equipment, and on the equipment of its employees. Such information may also be converted to physical form from time to time. The Company takes all necessary precautions to protect your Personal Information both online and off-line, and implements reasonable security practices and measures including certain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of the Company’s business.
It is important for you to protect against unauthorized access to your password, your computer and your mobile phone. The Company does not undertake any liability for any unauthorised use of your login to BeatO including Account and password. If you suspect any unauthorized use of your login to BeatO including Account, you must immediately notify the Company by sending an email to email@example.com. You shall be liable to indemnify the Company due to any loss suffered by it due to such unauthorized use of your login to BeatO including Account and password.
The Company makes all User information accessible to its employees, agents or partners and third parties only on a need-to-know basis, and binds all such employees to strict confidentiality obligations.
Notwithstanding the above, the Company is not responsible for the confidentiality, security or distribution of your Personal Information by our partners and third parties outside the scope of our agreement with such partners and third parties. Further, the Company shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond the reasonable control of the Company including, acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of Internet service or telephone service of the User etc.
Address for Privacy Questions and Grievance Officer:
A-09, FIEE, Okhla Industrial Area,
Phase II, New Delhi 110020