Information Collection

When you use our App, we collect various types of information to enhance your experience and improve our services. This may include:

1. Personal Identifiable Information (PII)

We may collect PII such as your name, email address, phone number, and any other personally identifiable data you voluntarily provide through our App.

2. Device Information

We collect information about the device you use to access our App, including the device model, operating system, unique device identifiers, and IP address. This helps us understand how users interact with our App and improve compatibility.

3. Usage Data

We track certain usage data when you use our features, such as the pages you visit, the actions you take, and the time spent on specific sections of the App. This data helps us analyze user behavior and make data-driven decisions to enhance the App's functionality.

4. Location Data

With your consent, we may collect location data to provide location-based services and recommendations. This information is used solely for the purpose of enhancing your experience within the App.

Use of Information

The information we collect is used for various purposes, including:

1. Service Delivery

We use your information to provide and maintain our App, process transactions, and respond to your inquiries or requests.

2. App Improvement

We analyze usage data to understand how users interact with our App and identify areas for improvement. This helps us make informed decisions to enhance the App's features and overall user experience.

3. Personalized Recommendations

By understanding your preferences and interests, we can offer personalized recommendations and content that may be of interest to you.

4. Marketing and Communications

With your consent, we may use your information to send promotional emails, newsletters, or notifications about updates, events, or special offers related to our App.

5. Compliance and Legal Obligations

We may use your information to comply with legal requirements, resolve disputes, or enforce our terms of service.

Disclosure of Information

We do not share or sell your personal information to third parties without your consent. However, we may disclose information in the following circumstances:

1. Service Providers

We may share information with third-party service providers who assist us in operating our App, such as data hosting providers, customer support platforms, or analytics companies.

2. Legal Compliance

We may disclose information when required by law, in response to a valid legal request, or to protect our rights and interests.

3. Corporate Transactions

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity.

Security Measures

We take reasonable security measures to protect your information from unauthorized access, use, disclosure, or destruction. However, no security measures can guarantee complete protection, and we cannot be held responsible for any breaches or unauthorized access that occur despite our efforts.

Your Choices and Rights

You have certain choices and rights regarding your personal information:

1. Opt-Out

You may opt out of receiving marketing emails or notifications from us by following the unsubscribe instructions in the communications.

2. Data Access

You can request access to your personal information we have on file and request its correction or deletion.

3. Contact Us

If you have any questions or concerns about our Privacy Policy or the handling of your information, please contact us through the channels provided in our App.

By using our App, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. We reserve the right to update this policy periodically, and we encourage you to review it regularly for any changes.

Data Security

We prioritize the privacy and security of your personal information. To ensure the highest level of protection, we have implemented a comprehensive suite of security measures:

1. Encrypted Data Transmission and Storage

• We utilize advanced encryption algorithms to safeguard your data during transmission and storage.
• Encryption keys are securely managed and regularly rotated to prevent unauthorized access.
• All sensitive information, such as passwords and financial details, is encrypted before being stored in our databases.

2. Multi-Factor Authentication

• We employ multi-factor authentication (MFA) to add an extra layer of security to your account.
• In addition to your password, you'll be prompted to provide a secondary form of identification, such as a one-time code sent to your mobile device.
• MFA significantly reduces the risk of unauthorized access even if your password is compromised.

3. Regular Security Audits

• Our security team conducts regular audits of our systems and infrastructure to identify potential vulnerabilities.
• These audits help us stay ahead of emerging threats and ensure that our security measures are up to date.
• We also engage external security experts to conduct independent assessments of our security posture.

4. Employee Training on Privacy and Data Protection

• Our employees undergo comprehensive training on privacy and data protection.
• This training covers topics such as data handling best practices, recognizing and reporting security incidents, and maintaining confidentiality.
• Regular training ensures that our employees are equipped with the knowledge and skills necessary to protect your information.

5. Continuous Monitoring and Improvement

• We continuously monitor our security systems and infrastructure for suspicious activities and potential threats.
• Our security team analyzes logs, monitors alerts, and investigates any incidents promptly.
• We also stay informed about the latest security trends and technologies and adapt our security measures accordingly.

6. Children’s Privacy

7. International Data Transfers

Your personal information may be transferred to countries outside of your jurisdiction. This transfer is necessary for the provision of our services, such as when we store your data on servers located in other countries or when we share your information with our partners who are located in different jurisdictions.

When we transfer your information across borders, we take steps to ensure that it is treated securely and in accordance with applicable data protection laws. These steps may include:

• Encrypting your information in transit: We use industry-standard encryption protocols to protect your information while it is being transmitted over the internet. This encryption makes it extremely difficult for unauthorized individuals to access your data, even if they are able to intercept it.
• Using secure data transfer protocols: We use secure data transfer protocols, such as Secure File Transfer Protocol (SFTP) and HTTPS, to ensure that your information is transferred securely between our systems and those of our partners. These protocols use encryption and other security measures to protect your data from unauthorized access.
• Entering into data transfer agreements with our partners: We enter into data transfer agreements with our partners who receive your information. These agreements require our partners to take steps to protect your information and to comply with applicable data protection laws.

