Privacy Policy

This Privacy Policy (“Privacy Policy”) applies to the access and use of all of our web (https://diax.ai, https://diabrainai.com), mobile based (Diary app on Google Playstore and Apple Appstore) and device based applications, collectively called "Digital Products" or "Applications" and use of our products and services provided through them (“Services”), all owned, managed, and operated by DiabWellness Private Limited having its registered office at 9, Ramasami Kovil West Street, Kumbakonam - 612001, Tamil Nadu (hereinafter referred as “us”/ “we”/ “DiabWellness”/"Diax"/"Diary"/"Diabrainai"/ “Company”).

This Privacy Policy relates to the collection, use, and disclosure of personal data through use of Services by you, the medical professionals, having valid credentials and having registered with the Medical Council of India or any successor organization as may be notified in the future (“Doctors”), and the patients and end users who are using the Services (“Patients”) or when any individual is under the employment of the Company (“Employees”) or when we collect certain personal data from our vendors (“Vendors”). Patients, Users, Customers, Vendors, Clinical Staff/Assistants and Doctors are jointly referred to as “Users” or “you”. DiabWellness is committed to protecting the information and data shared by the Users in the course of their engagement and use of the Services. This Privacy Policy, as amended from time to time, identifies personally identifiable or personal information that may be collected, how such information is used, and the choices you have regarding our use of this information.

This Privacy Policy is in compliance with the Information Technology Act, 2000 (“IT Act”) read with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules“) and Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“Intermediary Rules”).

Please read this Privacy Policy carefully. Any information provided to Us is subject to this Privacy Policy. If you do not agree to any or all of these terms, do not use the Services.

Consent

By accessing and using our Services or providing us with personal information, you agree to the terms of this Privacy Policy. Your use of our Services and any personal information shared with us is subject to the terms of this Privacy Policy and our Terms of Use. If you do not wish to be bound by these terms, you have the option not to access our Services. This Privacy Policy also applies generally to all our services accessed by any channel or medium.

Collection, use and disclosure of information which has been designated as Personal Information under the Information Technology Act 2011 requires express consent of the User. By affirming Your assent to this Privacy Policy, You provide Your consent to DiabWellness Private Limited for such use, collection and disclosure for provision of Services.

• A prerequisite for using the Services provided by us is the acceptance of this Privacy Policy. This Privacy Policy applies to all Users availing the Services offered by us.
• As part of providing our Services, we may need to send routine communications to you, such as transaction emails and other administrative messages through email or through other means available, including texts, WhatsApp, and other forms of messaging. Though we prefer to communicate with you via email, as may be deemed necessary, you agree to receive our phone calls, related to your use of Services or any other mode of communication as may be deemed appropriate.
• When you register for any of the Services, you also consent to allowing us to periodically send emails about new products, special offers or other information, which you may find interesting and in line with your interests. If you do not wish to receive promotional information from us, you can, at any time, choose to opt out of receiving such promotional communications by writing to us at info@diax.ai.
• You must ensure to provide us with the correct or up-to-date personal information at the time of registration and during the use of our Services. This will allow us to contact you for further correspondences with respect to the Services. We are not responsible for any inaccurate information you provide to us, which may affect your experience when using the Services.
• If, at any time, you want to access, update, modify or eliminate any information provided by you or which forms a part of the account created with us, you may do so by writing to us at info@diax.ai. You may also withdraw your consent for use of your personal information and stop using the Services. DiabWellness reserves the right to stop providing any Services or terminate access to any of the Services in relation to which consent has been withdrawn.
• We may, in future, request other additional personal information from you in order to deliver personalised features and services to the Users. Any such additional personal information will also be processed in accordance with this Privacy Policy.

You may also write to us at info@diax.ai with a request for updating, modifying, or deleting any information shared by you.

Collection of Personal Information

• Demographic information like name, gender, age, occupation etc;
• Contact information such as address (including country and ZIP/postal code), email id, mobile number etc;
• Financial information (including details of payment instruments);
• Details required for provision of services (medical records and medical history of Patients whose data is uploaded by the Doctors or the Patients themselves, prescriptions, lab reports uploaded, etc.);
• Data regarding your usage of the Services and history of the appointments or visits made through the use of Services; and
• Other details as the Users may provide to us.

“Personal Information” includes ‘sensitive personal data or information’ (as defined under applicable law) and other information that You share with Us whether directly or in combination with other information or is received from a Third Party Service Provider, that personally identifies You or could be used to personally identify You.

Users: We may collect information such as Your name, address, email, phone number, medical records and medical history, physical, psychological and mental health condition, payment information such as credit card information and other such information as provided by You for rendering uninterrupted Services. We may also collect information that You share in the process of User registration, post in Your feedback, reviews, comments etc.

