Privacy Policy

PRIVACY POLICY 

This page is used to inform visitors and usersregarding our policies with the collection, use, and disclosure  of personal information that the visitor or user may submit (“Personal Information”) to use the  www.projectstepone.org (“Website”). The terms ‘You’ or ‘Your’ refer to you as the User of the Website  and/or Services and the terms ‘We’, ‘Us” and ‘Our’ refer to Project StepOne. 

Project StepOne (“StepOne” ) is committed to respecting the privacy of every personal who shares  information or data with Us. Your privacy protection is important to Us and We strive to take due care  and protection of the information, we receive from You, the User. In this regard, we adhere to the  following governing laws such as 

  • The Information Technology Act, 2000 – 
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive  Personal Information) Rules, 2011. 

This Privacy Policy (“Privacy Policy”) applies to the collection, storage, processing, disclosure and transfer  of your Personal Information (defined below) as per the above-mentioned laws, particularly when you  use the website of www.projectstepone.org operated by StepOne for any information or services  (“Services”). 

By using the services or by otherwise giving Us your information, it will be deemed that You have read,  understood and agreed to the practices and policies outlined in this Privacy Policy and agreed to the  practices and policies set out hereunder and agree to be bound by the Privacy Policy. We reserve the right  to change, modify, add or delete portions of the terms of this Privacy Policy, at Our sole discretion, at any  time. If You do not agree with this Privacy Policy do not use any of the services or provide Us with Your  information. 

The following Privacy Policy governs the use of www.projectstepone.org, its sub-domains, and related  sites as well as other platforms offered by the Trust.

Collectively, all the websites and the services offered through them will be referred to in this document  by the term “Service”.

1. INFORMATION COLLECTION  

A. We collect Your Personal Information directly from You, from third-parties such as State  Governments and automatically through Our Website. You may access the Personal Information  shared by You with Us, in the manner given below.  

2. HOW THE INFORMATION IS USED 

A. The information that We collect will be retained by Us and used to: 

  • Provide effective assistance to You; 
  • To operate and improve the Website and/or Our Service; 
  • To perform studies, research and analysis for improving Our information, analysis, services and  technologies; and ensuring that the content displayed are customized to Your interests and  preferences; 
  • To send promotional mailings from Us or any of Our channel partners via SMS, WhatsApp, email; To transfer information about You if we get acquired by or merged with another company; To be shared with Our business partners for provision of specific services You have ordered so as to enable them to provide effective services to You; 
  • To administer or otherwise carry out Our obligations in relation to any agreement You have with  Us; 
  • To respond to subpoenas, court orders, or legal process, or to establish or exercise Our legal rights  or to defend against legal claims;  
  • To investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of  our Terms of Use, breach of Our agreement with You or as otherwise required by law; To aggregate Personal Information for research, statistical analysis and business intelligence  purposes, and to sell or otherwise transfer such research, statistical or intelligence data in an  aggregated or non-personally identifiable form to third parties and affiliates; 
  • To connect You with volunteer doctors as necessary 

The data provided is used internally to improve Our technology services.

3. HOW THE INFORMATION IS STORED AND PROTECTED 

A. We work to protect the security of Your information by adopting a number of protection policies  as per the applicable law. Our Trust is maintaining the security of Your information as per the  International Standard IS/ISO/IEC 27001 on “Information Technology Security Techniques  Information Security Management System-Requirements”.

B. Please note that the entities that maintain IS/ISO/IEC 27001 are audited on a regular basis by an  independent auditor.

C. We additionally, maintain security policies that contain managerial, technical, operational and  physical control measures to protect the information collected from You.

D. We maintain physical, electronic and procedural safeguards in connection with the collection,  storage, and disclosure of personal information (including sensitive personal information). Our  security procedures mean that We may occasionally request proof of identity before We disclose  personal information to You.

