EFFECTIVE FROM: _1st march 2022
This policy aims to protect the personal data of the various stakeholders connected to our organization. This policy is aimed at providing individuals notice of the basic principles by which the company processes the personal data of individuals (“Personal Data”) who visits, uses, deals with, and/or transacts through the website and includes a guest user and browser (hereinafter ‘you’, ‘user’).
- Purpose and Scope
The purpose of this policy is to describe how Anoveda collects, uses, and shares information about you through our online interfaces (e.g., websites and mobile applications) owned and controlled by us, including but not limited to www.Anoveda.com (hereinafter the “website”). This policy is also designed to provide information on how Anoveda ensures data security, conducts data transfers and process requests from data subjects.
This policy control applies to all systems, people and processes that constitute the organization’s information systems, including board members, directors, employees and other third parties who have access to Personal Data available within Anoveda.
The company is also committed to ensure that its employees conduct themselves in line with this, and other related, policies. Where third parties process data on behalf of Anoveda, the Company endeavours to obtain assurances from such third parties that your Personal Data will be safeguarded consistently.
- Personal Data Collection
The Personal Data that we collect about you depends on the context of your interactions with us, the products, services and features that you use, your location, and the applicable laws.
Personal Data is stored in personnel files or within the electronic records (on servers in India or other countries) of Anoveda. The following types of Personal Data may be held by the Company, as appropriate, on relevant individuals:
- Any personal or PII that you may submit or may be required to submit for registration and continued use of the Company Systems or receive the services by Anoveda;
- Your name, title, gender, date of birth, email address, telephone number (home/work/mobile telephonic number), profile/display picture, login name, screen name, nickname, or handle, country/state/postcode or city of residence, postal or other physical address, name(s) of the Consultants, information related to products and services, language, information related to social profiles, such as Facebook, Google, GitHub etc., IP addresses and other information collected passively (as further detailed in the “Passive Collection” section below), may be collected; and
We collect and/or process your Personal Data as a part of the following activities related to our Products:
- Account registration, use of certain Product features, consultation from doctors based on information collected from the use of our Products.
- Requesting service and support for our Products and providing such support.
We do not collect any payments information processed by third-party payment gateway providers.
- Sources of Data collection
The data collected by the company is derived directly from the data provided by the user or by use of our sites.
- Data Collected when You:
- Account registration
- Use of our Website
- Generating reports based on information collected from use of our Products
- Requesting service and support for our Products and providing such support
- We process Personal Data for purposes such as:
- Providing reports based on information collected from the use of our Products.
- Keeping you up-to-date about the latest Product announcements, software updates, software upgrades, system enhancements, special offers, and other information.
- Providing support and assistance for our Products though their APIs.
- Providing the ability to create a personal profile and e-portfolio.
- Providing the ability to contact you, if required.
- Providing customer feedback and support.
- Personalizing marketing communication and website content based on your preferences, such as in response to your request for specific information on products and services that may be of interest to you.
- Meeting contract or legal obligations.
- Process payment and billing data.
- Data Collected from third parties:
We receive Personal Data such as access or login details, profile picture or any other text / image in relation to your Personal Data which may be available with such third parties.
Third parties from whom we receive your Personal Data include, our service providers, other networks connected to our service, our advertising partners, our marketing and advertising affiliates, our professional partners, analytics providers, doctors/experts and such other third-party sources.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.
If you disable cookies off, some features will be disabled. It won’t affect the user’s experience that makes your site experience more efficient and some of our services will not function properly.
Anoveda may collect information related to visitors and machines. Such information includes cookies, IP addresses, pageview activities, and geolocation data. The details of user activities on our website such as number of visits, time spent on our website, and pages clicked are also collected.
Being able to create web beacons (also referred to as clear gifs, pixel tags, and single-pixel tags) that permits a company to count users who have visited our pages or opened an email and for other related website statistics (e.g., recording the popularity of a certain section and verifying system and server integrity).
