Read our policy outlines below to learn more about your rights and responsibilities as a ekincare user.
Effective from: 1 June, 2020
WE CARE ABOUT YOUR PRIVACY
ekincare., including its affiliates
describes how we collect and use personal data where
is the data controller or where we refer to the applicability of this Policy.
means information relating to you or another identifiable individual.
We will give you additional privacy information that is specific to a product or service in Supplements to this Policy and other notices you may see while using our products or services. If there is a difference between such notices and this Policy, the notices should be considered first.
Software on your device may access your information. Our products or services may contain links to, or may be embedded within, other companies’ websites and services that have privacy policies of their own. Where our products or services are embedded to products and services of our customers, we require our customers to provide necessary transparency to you. This might include linking to this Policy and the relevant Supplements, or providing the transparency in integrated and embedded notices which identify us as the service provider or controller.
IF YOU DO NOT AGREE WITH THIS POLICY, DO NOT USE OUR PRODUCTS AND SERVICE OR PROVIDE EKINCARE WITH YOUR PERSONAL DATA.
What information do we collect?
We collect your personal data and other information when you, use or register into our products and services (including ekincare.com, operated by us), take part in interact with us. This includes following categories:
Product and service activations
products and services may require electronic activation, where your device and application type, as well as unique device, application, network and subscription identifiers are sent to
Use of products and services
When you access our services online, our web servers automatically create records of your visit. These records typically include IP-address, access times, the sites linked from, pages visited, the links and features used, the content viewed or requested, browser or application type, language and other such information.
Our applications may contact our servers periodically, for example to check for updates or to send us information relating to service usage. See Supplements to this Policy for more details.
Information you provide with us
When you create an account, request services, participate in research or campaigns or otherwise interact with us, we may ask for information such as your name, email address, phone number, street address, user names and passwords, feedback, information relating to your devices, age, gender, and language etc.,We also maintain records of your consents, preferences and settings relating to, for example, location data, marketing and sharing of personal data.
Your transactions with us
We maintain records of your downloads, the content you have provided us with, your requests, agreements between you and
the products and services provided to you, payment and delivery details, your contacts and communications and other interactions with us. We may, in accordance with applicable law, record your communication with our customer care or with other such contact points.
Positioning and Location data
Location-based services establish location through the use of satellite, mobile, Wi-Fi, Bluetooth Low Energy (“BLE”) or other network based positioning methods. These technologies may involve exchanging your location data and unique device and mobile, Wi-Fi, Bluetooth, or other network related identifiers with
Our products may operate on multiple device platforms, applications and services which may also collect your location data. We do not use this information to identify you personally without your consent.
When you use our location based services and features, for example location based search, navigation and routing, or request for map data, your location data is sent to
to serve you with the right content, which may also include location based advertising.
COVID-19 Contact Tracing and Vaccination Status Collection
In accordance with the guidelines for COVID-19 Preventive Measures under MOHFW (Ministry of Health & Family Welfare), we will collect information like your vaccination status & COVID-19 infection history. We do not fetch the data from any government/third-party websites. The aggregated data will be shared with your HR/employer only, to help maintain a safe & Covid-free workplace.
Camera and Gallery Access
Some of our services require us to collect images, audio, video, file and digital information from your device's camera and gallery. You won't be able to share photos of prescriptions or medical reports with the doctor if we don't have access. Only your doctor has access to them, besides you.
Most of our employee engagement activities, fitness sessions and live webinars require calendar permissions to store data and provide timely reminders for upcoming events/appointments to the users
Information provided by partners
We obtain information from industry partners and a variety of other sources, including publicly available sources such as business registries. We require these sources to comply with applicable laws with regard to collecting and transferring this data to us, including ensuring that there is a legal basis for the transfer or anonymizing the data in accordance with applicable laws prior to disclosure of the data to us.
Why do we process Personal Data?
may process your personal data for the following purposes. One or more purposes may apply simultaneously.
Providing products and services
We may use your personal data to provide you with our products and services, to process your requests or as otherwise may be necessary to perform the contract between you and
to ensure the functionality and security of our products and services, to identify you as well as to prevent and investigate fraud and other misuses.
Some services may require an account to help you manage your content and preferences. Depending on the service, an account creation may be either required or voluntary. Account creation requires you to provide us with basic contact details about yourself, such as name, email address, country of residence and date of birth. You may also be able to voluntarily provide more information about yourself while creating a profile, such as a photo or avatar of your choice.
