1. Nature and Objective
1.1. The terms and conditions with respect to privacy contained herein shall constitute the Privacy Policy of OneHealth.
1.2. The Privacy Policy is published in compliance with, inter alia:
1.2.1. Information Technology Act, 2000;
1.2.2. Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”);
1.2.3. Information Technology (Intermediaries Guidelines) Rules, 2011.
1.3. The Privacy Policy states the following:
1.3.1. The kinds of information collected from the Users including Personal Information [as defined in Clause 2] and Sensitive Personal Data or Information [as defined in Clause 2] (collectively, “User Information”); and the modes of collecting User Information;
1.3.2. The manner in which OneHealth uses, processes, retains and destroys the User Information;
1.3.3. Modes of disclosing the User Information.
1.4. The purpose of this Privacy Policy is to demonstrate to all the Users, that OneHealth is committed to protecting the privacy of all the User Information.
2. Type of User Information Collected and Stored:
2.1. The information collected from the Users may constitute “Personal Information” or “Sensitive Personal Data or Information” under the SPI Rules.
2.1.1. “Personal Information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, is capable of identifying such person.
2.1.2. “Sensitive Personal Data or Information” of a person means personal information about that person relating to:
2.1.2.1. passwords;
2.1.2.2. financial information such as bank accounts, credit and debit card details or other payment instrument details;
2.1.2.3. physical, physiological and mental health condition; sexual orientation;
2.1.2.4. medical records and history;
2.1.2.5. biometric information;
2.1.2.6. information received by body corporate under lawful contract or otherwise;
2.1.2.7. visitor details as provided at the time of registration or thereafter; and
2.1.2.8. call data records.
2.2. OneHealth shall collect such information from the User in order to, among other things, facilitate and ensure efficient provision of Services to the Users, improve its Website, etc. It includes, but is not limit to the following:
2.2.1. OneHealth shall collect and maintain all the information that the Users provide at the time of registration.
2.2.2. OneHealth shall collect financial information like credit card number, debit card number and such other information that is essential to successfully facilitate a successful payment or financial transaction. The transaction however will be completed only upon verification through the authentication process, which shall be solely established by the Customer
2.2.3. OneHealth shall maintain a record of all the prescriptions that the Customers may upload in order to purchase products or avail services.
2.2.4. OneHealth may also conduct surveys (which is optional for the Users), in order to understand User preferences and to target advertisements. User responses however will be maintained in anonymous/aggregated forms.
2.2.5. When any User visits the Website, OneHealth will automatically receive the URL of the site from which User comes and the site to which the User goes, the IP address of the User’s computer or the proxy server as the case may be, User’s computer operating system and type of web browser the User is using, email patterns, name of User’s ISP and other such information. Such information, which is not Personal Information or which does not personally identify the Users (“Non-Personal Information”), as well as the nexus between the Non-Personal Information and the User’s identity shall remain confidential for all purposes and will be used in anonymized/aggregated form for research, analysis, administration, intelligence and other such purposes which will help OneHealth improve its services or its Website
2.2.6. OneHealth uses temporary cookies in order to store certain kind of information, which is also Non-Personal Information, but which will assist OneHealth in research, analysis, administration, intelligence and other such purposes which will help OneHealth improve its services or its Website.
2.2.7. OneHealth may also maintain records of telephonic conversations with its Users for various purposes like research, analysis, administration, intelligence, etc
2.2.8. Other information which OneHealth may seek from its User, includes but is not limited to those which enable the Users to receive promotional offers from OneHealth, those which will assist OneHealth to customize its Website to deliver personalized information to the User, etc
3. OneHealth Roles and Responsibilities
3.1. OneHealth shall collect and use User Information only in accordance with the Privacy Policy.
3.2. OneHealth will not collect any information of any of the User from any other outside source, other than that information which is expressly sought for on the Website.
3.3. OneHealth shall not share or disclose any contact information of the User to any third party without the User’s consent
3.4. OneHealth shall take all reasonable steps to ensure confidentiality of all the data.
3.5. OneHealth is responsible for providing only hosting services to its Users. OneHealth shall not review, share, use or distribute any User Information except as provided in the Terms of Use or as required by law
3.6. OneHealth does not exercise control over any other website or advertisements displayed within the Website (“Third Party Content”). Mere display of such websites does not indicate its endorsement in any manner. These other websites may place their own cookies or other files on the Users’ computer in order to optimize services or serve advertisements, or solicit information, for which OneHealth does not take responsibility and is not liable. OneHealth does not guarantee the accuracy or quality of any kind of information available on such third-party websites. The User in such instances is expected to read, understand and agree to the terms of use of such third-party websites.
3.7. OneHealth shall access/view/use User Information only in order to efficiently facilitate product/service delivery or to improve its services or to resolve a problem or in the event of suspected violation of Terms of Use or as may be required by law.
