Updated 8th February 2024.
Your Privacy is of utmost importance to us, and the protection of your Personal Data as disclosed by you to us is a key commitment for us. During your usage of our platform, we may collect and generate various data points about you as elaborated below. We collect and process your Personal Data only to the extent necessary for us to process your requirement(s). In case you choose not to share your Personal Data as required, with us, we may not be able to carry out your transaction.
“Personal Data” means data relating to an individual that is directly or indirectly identifiable, having regard to any characteristic, trait, attribute, or any other feature of their identity or any combination of such features with any other information. Personal Data does not mean information that is freely available or accessible in the public domain or furnished under the Right to Information Act, 2005, or any other law for the time being in force. Personal Data includes Sensitive Personal Data, which relates to passwords, financial information such as bank account or credit card or debit card or other payment instrument details, physical, physiological, and mental health condition, sexual orientation, medical records and history, biometrics or any other data categorized as sensitive under applicable law in India.
I. Types of Information we collect
We may collect the following information from you, as you have disclosed to us:
1. Personal details (e.g., first name, last name, organization ID, contact details) provided by you to us to avail various products/services from us; and
2. Images of medical condition (e.g., X-rays, CT scans, etc.).
II. Sharing and Storage of your Personal Data
Any Personal Data that we have access to shall never be shared without your consent.
In various processes/submissions of applications of product/service offerings, we even seek your explicit consent to use/share your Personal Data.
In our business and operational processes, we only share the data on a partial and “need-to-know” basis with designated personnel or partners, or service providers.
We may process, store, and retain your Personal Data on our servers where the data centres are located, and/or on the servers of third parties having contractual relationships with us. The sensitive personal data may be stored till the time an image has been processed. We will retain your data as per your requirements. In case there is no requirement or obligation of data retention from your end, we shall follow our backup and recovery guidelines by default.
We will share your data with competent/legal/statutory/regulatory agencies/authorities or partners/service providers acting on our behalf (as the case may be) in the following cases:
1. For enabling the provision of the products/services availed by you, strictly on a “need to know” basis and subject to applicable laws.
2. Where it is directed or required by legal/regulatory/statutory/governmental authorities/judiciary under any applicable laws/regulations or judicial pronouncement though a legally obligated request.
3. Where it is required by financial institutions to verify, mitigate, or prevent fraud or to manage risk or recover funds in accordance with applicable laws/regulations.
III. Usage of Your Personal Data
We use your Personal Data in our business activities for providing our partners’ products/services and to perform, among other actions, the following:
1. To facilitate the transactions or report on these transactions;
2. To undertake research and analytics for offering or improving our products/services and their security and service quality;
3. To check and process your requirements submitted to us for products/services and/or instructions or requests received from you in respect of these products/services;
4. To take up or investigate any complaints/claims/disputes;
5. To verify your re-identity and your details with the image processed through our platform;
6. To monitor and review products/services from time to time;
7. To undertake financial/regulatory/management reporting, and create and maintain various risk management models;
8. To conduct audits and for record-keeping purposes;
9. To comply with the requirements of applicable laws/regulations and/or court orders/regulatory directives received by us;
10. To increase awareness and impart education;
11. To build a network and establish connections;
12. To undertake any measure to provide medical treatment or health services to you during an epidemic, outbreak of disease, or any other threat to public health or to ensure your safety, or to provide assistance or services to you during any disaster or any breakdown of public order.
IV. Purging of your Personal Data
You may choose to delete your account at any point of time by making such choice in CARPL.AI website or communicating the same to us. With this we will no longer provide your data for external processing as mentioned above. However, we retain your Personal Data as long as the purpose for its usage exists, after which the same is disposed of by us except for any record retention required as per applicable law. The provisions of various laws require your transaction logs to be stored for longer periods post the deletion of an account. Further, in the event of the pendency of any legal / regulatory proceeding or receipt of any legal and/or regulatory direction to that effect, we may be required by the law of the land to retain your Personal Data for longer periods.
- Please note that a “cookie” is a small piece of information stored by a web server on a web browser so it can be later read back from that browser.
- We may use cookie and tracking technology depending on the features offered.
- No Personal Data will be collected via cookies and other tracking technology; however, if you previously provided Personal Data, cookies may be tied to such information.
VI. Links to other websites
VII. Reasonable Security Practices and Procedures
We take various steps and measures to protect the security of your Personal Data from misuse, loss, unauthorized access, modification, or disclosure. We use the latest secure server layers encryption and access control on our systems. Our safety and security processes are audited by a third-party cyber security audit agency from time to time.
While we observe reasonable security measures to protect your Personal Information on all our digital platforms, security risks may still arise for reasons outside of our control such as hacking, virus dissemination, force majeure events, breach of firewall etc. Please note that the above-mentioned measures do not guarantee absolute protection to the Personal Information.
VIII. Contact us
You may contact us on any aspect of this policy or for exercising your rights / grievances with respect to your Personal Data, by writing to our Grievance Officer as per the details provided below:
Name: Dhruv Sahai
Designation: Chief Operating Officer
Email ID: firstname.lastname@example.org
CARPL.AI Pvt Ltd
K261, Lane No.5, Westend Marg, Saiyad Ul Ajaib Extension,
Saket, Delhi, New Delhi, Delhi 110030
IX. Policy Review & Updates
In this policy, the words “we”, “ours” and/or “us” refer to CARPL Communications Limited and “you” and/or “your” refer to our customers.
X. Governing Law & Jurisdiction
This policy will be governed by and construed in accordance with the laws of India and subjected to the exclusive jurisdiction of the Courts of New Delhi.