Your decision to provide Personal Data to Anoveda is at your sole discretion and is deemed obtained when you register and create your account on our Company Systems. Please note that you may not be able to access certain options, offers, and services if they require Personal Data that you have not provided. You can sign-up, and therefore consent, to receive email or newsletter communication from us. If you would like to discontinue receiving this communication, you can update your preferences by using the ‘Unsubscribe’ link at the end of such emails or by contacting us through email at email@example.com.
We will only process your Personal Data if we have a lawful basis for doing so, which includes but is not limited to consent, contractual necessity (i.e. processing that is necessary for the performance of a contract with you, such as your user agreement with us that allows us to provide you with the Products) and our legitimate interests or the legitimate interest of others (e.g. our users) such as:
- Provide you with the websites and services, together with any support you may request.
- Respond to your inquiries or fulfill your requests.
- Diagnose Website and Service technical problems.
- Send you information that we believe may be of interest to you, such as Service.
- Send you information related to healthcare tips.
- Send you administrative information such as notices related to the Services or policy changes.
- Understand how the Websites and Services are being used in order to enhance and optimize them.
- Prevent, detect, mitigate, and investigate fraudulent or illegal activity.
As described to you at the point of collection of the information.
Complying with our legal obligations, resolving disputes with users, enforcing our agreements.
Protecting, investigating, and deterring against fraudulent, harmful, unauthorized or illegal activity.
If you refuse or withdraw your consent, or if you choose not to provide us with any required Personal Data, we may not be able to provide you the services that can be offered on our Platform.
- Aggregated Data Collection
Anoveda might automatically collect some data about you when you are using any of our products, using methods like cookies and other tracking technologies. Information automatically collected includes cookies, page views, geolocation data, IP (internet protocol) addresses, browser and OS (Operating System) type, ISP (Internet Service Provider), files viewed and downloaded from our websites, referral and exit pages, and clickstream data. Such data does not have an expiry date and we do not delete this data. This data is stored in the form of logs or in third-party tracking and analytics softwares like Google analytics, LinkedIn Insights etc.
- Data Protection Principles
Where third parties process data on behalf of Anoveda, we endeavour to obtain assurances from such third parties that your Personal Data will be safeguarded consistently. We understand that it will be accountable for the processing, management and regulation, and storage and retention of all Personal Data held in the form of manual records and on computers.
All Personal Data obtained and held by the Company will:
- Be processed fairly, lawfully and in a transparent manner;
- Be collected for specific, explicit, and legitimate purposes;
- Be adequate, relevant and limited to what is necessary for the purposes of processing;
- Be kept accurate and up to date. Every reasonable effort will be made to ensure that inaccurate data is rectified or erased without delay;
- Not be kept for longer than is necessary for its given purpose;
- Be processed in a manner that ensures appropriate security of Personal Data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures; and
- Comply with the relevant laws and procedures for international transferring of Personal Data applicable to us.
- Legal basis for processing your Personal Data
Certain jurisdictions require that we have a lawful basis to justify our processing of your Personal Data.
Where applicable, the lawful basis that Anoveda relies upon to justify a particular processing activity may differ from the lawful basis used to justify a different processing activity.
We collect your Personal Data for the following purposes
- To fulfil or meet the reason you provided the information;
- We use your information for managing and processing purposes, including access to different functionalities of the Service that are available to You as a registered user;
- To send you updates about the Programs, other Anoveda events, platform maintenance or new services provided by Anoveda, among other things, through itself or through third parties, via WhatsApp, email, SMS, phone call or any other medium;
- To enhance the quality of our content and product offerings;
- Compliance with security and other mandatory policies and building access;
- Providing information to relevant external authorities for tax, social security and other purposes as legally required;
- Conducting mergers, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as a part of bankruptcy, liquidation, or similar proceedings, including but not limited to its processes or policies;
- Setting up and maintaining accounts and subscriptions with third parties that provide information and research services or communication services;
- Making decisions about your continued engagement or membership;
- Dealing with legal or regulatory disputes or investigations involving you, our work, or other partners, employees, workers and contractors, including accidents at work, potential and actual negligence claims and professional discipline matters;
- To monitor use of our information and communication systems to ensure compliance with our IT and document management policies;
- To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution;
- Business management and planning, including accounting, auditing and insuring;
- Planning or reviewing options in relation to the operation or management;
- Keeping registers required by law or regulation;
- Communicating with you, for example to respond to inquiries;
- Enhancing the safety and security of the services and preventing fraud, or protecting our or our customers’, or your rights or property;
- Enforcing applicable terms and conditions and other applicable policies.
