Privacy Policy

Effective Date: 1 October 2025

1. Introduction

Welcome! Your privacy is of utmost importance to us. This Privacy Policy explains how HealthVentor (referred to as the "Data Fiduciary") collects, uses, shares, and protects your Personal Data. This policy applies to you, the user (referred to as the "Data Principal"), when you interact with us.

By providing us with your personal information, you agree to the practices described in this policy and give us your consent to process your data accordingly.

2. Your Consent is Important

Your consent is the foundation of our data processing activities. We will only collect and use your personal data after you have given your clear, specific, and voluntary consent.

When you provide your details, we will ask for your consent for specific purposes. For example, you will be asked to agree to the following: "By providing your details, you consent to receive marketing communications via email, SMS, WhatsApp, and phone."

Your Right to Withdraw Consent: You have the absolute right to withdraw your consent at any time. Withdrawing your consent is simple. You can click the "unsubscribe" link in any of our emails, reply "STOP" to any SMS message, or email our Grievance Officer directly. Once you withdraw consent, we will stop processing your data for those specific purposes.

3. The Personal Data We Collect

We adhere to the principle of data minimization, which means we only collect the personal data that is absolutely necessary for the purposes we have identified. We collect the following information from you:

• Full Name
• Phone Number (Mobile)
• Email Address

4. How and Why We Use Your Personal Data (Purpose Limitation)

We are transparent about why we need your data. We use your Personal Data for the following specific purposes:

• To Contact You with Promotional Offers: We use your name, email, and phone number to send you newsletters, special offers, and information about our products and services. These communications may be delivered through email, SMS, WhatsApp, and direct promotional phone calls.
• To Show You Relevant Advertisements: We want our advertising to be relevant to you. To achieve this, we may share a securely encrypted (hashed) version of your email address or phone number with our advertising partners, such as Meta (Facebook and Instagram) and Google. This allows them to show you our personalized advertisements on their platforms. Hashing turns your data into a short, unreadable code to protect it. You can opt out of this type of advertising through the privacy settings on those respective platforms.
• To Provide Our Services: We use your data to send you important service updates, transactional messages, and to respond to your customer service requests and inquiries.
• For Internal Analysis: We may analyze data in an aggregated and anonymized form to measure the effectiveness of our marketing campaigns and to improve our services.

5. How We Share Your Data

Your trust is important to us. We do not sell your personal data to anyone.

We only share your data with trusted third parties who help us operate our business, and only for the purposes authorized by you. These include:

• Marketing & Advertising Partners: We share hashed data with platforms like Meta and Google to facilitate targeted advertising as described above.
• Communication Service Providers: We use third-party services to send you emails (e.g., email marketing platforms) and SMS messages (e.g., SMS gateway providers).
• Legal Authorities: We may be required to disclose your personal data if compelled by law, court order, or other governmental authority to protect our legal rights.

All third parties we work with are contractually obligated to keep your data secure, confidential, and to use it only for the specific purposes for which we have shared it.

6. Data Security Measures

We are committed to protecting your data. We implement reasonable technical and organizational security measures, including encryption, secure servers, and strict access controls, to safeguard your personal data from unauthorized access, alteration, or destruction.

While we take all reasonable steps to protect your data, please note that no method of transmission over the internet or electronic storage is 100% secure. In the unlikely event of a significant data breach that is likely to harm you, we will notify you and the Data Protection Board of India, as required by law.

7. Your Rights Under Indian Law (The DPDPA)

Under the Digital Personal Data Protection Act, 2023, you have several rights concerning your personal data. We are committed to upholding these rights.

• The Right to Access: You can request a copy of the personal data we hold about you.
• The Right to Correction: If you believe your data is inaccurate or incomplete, you have the right to request that we correct or update it.
• The Right to Erasure: You can request that we delete your personal data from our systems. We will comply with this request, subject to any legal obligations to retain certain information.
• The Right to Withdraw Consent: As mentioned earlier, you can withdraw your consent for marketing communications at any time. The easiest way is to use the "unsubscribe" link in our emails or contact our Grievance Officer.
• The Right to Grievance Redressal: If you are not satisfied with how we handle your data or your requests, you have the right to file a complaint.

To exercise any of these rights, please contact our Grievance Officer.

8. Contact Information

For any questions, concerns, to exercise your rights, or to file a grievance, please contact us:

• Email: info@healthventor.com

9. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any changes by posting the new policy on our website and updating the "Effective Date" at the top. We encourage you to review this policy periodically.