Developing and managing products and services
We may use your personal data to develop and manage our products, services, customer care, sales and marketing. We may combine personal data collected in connection with your use of a particular
product and/or service with other personal data we may have about you, unless such personal data was collected for a purpose, where the original purpose is incompatible with this purpose.
Communicating with you
We may use your personal data to communicate with you, for example to inform you that our services have changed or to send you critical alerts and other such notices relating to our products and/or services and to contact you for customer care related purposes.
Marketing, advertising and making recommendations
We may contact you to inform you of new products, services or promotions we may offer and to conduct market research when we have your consent or it is otherwise allowed. We may use your personal data to personalize our offering and to provide you with more relevant services, for example, to make recommendations and to display customized content and advertising in our services. This may include displaying
and third party content.
What is our legal basis for processing your Personal Data?
Our legal basis for processing your personal data is dependent on the purpose for processing and may vary as described in the Supplement applicable to the product or service you are using. In general, we process your personal data under the following legal bases:
Performance of a contract with you
We process your personal data to perform our obligations under the Service Terms applicable to the product or service you are using, provided by us or our customers.
We process your personal data if you have consented to the processing activity. You may revoke your consent at any time. Doing so will bar us from further processing of your personal data based on your consent, but will not impact the lawfulness of processing based on your consent before it was withdrawn. Some of the features of our products and services might be only available based on consent.
We process your personal data as needed to comply with laws and regulations.
We process your personal data to further our legitimate interests, such as in connection with managing, developing, testing, securing, and in limited circumstances marketing, advertising, and making recommendations regarding our products and services. Any such processing is conducted subject to appropriate measures to protect your fundamental rights and freedoms related to your personal data, and in any event will be subject to the restrictions provided in this Policy. Further information or specification of our legitimate interests may be provided in relevant Supplements applicable to the product or service.
How long do we retain Personal Data?
We endeavor to only collect personal data that are necessary for the purposes for which they are collected, and to retain such data for no longer than is necessary for such purposes. The length of time personal data is retained, and criteria for determining that time, are dependent on the nature of the personal data and the purpose for which it was provided. For example, for your personal data related to managing your account (such as name, email address, and account content and preferences) are maintained for as long as they are retained by you within your account. Other data, such as records of your activity within the application, are typically maintained only for a short period before being anonymized or pseudonymized. Additional information may be provided in the Supplement applicable to the product or service you are using. You may contact the
Privacy Officer at
to obtain additional information about retention of your personal data.
Do we share Personal Data?
We do not sell, lease, rent or otherwise disclose your personal data to third parties unless otherwise stated below.
Your consent and social sharing services
We may share your personal data if we have your consent to do so. Some services may allow you to share your personal data with other users of the service or with other services and their users. Please consider carefully before disclosing any personal data or other information that might be accessible to other users.
EKINCARE companies and authorized third parties
We may share your personal data with other
companies or authorized third parties who process personal data for
for the purposes described in this Policy. This may include for example billing through your network service provider or otherwise, delivery of your purchases, providing services including customer service, managing and analyzing consumer data, conducting research and managing marketing and other such campaigns. When you purchase a
product from us with a network service provider plan, we may need to exchange information with your network service provider to provide you with such service.
We may conduct joint marketing and other communications with our partners, for example your mobile operator. To avoid duplicate or unnecessary communications and to tailor the message to you we may need to match information that
has collected with information that the partner has collected where this is permitted by law.
These authorized third parties are not permitted to use your personal data for any other purposes. We bind them contractually, require them to act consistently with this Policy and to use appropriate security measures to protect your personal data.
International transfers of personal data
Our products and services may be provided using resources and servers located in various countries around the world. Therefore your personal data may be transferred across international borders outside the country where you use our services, including to countries outside the India that do not have laws providing specific protection for personal data or that have different legal rules on data protection, for example, the United States of America. In such cases we ensure that there is a legal basis for such a transfer and that adequate protection for your personal data is provided as required by applicable law, for example, by using standard contractual clauses approved by the European Commission or relevant authorities (where necessary) and by requiring the use of other appropriate technical and organizational information security measures. You may contact the
Privacy Officer at
to obtain additional information about the safeguards we take in connection with these transfers.
We may be obligated by mandatory law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement agencies in the countries where we or third parties acting on our behalf operate. We may also disclose and otherwise process your personal data in accordance with applicable law to defend
legitimate interests, for example, in legal proceedings or in connection with governmental requests and filings.