- Advertising and Marketing
We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. You will receive marketing communications from us if you have requested information from us or if you provided us with your details and expressly consented to receiving that marketing.
We may use your Personal Identification, Identity, Contact, Electronic and User generated Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you.
We also enter into agreements with third parties to serve Ads on our behalf across the internet, social networking sites and blogs. These third parties may collect Personal Data about your visits to our platform and your interactions with our products and use this information to target advertisements for goods and services.
Where electronic direct marketing communications are being sent, you have the option to opt-out in each communication sent, and this choice will be recognised and adhered to by us.
- Disclosure of Personal Data
Anoveda is a global company and may share the personal information collected or provide such access to other companies within the Anoveda group.
- Examples of third parties with whom Anoveda may share Personal Data includes:
With government bodies, including tax and social security authorities, to comply with applicable laws, to obtain licenses or approvals, and upon request during an audit or assessment;
- With its employees, agents, representatives, consultants, subsidiaries, affiliates and third-party providers;
- With professional advisers and consultants, to conduct background verification and reference checks, administer benefits and payroll, deal with disciplinary and grievance issues and maintain emergency contact details;
- With our legal advisors and external auditors for legal advice and to conduct business audits.
We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
- Data Subject Rights
Some jurisdictions have provided individuals with certain rights in relation to the processing of their Personal Data. This is the case where you or the any of our subsidiaries or affiliates with which you interact is located in the European Union, though these rights may be available in other jurisdictions as well. These rights are not available to everyone, and they do not necessarily apply in all contexts. Depending on applicable law, you may have the right to:
- Request access to your Personal Data.
- Request correction of your Personal Data (should your Personal Data be inaccurate, incomplete, or obsolete).
- Request deletion of your Personal Data.
- Withdraw your consent to processing (where we processed Personal Data on the basis of your consent). Please note that withdrawing your consent applies only to future processing activities.
- Object to the processing of your Personal Data.
- Request restrictions on the processing of your Personal Data.
- Request the transfer of your Personal Data to you or a third party.
- Opt-out of certain transfers to third parties.
We may need to verify your identity before we fulfil your request you may address your query at firstname.lastname@example.org.
Please note that certain conditions in relation to processing of your rights, will vary as many countries have varying data privacy rights. Our response and further processing of request to exercise these rights will depend upon the law applicable in relation to the rights exercised by you. We may refuse requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, may compromise and ongoing investigation, or are impractical. It is our policy to never discriminate against you for exercising any of these rights.
You may have the right to complain to a data protection authority about our processing of your Personal Data.
- Data Security
Anoveda will ensure that appropriate technical and organizational measures are in place, supported by privacy impact and risk assessments, to ensure a high level of security for Personal Data, and secure environment for information held both manually and electronically. Further, we use vulnerability scanning and scanning to PCI standards annually and our Company Systems are subject to regular Malware Scanning. Additionally, we use SSL certificate to encrypt all the data being transferred.
Anoveda implements appropriate security measures designed to prevent unlawful or unauthorized processing of personal information and accidental loss of or damage to personal information. Anoveda maintains written security management policies and procedures designed to prevent, detect, contain, and correct violations of measures taken to protect the confidentiality, integrity, availability, or security of your Personal Information. These policies and procedures assign specific data security responsibilities and accountabilities to specific individuals, include a risk management program that includes periodic risk assessment and provide an adequate framework of controls that safeguard your personal information.
