https://www.noabathcraft.com is an internet and mobile application based platform (here in after referred to as “Website” operated by NOA Innovations
1. Section 43A of the Information Technology Act, 2000 (“IT Act”)
2. Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (“SPDI Rules”)
3. Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011 (“Intermediaries Guidelines”).
- (a) what information we receive from you
- (b) how we collect and use that information
- (c) how you can provide information selectively, access and update the information
- (d) how we process, share and protect your information.
2. Information collected and means of collection
We collect the following information about you:
- Registration Information: When you register to use our Website, we collect your registration details including phone number, email address and name. We verify your phone number with the help of a one-time password sent to your phone number.
- Order Information: We may collect information necessary for us to process your order on the Website including, items you place in the cart, your postal address and specific payment information such as payment transaction details. However, we do not collect any bank account information, debit or credit information or any other payment instrument details.
- Usage Information: We may collect information about how you use our Website, your device and software including usage statistics, traffic data, including source of traffic, your IP address, browser, operating system type, domain names, login status, history of payment methods used, access times, locations, previous consultations, order status, previous orders and transactions including product pricing details, transaction information and payment and browsing history. Your usage of certain third-party services on our Website also requires us to collect such information as is considered necessary for that purpose. (Registration Information, Order Information and Usage Information to be collectively referred to as “Personal Information”)
- Diagnosis Information: We may collect information about the symptoms you are facing if you the fill questionnaire available on the Website or when you share the information with when you consult with a medical professional (“Doctor”) through the Website. This may include information and sensitive personal data or information relating to your health condition including hair loss, metabolic data, weight and hygiene. Collection of diagnosis information may also include collection of sensitive personal data or information in the nature of physical, physiological health condition and sexual orientation.
- Consultation Information: We may further collect information related to the appointments you make on the Website, your health and wellness during your consultation with the Doctor. This may include sensitive personal data or information in the nature of medical records and history, in addition to physical, physiological and mental health condition and sexual orientation.
- Prescription and Medication: We store and process the prescription generated by the Doctor on the Website and use the same to process your order. We may store such prescription for our records for the duration permitted by applicable law. (Diagnosis Information, Consultation Information and Prescription and Medication information to be collectively referred to as “SPDI”)
- The IT Act and the SPDI Rules regulate the collection, usage, retention and disclosure of personal information, which is defined under the SPDI Rules as any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, is capable of identifying such person. The SPDI Rules further define sensitive personal data or information of a person as personal information about that person relating to:You provide all information to us voluntarily. Collection, use and disclosure of Personal Information and SPDI requires your express consent. You are providing us with your consent to our use, collection and disclosure of the Personal Information and SPDI. You may choose to not provide us with Personal Information and SPDI, but in the event that you do so, we will be unable to provide you access to our Website or purchase Products or provide Services through our Website.
3. Use of information
We use your Information for the following purposes:
- To operate and improve the Website in order to foster a positive User experience and to improve our business as a whole.
- To process and deliver your order with us.
- To enable your access to our Website to purchase Products and provide you Services.
- To enable you to initiate and consultation with the Doctors.
- Analysing data, tracking trends, building algorithms, creating databases for rating systems, recommendations engines, etc
- For non-targeting reasons such as frequency capping, compliance, billing, ad reporting or delivery, market research or product development purposes.
- To comply with applicable law.
- To conduct audits and quality assessment procedures.
- To analyse the use of our resources, troubleshooting problems and improving our Products and Services, by using the information regarding your mobile device and software.
- Contacting Users, both during and after an order, for updates, resolution of queries, order details, consultations, follow-up consultations or offering new products or services.
- To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms, or as otherwise required by law.
- To respond to any queries that you may have, and to communicate information to you, including notifications of any promotions or alerts, any changes/updates to the Website, or the introduction of any future fees or charges that we may collect at the time for purchasing Products or provision of our Services to you.
- To contact you, by way of SMS, email and phone calls, from time to time to record your valuable feedback on our Products and Services, as they currently stand, and/or any potential Products and Services that may be offered in the future. (Collectively, the above constitute “the Purposes”).
If you wish to opt out of receiving non-essential communications such as promotional and marketing-related information regarding our Products and Services, please email us at the details provided below in the contact section.
4. Disclosure of information
We may disclose your Personal Information and SPDI, as the case may be, to third parties in the manner and for the purposes specified below.
- We may disclose your Personal Information and SPDI to Doctors for diagnostic, or therapeutic purposes or to otherwise track or improve our Products, Services or Business.
- We may disclose your Personal Information to our logistics partners for processing of orders placed by you on the Website.
- We may disclose your Personal Information and SPDI to pharmacies, wherever applicable, for arranging dispatch of your order.
- We may disclose information to our partners, affiliates, investors, stakeholders or potential associates in an anonymized and aggregate manner, so that they too may understand how Users use our Website and enable us to create a better overall experience for you.
- We also share aggregated anonymous information about Users with our clients, partners, other Users, and other third parties so that they may be aware of the nature and number of Users, in order for them to be able to serve advertisements and other kinds of marketing information that may be relevant for you on our Website.
- We may disclose and transfer your Personal Information and SPDI to a third party who acquires, or may potentially acquire, our business, whether such acquisition is by way of a merger, consolidation or purchase of all or a substantial portion of our assets or investment in Us.
- We may transfer Personal Information and SPDI to a third party, including persons outside India, to improve our Products and Services.
- We will disclose your Personal Information and SPDI if legally required to do so, pursuant to an order from a governmental entity or in good faith. We will disclose the Information to: (i) conform to legal requirements or comply with legal process; (ii) protect our rights or property or our affiliated companies; (iii) prevent a crime or national security; or (iv) protect personal safety of our Users or the public.