3.8. OneHealth shall have perpetual, non-exclusive, worldwide, irrevocable, royalty-free, sub-licensable rights to utilize the User Information, but only in such manner so as to perform its mandated functions, fulfil its obligations under the Terms of Use, provide the best and efficient services to the Users and to grow its business
3.9. OneHealth shall exclusively own all the Non-Personal Information. OneHealth may use such Non-Personal Information in anonymized/aggregated form for research, analysis, administration, intelligence and other such purposes. OneHealth may also transfer/sell such Non-Personal Information to any other third-party personnel/affiliates
3.10. OneHealth shall ensure that financial transactions are facilitated upon secure sites of approved, authorized and digitally encrypted payment gateways, thereby providing highest possible degree of security. Users however agree and understand that despite OneHealth having employed every reasonable measure to ensure utmost security, internet technology is still not absolutely infallible, and that OneHealth shall not be held liable for any breach which may occur despite having taken all reasonable measures.
3.11. OneHealth assures the Users that all of OneHealth’s directors, employees, officers, agents, consultants, licensors, representatives or other personnel who are associated with OneHealth (collectively “Employees”) who have access to User Information are bound by non-disclosure agreements to maintain confidentiality of User Information
3.12. OneHealth assures to all the Users that it has implemented industry standards security policies and other measures to safeguard all the User Information from accidental loss or unauthorized, illegal or improper access, modification, use, disclosure or destruction.
4. Storage
4.1. All the information which may be collected from OneHealth is maintained in the electronic form on the equipment’s/devices of OneHealth, of the Employees as well as that of the third-party servers. The information may also be retrieved in the physical form if need be, to facilitate provision of services in an efficient manner. Notwithstanding the mode of collection or storage, OneHealth shall ensure confidentially of all the User Information in accordance with the Terms of Use.
4.2. OneHealth may retain User Information as long as necessary, depending on the type of information, purpose, modes of use.
5. All Users’ Duties and Obligations
5.1. The Users shall ensure the accuracy of any and all information they provide to OneHealth. In the event OneHealth learns that the information provided is not accurate, or reasonably suspects it to be incorrect, OneHealth may terminate the account of the User and discontinue provision of Services at its own discretion
5.2. In the event, there is a subsequent change in any User Information already provided, the Users shall communicate the same to OneHealth in accordance with Clause 14 of the Terms of Use. OneHealth will accordingly make bona fide efforts to update the User Information within 10 working days of such notification
5.3. User shall not under any circumstances reproduce, distribute or in any way utilize the OneHealth Content (defined below) or the Website for any commercial purposes or personal gains of any kind, or in any manner which violates the Terms of Use
5.4. The User is responsible for, and shall ensure confidentiality of their account access information and password, other log-in details, use of the account, etc. Each User shall exclusively use his/her account
5.5. In the event the User suspects any unauthorized access or use of his/her account, the User shall immediately notify OneHealth.
5.6. As mandated by Regulation 3(2) of the IG Rules, OneHealth hereby informs the User that the User is not permitted to host, display, upload, modify, publish, transmit, update or share any information that
5.6.1. Belongs to another person and to which the User does not have any right to;
5.6.2. is grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, pedophilic, libelous, invasive of another's privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;
5.6.3. harm minors in any way;
5.6.4. infringes any patent, trademark, copyright or other proprietary rights;
5.6.5. violates any law for the time being in force;
5.6.6. deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
5.6.7. impersonate another person;
5.6.8. contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource;
5.6.9. is prohibited under applicable law for the time being in force including Drugs and Cosmetics Act, 1940, the Drugs and Magic Remedies (Objectionable Advertisements) Act, 1954, the Indian Penal Code, 1860 as amended from time to time and rules made there under
5.6.10. threatens the unity, integrity, defense, security or sovereignty of India, friendly relations with foreign states, or public order or causes incitement to the commission of any cognizable offence or prevents investigation of any offence or is insulting any other nation
5.6.11. The User is also prohibited from:
5.6.11.1. Tampering or attempting to tamper with any part of OneHealth Content, or security or integrity of the Website
5.6.11.2. Acting or omitting to act in such manner so as to disrupt efficient service delivery
5.6.11.3. intentionally submitting on the Website any incomplete, false or inaccurate information;
5.6.11.4. making any unsolicited communications to other Users;
5.6.11.5. using any engine, software, tool, agent or other device or mechanism (such as spiders, robots, avatars or intelligent agents) to navigate or search the Website;
5.6.11.6. attempting to decipher, decompile, disassemble or reverse engineer any part of the Website
5.6.11.7. copying or duplicating in any manner any of the OneHealth Content or other information available from the Website;
5.6.11.8. framing or hotlinking or deep-linking any OneHealth Content
6. All Users’ Note
6.1. The User agrees that he/she provides any or all User Information voluntarily, by his/her own free will and volition.