Non-Personal Information: Information, (viz. type of internet browser and operating system used, domain name of the website from which You came, number of visits, average time spent on the site, pages viewed etc.) may be picked up automatically and without being explicitly provided by You, but during Your interaction with us, by the use of certain technologies, such as cookies and web beacons.

• Camera & Audio Permissions are required to facilitate a tele-consultation with doctors & save medical records. The doctor might choose to record the tele-consultation for medico-legal reasons.
• We will inform you on the tele-consultation screen if the doctor chooses to record the video consultation session.
• We additionally seek permission for reading & writing files on external storage to allow you to upload & save medical records on which you have full control over whether to share further with doctors or not.
• We don’t scan any other files from your storage system other than the files you’re explicitly uploading.
• We require permission to use images or capture images from camera for updating profile photo, uploading images as medical record or measuring heart rate using Camera.
• Pulse rate detection feature uses a camera flash which can get hot, users are advised to remove their finger if it gets uncomfortable.

We need access to camera, images and file upload in order to:

• Store medical records
• Update user Profile photo

None of the actions involving camera, images and any files that are captured or uploaded are done automatically. All these actions are explicit by the user only after permissions wherever necessary.

Cookies

Cookies are alphanumeric identifiers with small amount of data that is stored on the User’s device hard-drive containing information about the User, commonly used as an anonymous unique identifier. DiabWellness and other third party service providers collect information about You using these cookies. Please note, a cookie in no way gives Us access to Your device. We use these “cookies” to collect information and to improve Our service. Some cookies and other technologies may serve to recall Personal Information previously indicated by You. Most web browsers are set to accept cookies by default. If You prefer, You can usually choose to set Your browser to remove cookies and to reject cookies. If You choose to remove cookies or reject cookies, this could affect certain Services provided by us.

Other websites may place their own cookies or other files on Your device, collect data or solicit personal information from You, for which We shall not be held responsible or liable. We encourage You to read the privacy policies of all external sites.

Personal Information Disclosure

We may disclose Personal Information that We collect from You or that You provide:

• to contractors, service providers and other third parties for analytics and communications and who are bound by contractual obligations to keep Personal Information confidential;
• as required by law, which can include providing information as required by a court order;
• when we believe in good faith that disclosure is necessary to protect Your safety or the safety of others, to protect Our rights, to investigate fraud, or to respond to a government request;
• to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all company’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information maintained by us is among the assets transferred;
• for any other purpose disclosed by Us when You provide the Personal Information;
• to deal with requests, enquiries, complaints or disputes and other customer care related activities including those arising out of the Users’ request of the Services and all other general administrative and business purposes;
• to government institutions/authorities to the extent required (i) under the laws, rules, and regulations and/or under orders of any relevant judicial or quasi-judicial authority; (ii) to protect and defend the rights or property of DiabWellness; (iii) to fight fraud and credit risk; (iv) to enforce DiabWellness Terms of Use (to which this Privacy Policy is also a part); or (v) when DiabWellness, in its sole discretion, deems it necessary in order to protect its rights or the rights of others; and
• if otherwise required by an order under any law for the time being in force including in response to enquiries by Government agencies for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offenses.

DiabWellness may use Your personal data or contact information such as, Your name, address, postcode, gender, occupation, age, date of birth, email address, telephone number only when needed in cases like dealing with any complaint, queries or problems reported by You regarding the Services offered by us or notifying You of changes in its Services and help improve the Services provided by us.

Location Data Usage

We may use location data only to show you relevant results for booking vaccination/appointment slots. We don’t save the location collected nor use it for any other activity.

Use of Information

We will collect and retain your personal information and any other information collected as per Clause 2 for such time as is necessary to provide our Services to you and for regulatory purposes. Any personal information submitted by you or collected by us will be used only for the purposes mentioned below:

1. for registrations of our Services;
2. to carry out our obligations arising from your requests for our Services;
3. to provide the features and functionalities as part of Services to the Users;
4. to improve the Services, and to customise your future experience with us;
5. to make sure that the content is presented in the manner that is most effective for you;
6. to serve curated marketing and promotional content to the Users;
7. to copy, reproduce, store, distribute, publish, export, adapt, edit, and translate the information provided by you to the extent reasonably required for the provision of Services;
8. for conducting research on efficient administrative practices;
9. to communicate with you about any changes to our Services;
10. to verify your identity and perform checks to prevent fraud;
11. Non-personally identifiable information, exclusively owned by us may be used in an aggregated or non-personally identifiable form for internal research, statistical analysis and business intelligence purposes including those for the purposes of determining the number of patients and visitors and transactional details, and we may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates;
12. dealing with grievances, complaints and queries raised by Users;
13. Ensuring that the provisions of the Terms and Conditions and Privacy Policy are complied with by all Users;
14. For demarcating different types of Users and the Services availed by the Users;
15. Ensuring you are not contacted for any information or Services that you have opted-out of;
16. To allow our third-party service providers to provide the services as requested; No sensitive personal information will be shared with any third party;
17. maintenance of records as prescribed under law;
18. To allow our third-party service providers who work with us to (a) communicate with the Users; (b) maintain the Services; (c) perform usage analytics to help improve the Services; (d) enable additional features (e) assist in marketing and promotional activities. In such circumstances, you consent to us disclosing your information (excluding sensitive personal information) to the third-party service providers for the intended purposes;
19. for performance of our contractual obligations.