In addition, as part of its organizational security measures, employees at Anoveda must:
- ensure that all files or written information of a confidential nature are stored in a secure manner and are only accessed by people who have a need and a right to access them
- ensure that all files or written information of a confidential nature are not left where they can be read by unauthorised people
- check regularly on the accuracy of data being entered into computers
- always use the passwords provided to access the computer system cautiously and such access should not be circulated, unless absolutely necessary
- use computer screen blanking to ensure that Personal Data is not left on screen when not in use.
Failure to follow the Company’s rules on data security may be dealt with via the Company’s disciplinary procedure. Appropriate sanctions include dismissal with or without notice dependent on the severity of the failure.
We also take steps to ensure that our service providers, contractors and other third parties maintain similar level of data protection measures when processing your Personal Data. While we strive to secure your Personal Data, please note that 100% security of Personal Data cannot be guaranteed and that Anoveda shall not be liable for any misuse or loss of Personal Data carried out by third party cloud service provider.
- Age Restrictions
You explicitly agree you are 18 years of age or older unless represented by a parent or legal guardian. If you are not of the requisite age, you must not provide any information to Anoveda directly or by way of the usage of the Company Systems.
As a general policy, our company does not engage in the collection, processing, storage, use, dissemination, and transfer of Personal Data of children.
In case such a collection becomes necessary for the performance of our contractual obligations, or when required under the concerned law, we shall notify you in a time-bound and appropriate manner, informing the purposes and reasons for such collection and seek your explicit consent, and where applicable, parental authorization, prior to the processing of such data.
We will take appropriate steps to delete any Personal Data of children’s that has been collected on our website without verified parental consent upon learning of the existence of such Personal Data, subject to conditions stipulated in the laws of applicable jurisdiction.
- Records management
Records management refers to a set of activities required for systematically controlling the creation, distribution, use, maintenance, and disposition of recorded information maintained as evidence of business activities and transactions. It is impossible to be compliant with information law without robust records management policies and practises. Good records management practices ensure not only record quality, but that Personal Data is only kept for as long as necessary for its original purpose and help support data minimisation.
- Conflicts of Law
This Policy is intended to comply with the laws and regulations in the place of establishment and of the countries in which company operates. In the event of any conflict between this Policy and applicable laws and regulations, the latter shall prevail.
- Retention of Personal Data
We retain your Personal Data, not longer than necessary for the purposes for which it was collected. To retain Personal Data depends on the purposes for which we collect and use it and/or as may be required to comply with applicable laws, to establish, exercise, or defend our legal rights.
The users can exercise their rights enumerated herein. Also, if in case required to extend the period of retention of such data, we shall obtain your consent for the same. Further, we may also dispose the data prior to completion of the period of retention, if the purpose for which it was collected is exhausted.
Please contact info@Anoveda.com for any data or account delete requests.
- Breach Notification
Where a data breach is likely to result in a risk to the rights and freedoms of individuals, it will be reported to the relevant supervisory authority as soon as possible of the Company becoming aware of it and may be reported in more than one instalment. Individuals will be informed directly in the event that the breach is likely to result in a high risk to the rights and freedoms of that individual. If the breach is sufficient to warrant notification to the public, the Company will do so without undue delay.
- External Links on our website
You may also submit a request to us at email@example.com.
If you have any issue or grievance with respect to our policy or with the manner in which we collect or store your information, or in any respect related to your personal information provided to us, please contact firstname.lastname@example.org. We will do everything we reasonably can to ensure that your grievance is attended to and addressed within a period of 7 working days from the date of receipt of your grievance.
If you have any questions about our policy or related dealings with us or would like further information about our services and practices, you can contact via: –
- Email: info@Anoveda.com
- Visiting this page on our website: https://anoveda.com
- Phone number: +919214318084