Transfer to third parties and outside India
Subject to applicable law, we may at our sole discretion, transfer Personal Information and SPDI to any other body corporate (as defined under the Information Technology Act, 2000) that ensures at least the same level of data protection as is provided by us under the terms hereof, located in India or any other country.
By using the Website, you accept the terms hereof and hereby consent to the storage and processing of Personal Information and SPDI by third parties and in any of location outside India. The Company will make best efforts to ensure that the third party or the location to which the SPDI is transferred affords same level of data protection as would be afforded under Indian law.
5. Third-party links
The Website may include hyperlinks to various external websites, and may also include advertisements, and hyperlinks to applications, content or resources (“Third Party Links”). We have no control over such Third Party Links present on the Website, which are provided by persons or companies other than us. You acknowledge and agree that we are not responsible for any collection or disclosure of your information by any external sites, applications, companies or persons thereof. The presence of any Third Party Links on our Website, cannot be construed as a recommendation, endorsement or solicitation for the same, or any other material on or available via such Third Party Links.
You further acknowledge and agree that we are not liable for any loss or damage which may be incurred by you as a result of the collection and/or disclosure of your information via Third Party Links, as a result of any reliance placed by you on the completeness, accuracy or existence of any advertising, products services, or other materials on, or available via such Third Party Links. This will include all transactions, and information transmitted therein, between you and any such third party sites or applications or resources, such transactions are strictly bi-partite. We shall not be liable for any disputes arising from or in connection with such transactions between you and the aforementioned third parties.
6. Changes to your information
You may review, correct, update, change or delete your Personal Information relating to Registration Information and Order Information on the Website by writing to us at the contact details specified below. You can delete any part of the Personal Information or request us to delete the same, and we will comply with such requests within a reasonable time, unless we are required to keep certain information for legal purposes. You may update your SPDI at any point by writing to us at the details indicated below in the contact section.
Should you choose to delete your Personal Information or SPDI or modify it in a way that is not verifiable by us, or leads to such information being incorrect, we will be unable to provide you with access to our Website or our Services, as described under the Terms, and such a deletion or modification may be regarded as the User seeking to discontinue his or her access to our Website and Services.
We reserve the right to verify and authenticate your identity and your Personal Information in order to ensure accurate delivery of Products and Services. Access to or correction, updating or deletion of your Personal Information or SPDI may be denied or limited by us if it would violate another person’s rights and/or is not otherwise permitted by applicable law.
7. Security and retention of information
Security of your information
We endeavour to maintain physical, technical and procedural safeguards that are appropriate to protect your Information against loss, misuse, copying, damage or modification and unauthorized access or disclosure. Some of the security measures adopted by us are:
- We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
- We restrict access to Personal Information, to our employees and agents who need to know that information in order to process it for Us, and who are subject to strict contractual confidentiality obligations, and may be disciplined or whose relationship with us may terminate if they fail to meet these obligations.
No employee or administrator of the Company will have knowledge of your password of your account on the Website. It is important for you to protect against unauthorized access to your password and your mobile phone, as detailed in the ‘User Account, Password and Security’ section of the Terms. You must be sure to log off from the Website when you have finished use thereof. We do not undertake any liability for any unauthorised use of your account and password.
If you suspect any unauthorized use of your account, you must immediately notify us by sending an email to the contact details indicated in the contact section. You shall be liable to indemnify us due to any loss suffered by us due to such unauthorized use of your account or password.
Further, we shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond our reasonable control including but not limited to acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of internet service or telephone service of the User, etc.
Retention of Information
- We also have measures in place such that your SPDI which is in our possession or under our control, is destroyed and/or anonymized as soon as it is reasonable to assume that: (i) the Purposes for which your SPDI has been collected have been fulfilled; and (ii) retention is no longer necessary for any other reason.
- We may, however, reserve the right to retain and store your Personal Information for our business purposes, whether such Personal Information has been deleted or not. After a period of time, your data may be anonymized and aggregated and then may be held by us as long as necessary, to enable purchases of Products and provision of Services or for analytics purposes.
If you wish to withdraw your consent for processing your Personal Information and SPDI, cancel your account, or request that we no longer use your Personal Information and SPDI to deliver our Products or provide you Services, please contact us at details indicated in the contact section below. Please note, however, that your withdrawal of consent or cancellation of account may result in us not being able to deliver you Products or provide you with our Services, or terminate any existing relationship that we may have with you.
Please note that uninstalling our mobile application will not result in deletion of your Personal Information or SPDI.
8. Cookies and other tracking technologies
We utilize “cookies” and other tracking technologies, having session or local variables. A “cookie” is a small text file that may be used, for example, to collect information about activity on the Website. Some cookies and other technologies may serve to recall information previously indicated by a User. Most browsers/mobile settings allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers/mobile application to notify you if you receive a cookie, or you may choose to block cookies with your browser/mobile applications.
At all times, you may refuse all cookies on your browser or mobile application by changing your settings to the extent permissible on your device. However, by doing so, you may not be able to use certain features on the Website or take full advantage of all the offerings and interest-based advertising. You can remove cookies by following directions provided in your mobile’s “help” file or the browser.
9. changes to the policy
- Indemnity: You agree and undertake to indemnify us in any suit or dispute by any third party arising out of disclosure of information by you to third parties either through our Website or otherwise and your use and access of websites, applications and resources of third parties. We assume no liability for any actions of third parties with regard to your Personal Information or SPDI which you may have disclosed to such third parties.