Privacy Policy & Terms of Use

1. Introduction

1. We commit to safeguarding the privacy of our website visitors and users of the Gleeo Health™ products and services (collectively “Services”).
2. This policy applies where we are acting as a “Data Controller” with respect to the personal data processed through the use of our Services; in other words, where we determine the purposes and means of the processing of that personal data as part of our offering.
3. We have establishments in India (Gleeo Health Pvt Ltd.).
4. For data processing for the Gleeo Health™ services (www.Gleeohealth.com and associated Gleeo Health™ products) and all other services provided by Gleeo Health Pvt Ltd., Gleeo Health Pvt Ltd. is the Data Controller.
5. By using our website from any access point, you consent to our use of cookies in accordance with the terms of this policy.
6. In this policy, “we”, “us” and “our” refer to Gleeo Health.
7. In this policy, “you” and “your” may refer to you or to the data subjects for which you are processing personal data, depending on the nature of the context.

2. How we use your personal data

In this section we have included:

1. the general categories of personal data that we may process;
2. in the case of personal data that we did not obtain directly from you, the source and specific categories of that data;
3. the purposes for which we may process personal data; and
4. the legal bases of the processing.

1. Service Data: We may process your personal data provided in the course of the use of our Services (e.g., name, email, gender, DOB, biometric or health data).
   Basis: Consent (for private users) or Legitimate Interest (when you act as a data controller).
2. Usage Data: We may process data about your use of our website and Services (e.g., IP address, browser type, device, session length) via cookies and analytics.
   Basis: Legitimate Interest (monitoring & improving our Services).
3. Traffic Data: We may process network traffic data (e.g., IP address, browser version) to troubleshoot and improve our Services.
   Basis: Legitimate Interest.
4. Audit Log Data: We may log who accessed which Service Data and when, for investigative and compliance purposes.
   Basis: Legal requirement (MoHFW India, HIPAA USA).
5. Business Account Data: We may process account details provided by you or your organization to operate our website and Services.
   Basis: Contract performance or Legitimate Interest.
6. Inquiry Data: We may process any questions you submit about our goods or Services.
   Basis: Legitimate Interest (to respond and market relevant offerings).
7. Transaction Data: We may process purchase and payment details to fulfill orders and maintain records.
   Basis: Contract performance and Legal obligation.
8. Notification Data: We may process your opt‑in information for email/newsletter delivery.
   Basis: Consent.
9. Correspondence Data: We may process any communications you send us, including support requests.
   Basis: Legitimate Interest (service administration).
10. Regulatory Data: We may record incidents or complaints for internal reporting and regulatory compliance.
    Basis: Legal requirement.
11. Feedback Data: We may use feedback you submit for marketing materials and social media.
    Basis: Consent.
12. Legal Claims: We may process data necessary for the establishment, exercise, or defense of legal claims.
    Basis: Legitimate Interest.
13. Vital Interests: We may process data to protect your or another person’s vital interests.
    Basis: Legitimate Interest.
14. Compliance & Obligations: We may process any personal data to comply with legal obligations or to safeguard vital interests.
    Basis: Legal requirement / Legitimate Interest.

3. Automated decision-making

1. We or our Services may automate parts of decision processes, but we will not use your personal data for the purposes of automated decision-making.
2. Decision processes may analyze your personal data to determine whether you will be subject to personalized reports, features, alerts, notifications, and invites to product testing.
3. Decision processes may analyze your personal data to determine whether you will be subject to personalized marketing of products, features, events and services we believe may be of interest to you.

4. Providing your personal data to others

1. We typically avoid disclosing your personal data but may do so as outlined below.
2. We may disclose your personal data to any member of our corporate group where necessary.
   
3. We may disclose your Service Data to your healthcare provider when devices are synced during appointments.
4. We may disclose your personal data to suppliers or subcontractors as needed, with additional restrictions on Service Data.
   