Mergers and Acquisitions
If we decide to sell, buy, merge or otherwise reorganize our businesses in certain countries, this may involve us disclosing personal data to prospective or actual purchasers and their advisers, or receiving personal data from sellers and their advisers.
How do we address the privacy of children?
products and services are typically intended for general audiences.
does not knowingly collect information of children without the consent of their parents or guardians.
publishes safety guidelines for using internet services in our websites.
How do we address Data Quality?
We take reasonable steps to keep the personal data we possess accurate and to delete incorrect or unnecessary personal data. We encourage you to access your personal data through your account from time to time to ensure that it is up to date.
What steps are taken to safeguard Personal Data?
Privacy and security are key considerations in the creation and delivery of our products and services. We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our data bases containing personal data to authorized persons having a justified need to access such information.
websites use third party advertising technologies, such as DoubleClick, to serve ads.
What are your rights?
You have a right to know what personal data we hold about you, and to access it. You have a right to have incomplete, incorrect, unnecessary or outdated personal data updated. You have the right to request that your personal data be erased, and to obtain a copy of your data in a machine-readable format. You have the right to object to or restrict processing in certain circumstances, such as where you believe the data is inaccurate or the processing activity is unlawful. You have a right to unsubscribe from direct marketing messages and to request that we stop processing your personal data for direct marketing purposes or on other compelling legal grounds. However, if you opt-out from marketing and other communications from
critical alerts may still be sent to you.
You may exercise your rights by contacting us or by managing your account and choices through available profile management tools on your device and our services. In some cases, especially if you wish us to delete or stop processing your personal data, this may also mean that we may not be able to continue to provide the services to you. Applicable data protection law may provide certain restrictions on the extent to which these rights may be exercised. If a restriction applies, we will respond to your request with an explanation of what action will be taken, to the extent required under applicable data protection law.
You agree and accept that your Information may be stored in third-party cloud service infrastructure providers. While all reasonable attempts have been taken from our end to ensure the safe and secure storage of your data, we shall not be liable for any data breach on the part of the third-party cloud service infrastructure provider that was beyond our control. In addition to the security measures put in place by the third-party cloud service infrastructure provider for safe and secure storage of your Information, we use certain physical, managerial, technical, or operational safeguards as per industry standards and established best practices to protect the Information we collect. We use reasonable security practices and procedures and use secure servers as mandated under applicable laws for the protection of your Information. We review our information collection, storage, and processing practices, including physical security measures to guard against unauthorized access to systems. However, as effective as these measures are, no security system is impenetrable. We cannot guarantee the security of our database, nor can we guarantee that the information you supply will not be intercepted while being transmitted to us over the internet. You accept the inherent security implications of data transmission over the internet and the internet cannot always be guaranteed as completely secure.
Who is the controller of your Personal Data?
ekincare (Level 6, N Heights, Plot No 38, Phase 2, Siddiq Nagar, HITEC City, Hyderabad, Telangana 500081) is the controller of your personal data.
In addition, the
affiliate providing the product or service may be a controller of your personal data. You may find the identity of the controller and its contact details by reviewing the terms and conditions of such a product or service or by using contact information provided in the applicable
In matters pertaining to
privacy practices you may contact our Data Protection Officer, at:
Grievance Redressal Mechanism
In furtherance of the Information Technology Act, 2000 (“IT Act”) and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“Intermediary Guidelines”) a grievance officer is appointed to ensure compliance with the IT Act and the Intermediary guidelines.
Any discrepancies or grievances with regard to content and or comment or breach of the Terms of Service shall be taken up with the designated grievance officer as mentioned below in writing or through email signed with the electronic signature to:
Attention: Somak Ray
Email ID: firstname.lastname@example.org
Address: Level 6, N Heights, Plot No 38, Phase 2, Siddiq Nagar, HITEC City, Hyderabad, Telangana 500081
The grievance officer shall revert to every complaint within 24 hours of receipt of the complaint. Further, the Company shall take the best possible efforts to redress the complaint within 15 days of receipt of the complaint. Any suggestions by the Company regarding the use of the Services shall not be construed as a warranty.
Please feel free to reach out to us by e-mail at email@example.com in case of any concerns, grievances, or questions relating to our privacy or data related practices
may from time to time change this Policy or change, modify or withdraw access to this site at any time with or without notice. However, if this Policy is changed in a material, adverse way,
will post a notice advising of such change at the beginning of this Policy and on this site's home page for 30 days. We recommend that you re-visit this Policy from time to time to learn of any such changes to this Policy.