6.2. The User consents that OneHealth may use the User Information for any or all purposes that will enable it to efficiently provide its Services.
6.3. The Users shall, from time to time, provide and update information relating to the products or services offered by such User, or any other information in order to ensure the accuracy of information provided to OneHealth
6.4. If the User wants to modify any information already submitted to OneHealth, including but not limited to contact details, the User can modify such information by logging-in his/her account. In such cases, OneHealth may keep the copy of the information which the User had originally submitted to OneHealth.
6.5. If the User does not agree with any of the Terms of Use or the Privacy Policy; or the User no longer seeks the services of OneHealth, or wants to un-register, the User may delete any and all such information submitted by logging-in his/her account. In addition, if the User does not want any of the User Information to be stored and maintained by OneHealth, the User may request the removal of any and all User Information submitted by communicating the request to OneHealth. The User is entitled as a matter of right to require OneHealth to delete all such information. OneHealth shall, within 10 days of receiving such request, anonymize all such User Information which was sought to be removed. Such anonymized information will be used by OneHealth for research, administration, analysis and other intelligence purposes
6.6. The Users consent that, they are required to read, understand and agree to the terms of use of third-party websites
6.7. Users shall utilize the content of the Website, which includes, but is not limited to information, images, logos, graphics, design, layouts, software, audios, videos, illustrations, etc (“OneHealth Content”), only in accordance with the Terms of Use. OneHealth Content is the property of OneHealth alone, and is protected by various intellectual property laws.
6.8. User shall view, access and use the OneHealth Content solely for the purposes of visiting/browsing to learn about OneHealth, purchasing products or availing services from Service Providers, or for the purposes of communicating with OneHealth.
7. Service Providers’ Note:
7.1. Service Providers are required by OneHealth to submit information at the time of registration (“Service Provider Information”). Such Service Provider Information shall be owned by OneHealth. It shall be used for commercial purposes or in anonymized/aggregated form for research, administration, analysis and intelligence purposes, which can be transferred/sold
7.2. The Service Provider Information is displayed when Users search for such Service Providers, and such Service Provider Information is used by Customers to order for products/services
7.3. The Service Providers agree and understand that OneHealth may, at its discretion, make available any other Service Providers to the Users.
7.4. The Service Providers must ensure the confidentiality of any or all User Information they become privy to, while providing consultation or in the course of their duties.
7.5. The Service Providers must respond to the Customer within 10 working days from the date on which the Customers reach out to the respective Service Providers
7.6. Service Providers shall not manipulate or attempt to manipulate the prices of the offered products and services.
8. Customers’ Note:
The Customers must, in order to purchase products or avail services of the Pharmacies or Labs, upload prescriptions by registered medical practitioners, on the Website. Such prescriptions can be accessed or used by Customers and other authorized Users.
9. Casual Visitors’ Note:
A casual visitor who has/might willingly submit any information to OneHealth, through any means, shall be considered as any other User for the purposes of this Privacy Policy, and in such instance, all the terms and conditions of the Terms of Use and Privacy Policy shall be applicable to such Casual Visitors.
10. Disclosure Norms:
Notwithstanding the form of collection or storage, all the User Information shall be protected with utmost confidentiality in accordance with the Terms of Use, and will be disclosed only in the following instances/manner:
10.1. OneHealth makes the User Information accessible to the Employees on a need-to-know basis, and the Employees are subjected to strict non-disclosure obligations
10.2. OneHealth makes the User Information accessible to the Service Providers in order to facilitate efficient service delivery and to perform its functions, strictly in accordance with the Terms of Use.
10.3. Regulation 7 of the SPI Rules provides that sensitive personal data or any such information can be transferred to any other body corporate or a person in India, or located in any other country that ensures the same level of data protection that OneHealth adheres to; and that such transfer may be allowed only if it is necessary for the performance of the lawful contract between OneHealth and the User or where the User has contented to data transfer. Pursuant to this Regulation, OneHealth may disclose/share/transfer User Information to its affiliates in other countries, and the User hereby agrees for such disclosure/sharing/transfer.
10.4. OneHealth will not disclose any User Information to governmental institutions or authorities unless such disclosure is mandated under any applicable or judicial decree or when OneHealth, in its sole discretion, deems it necessary in order to protect its rights or the rights of others, to prevent harm to persons or property, or to enforce the Terms of Use
10.5. OneHealth may also disclose or transfer User Information to any other third party as part of re-organization of OneHealth or sale of its assets. Such third parties will have the right to continue to use the User Information.
10.6. OneHealth may also provide User Information to third parties who work on behalf of or with OneHealth in order to perform its obligations under the Terms of Use and to efficiently provide services. Such third parties will have the right to Use the shared User Information in accordance with their own privacy policies
10.7. OneHealth may share Non-Personal Information in anonymized/aggregated form with such third parties, including but not limited to investors, strategic partners, advertisers, etc, with the objective of growing its business