5. We share Transaction Data with payment providers for processing, refunds, and queries.
6. We may disclose Inquiry Data to service providers to respond and market relevant offerings.
7. We may disclose your data to third-party apps (e.g., Apple HealthKit) only with your consent.
8. We may disclose personal data to comply with legal obligations or protect vital interests, or for legal claims.

5. International transfers of your personal data

1. If you are outside India, your Service Data is stored in India under MoHFW (India) and HIPAA (USA) regulations.
2. We use service providers outside India, protected by standard contractual clauses, Binding Corporate Rules, or your consent.

6. Retaining and deleting personal data

1. We retain personal data only as long as necessary for its purpose.
2. Retention periods:
1. Service & Usage Data: while account is active + 30 days post-termination.
2. Traffic Data: up to 30 days.
3. Audit Log Data: up to 10 years.
4. Business Account Data: active relationship + 12 months post-termination.
5. Inquiry & Correspondence Data: until resolution + 24 months.
6. Transaction Data: minimum 7 years + 1 year.
7. Notification Data: active account + 30 days post-withdrawal.
8. Regulatory Data: 10 years + 12 months.
3. We may retain data longer to comply with legal obligations or protect vital interests.

7. Security of personal data

1. We implement technical and organizational measures to secure your data and prevent loss, misuse, or alteration.
2. All electronic personal data is encrypted; physical data is stored securely.
3. Transactions are protected by encryption technology.
4. You are responsible for keeping your password confidential; we will never ask for it.

8. Amendments

1. We may update this policy by publishing a new version at https://gleeohealth.com/privacy.htm.
2. Please review this page periodically for changes.
3. We may notify you of changes via email or messaging.

Terms of Use

9. Your rights

Your principal rights under data protection law include:

1. Right to access
2. Right to rectification
3. Right to erasure
4. Right to restrict processing
5. Right to object to processing
6. Right to data portability
7. Right to complain to a supervisory authority
8. Right to withdraw consent

For full details on each right, refer to the relevant laws and regulatory guidance.

10. Third party websites

1. Our website and Services may link to third-party websites.
2. We are not responsible for their privacy policies or practices.

11. Personal data of children

1. Services are for all ages; under-16 users require parental consent.
2. Data of under-16s without consent may be deleted.

12. Updating information

1. You can correct your Service Data via your account or through your care provider.

13. Acting as a data processor

1. If we act as a data processor (not controller), this policy does not apply; refer to your contract with us.

14. About cookies

1. Cookies are files sent by a server to a browser to store identifiers.
2. Persistent cookies remain until expiration; session cookies expire when the browser closes.
3. Cookies do not typically contain personal data but may be linked to it.

15. Cookies that we use

1. Authentication: Identify you during sessions.
2. Status: Determine if you are logged in.
3. Personalization: Store preferences (e.g., language).
4. Security: Prevent fraud and protect accounts.
5. Analysis: Measure site usage and performance.
6. Consent: Store your cookie preferences.

16. Managing cookies

1. Most browsers let you refuse or delete cookies. See:
   1. Chrome
   2. Firefox
   3. Opera
   4. Internet Explorer
   5. Safari
   6. Edge
2. Blocking cookies may impair usability and features.

17. Gleeo Health’s right to processing of anonymized data

1. We may anonymize submitted data for statistical, clinical, and demographic analysis. Anonymized data is non-personally identifiable and can be handled freely.

18. Our details

1. Registered in India as Gleeo Health Pvt Ltd. at 42, State Bank Colony, Delhi, India.
2. Principal place of business: same registered office.
3. Contact us:
   1. By post: above address.
   2. Via our website contact forms.
   3. By phone: number on our website.
   4. By email: support@Gleeohealth.com for privacy matters.

19. Data protection officer

1. Our Data Protection Officer can be reached at support@Gleeohealth.com.

Thank you for taking the time to read our Privacy Policy. Should you have any questions or concerns, don’t hesitate to contact us.