Security

Your security is important to Us. DiabWellness adopts reasonable security practices and procedures to include, technical, operational, managerial and physical security control measures in order to protect all User information including Personal Information in its possession from loss, misuse and unauthorised access, disclosure, alteration and destruction.

All data, content and/or all User information is encrypted during transmission and will be stored encrypted at-rest. DiabWellness shall take reasonable steps to protect Your Personal Information in an effort to prevent loss, misuse, unauthorised access, disclosure, alteration, and destruction.

DiabWellness assumes no liability or responsibility for disclosure of Your Personal Information due to errors in transmission, unauthorised third-party access, or other causes beyond its control. We have undertaken reasonable measures to protect Your rights of privacy with respect to Your usage of the Services provided herein. However, We shall not be liable for any unauthorised or unlawful disclosures of Your Personal Information made by any third parties who are not subject to Our control.

Confidentiality

You further acknowledge that the Applications may contain information which is designated confidential by Us and that You shall not disclose such information without Our prior written consent. Your information is regarded as confidential and therefore, will not be divulged to any third party, unless if legally required to do so to the appropriate authorities or shared as per this Privacy Policy or Terms of Use.

We will not sell Your Personal Information to any third party or use Your e-mail address for unsolicited mail. Any emails sent by Us will only be in connection with the provision of agreed Services, and You retain sole discretion to seek for discontinuation of such communications at any point of time.

User’s Rights

All the information provided to DiabWellness by a User, including Personal Information, is voluntary. User has the right to withdraw consent at any time, in accordance with the terms of this Privacy Policy and the Terms of Use, but please note that withdrawal of consent will not be retroactive i.e. We cannot delete the Personal Information for which We are custodians on behalf of Third Party Service Providers. Further, if a Third Party Service Provider ceases to be engaged with us, We may be contractually obligated to give such Third Party Service Provider a data export, however, given the nature of data, User may continue to be co-owners of such data and DiabWellness will continue to keep the Personal Information including User data for continuous provision of Services to User.

Users can access, modify, correct and delete the Personal Information. However, if the User updates his/her/its information, DiabWellness may keep a copy of the information which User originally provided to us in its archives for User documented herein. In case the User seeks to update or correct, his/her/its Personal Information, the User may exercise these rights by emailing us at info@diax.ai and communicate the change(s) for updating DiabWellness's records.

If a user attempts to delete their account, DiabWellness reserves the right and may retain certain personal information, as some or all of this data may be classified as shared resources between the doctor and patient.

If a User, as a casual visitor, has inadvertently browsed any other pages prior to reading the Privacy Policy and the Terms of Use, and such User does not agree with the manner in which such information is obtained, stored or used, merely quitting this browser application should ordinarily clear all temporary cookies installed by DiabWellness. All visitors, however, are encouraged to use the “clear cookies” functionality of their browsers to ensure such clearing/deletion, as we do not guarantee, predict or provide for the behavior of the equipment of all the visitors.

If a User has inadvertently submitted any Personal Information to us prior to reading the Privacy Policy and Terms of Use, and such User does not agree with the manner in which such information is collected, stored or used, then such User can ask DiabWellness, by sending an email to info@diax.ai containing the rectification required, whether we keep Personal Information about such User, and every User is also entitled to require us to delete and destroy all such information relating to such user (but not other Users) in its possession.

In case User does not provide its information or consent for usage of Personal Information or subsequently withdraws consent for usage of the Personal Information so collected, DiabWellness reserves the right to discontinue Services for which the said information was sought.

Opt Out

We may send You certain notifications regarding promotional offers, marketing offers or regarding the Services being availed by You etc. In case You do not wish to receive them, You may have an option to opt out of the same.

If You opt out, DiabWellness or its affiliates consents to not send any non-essential (promotional, marketing-related) communications to You, however, We may still send You non-promotional emails, such as emails about Your account.

Amendment

DiabWellness reserves the right to amend the Privacy Policy, as and when required. It is Your responsibility to keep yourself updated of the changes made from time to time. Your continued use shall be deemed to be Your acceptance of such changes.

Grievance Redressal

In compliance with Information Technology Act, 2000 and the rules made thereunder, the Grievance Officer of DiabWellness for the purpose of this Policy shall be:

In case You have any questions, comments or concerns about this Privacy Policy or wish to exercise any of the above mentioned rights, You can contact us at info@diax.ai.