We also have a number of other policies and procedures in place to protect your personal information, including:

• Access controls: We restrict access to your personal information to those employees and contractors who need to know it in order to provide our services.
• Data retention: We only retain your personal information for as long as it is necessary to provide our services or as required by law.
• Incident response: We have a comprehensive incident response plan in place to address any security breaches or data leaks.

We are committed to protecting your personal information and we take all necessary steps to ensure that it is treated securely and in accordance with applicable data protection laws.

8. Data Breach Notification

In the unfortunate event of a data breach, we are committed to responding swiftly and responsibly to protect the privacy and security of our customers' personal information. Our comprehensive data breach response plan outlines the steps we will take to mitigate the impact of the incident and comply with applicable laws:

• Immediate Investigation: Upon detection of a potential data breach, our security team will launch an immediate investigation to determine the scope and nature of the incident. This investigation will involve analyzing system logs, identifying affected systems, and assessing the potential impact on individuals' personal information.
• Prompt Notification: We understand the importance of timely notification in the event of a data breach. As soon as our investigation confirms that a breach has occurred, we will promptly notify affected individuals via email, phone, or other appropriate means. This notification will include information about the nature of the breach, the type of personal information that may have been compromised, and the steps individuals can take to protect themselves.
• Guidance and Support: In addition to providing notification, we will also offer guidance and support to affected individuals to help them protect their personal information. This guidance may include recommending changes to passwords, enabling two-factor authentication, and monitoring credit reports for suspicious activity. We will also provide contact information for our dedicated customer support team, who will be available to answer questions and assist individuals throughout the process.
• Collaboration with Authorities:If the data breach investigation reveals evidence of criminal activity or a violation of applicable laws, we will collaborate with law enforcement and other relevant authorities. We will provide them with the necessary information to support their investigations and bring those responsible to justice.
• Transparency and Reporting:We are committed to transparency in our data breach response. In accordance with applicable laws, we will provide regular updates to affected individuals and regulatory authorities on the status of the investigation and the steps being taken to address the breach.We will also submit any required breach notifications to the appropriate government agencies.
• Continuous Improvement:We continuously evaluate our data breach response plan to ensure that it remains effective in addressing the evolving threats of cyberattacks.We conduct regular drills and exercises to test the plan's effectiveness and identify areas for improvement.By staying vigilant and continuously improving our response measures, we aim to minimize the impact of data breaches and safeguard the privacy of our customers' personal information.

9. Changes to This Privacy Policy

We may modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other business reasons. We will make every effort to provide you with reasonable notice of any material changes by posting the updated Privacy Policy on our App and/or through other appropriate communication channels. We encourage you to review the Privacy Policy regularly for any updates or changes.

Your continued use of our App or services after the effective date of any modifications to the Privacy Policy constitutes your acceptance of the updated terms. If you do not agree to the changes, you must discontinue using our App and services.

By providing you with transparent and up-to-date information about our privacy practices, we aim to empower you to make informed decisions about how your personal information is collected, used, and shared. We appreciate your trust and confidence in us and remain committed to protecting your privacy.

10. Contact Us

At LEPRA Society we value open communication and strive for transparency in our data handling practices. If you have any questions or concerns regarding this Privacy Policy or our treatment of your personal information, we encourage you to reach out to us.

Designated Contact

To facilitate effective communication, we have established a dedicated email address exclusively for privacy-related inquiries: info@leprahealthinaction.in. Our designated team is committed to addressing your questions promptly and thoroughly.

Response Time

We understand the importance of timely responses when it comes to privacy matters. Upon receiving your inquiry, we will acknowledge it within 24 hours and provide a substantive response within a reasonable time frame, usually within 7 business days. Depending on the complexity or volume of inquiries, there may be instances where additional time is needed. In such cases, we will keep you informed of any delays.

Channels of Communication

To ensure flexibility and convenience, we offer multiple channels of communication for your privacy-related inquiries:

• Email: Send your inquiry to info@leprahealthinaction.in
• Postal Mail: LEPRA Society, Near TEC Building, Cherlapally to Rampally Road, Cherlapally, Hyderabad – 501 301, Telangana, India
• Telephone: 040-29551627 / 27802139

Language Preference

We recognize that language barriers can sometimes hinder clear communication. To accommodate individuals who may prefer to communicate in a language other than English, we provide translation services upon request. Please indicate your preferred language when contacting us, and we will make arrangements to facilitate effective communication.

Commitment to Transparency

At LEPRA Society, we believe in open and honest communication with our stakeholders. We are committed to providing clear and concise information about our data practices and answering your inquiries comprehensively. Our dedicated privacy team is available to assist you in understanding our policies and addressing any concerns you may have.

Continuous Improvement

Your feedback and inquiries play a crucial role in helping us continuously improve our privacy practices. We welcome suggestions for enhancing our communication channels and addressing your privacy concerns more effectively.

By providing multiple contact options, ensuring timely responses, and fostering transparent communication, we aim to create a collaborative environment where your privacy concerns are heard and addressed promptly. Please do not hesitate to reach out to us if you have any questions or feedback regarding this Privacy Policy or our handling of your personal information.