E. We value Your trust in providing us Your Sensitive Personal Information, thus We are striving to  use commercially acceptable means of protecting it. But remember that no method of  transmission over the internet, or method of electronic storage is a hundred percent secure and  reliable, and We cannot guarantee its absolute security.

F. Furthermore, We may release account and other personal information when We believe release  is appropriate to comply with applicable law; enforce or apply Our Terms of Use and other agreements; or protect the rights, property or safety of Our Services, Our users or others. This  includes exchanging information with other companies, organizations, government or regulatory authorities for fraud protection and credit risk reduction. This, however, does not include selling,  renting, sharing or otherwise disclosing personally identifiable information from customers for  commercial purposes in a way that is contrary to the commitments made in this Privacy Notice.

G. While We will endeavour to take all reasonable and appropriate steps to keep secure any  information which We hold about You and prevent unauthorized access, it must be acknowledged that the internet is not 100% secure and that We cannot provide any absolute assurance regarding  the security of Your Personal Information. We will not be liable in any way in relation to any breach  of security or unintended loss or disclosure of information caused by Us in relation to your  Personal Information. 

4. CONSENT  

A. By choosing the Opt-In option on the Website and thereafter, by providing Us Your Personal  Information or availing the services of StepOne or making use of the facilities provided by the  Website, it is agreed by You that You have, freely consented to the collection, storage, processing,  disclosure and transfer of Your Personal Information in accordance with the provisions of this  Privacy Policy and any amendments thereof.

B. You acknowledge that You have provided Your Personal Information out of your free will and after  understanding how it will be used. You also consent to the collection, storage, processing,  disclosure and transfer of any Personal and private Information and acknowledge that the same shall not cause any wrongful loss to You, if it is done in accordance with the provisions of this  Privacy Policy. However, We shall not be liable for any loss that may happen to You owing to the  provision of wrongful Personal Information by You.

C. You acknowledge that during the process of using our service, certain sensitive personal  information such as medical records and history shall be collected from you for the primary  purpose of helping you through the tele-covid helpline. However, it is to be noted that the option  to provide or refrain from providing us such sensitive personal information, such as medical  records, rests with You. In the event You choose to share such sensitive personal identifiable data,  such as Your medical records and medical history, We need Your explicit written consent for the  same.

5. CONTROL OVER YOUR PERSONAL INFORMATION  

A. You have the right to withdraw Your consent at any point, provided that such withdrawal of  consent is intimated to Us in writing through an email requesting the same.

 B. Once You withdraw Your Consent to share the Personal Information collected by Us, We shall  have the option not to fulfil the purposes for which the said Personal Information was sought and  We may restrict You from using our Services or the Website.

6. PERSONAL INFORMATION COLLECTED

 A. The kinds of information that We collect about You include but are not limited to the following: 

    • Patient/Caregiver/Doctor/Health Care Professional Name, 
    • Date of Birth/age, 
    • Gender, 
    • Address (including country and pin/postal code), 
    • Phone number/mobile number, 
    • Email address, 
    • Physical, physiological and mental health condition, provided by You and/or your Health Care  Professional, 
    • Personal medical records and history, 
    • Records of interaction with the StepOne volunteers, 
    • Any other information that is willingly shared by You (collectively referred to as “Personal  Information”). 
    • Biometrics data 
    • Genetic Data 
    • Medical history 
    • Insurance Data 

7. THIRD PARTY REFERENCES AND LINKS,

A. During Your interactions with Us, reference to third parties or fiduciaries, and/or links and  hyperlinks of third party websites may be provided/included by Us. Links and hyperlinks of third  party websites may also have to be included by you during such interactions. The reference to such third parties or listing of such third party external sites (by You or by Us) does not imply  endorsement of such party or site by StepOne. Such third parties and third party sites are  governed by their own terms and conditions. We do not make any representations regarding the  availability and performance of any of the third parties or third party sites. We are not responsible  for the content, terms of use, privacy policies and practices of such third party websites. 

B. We do not honour “Do Not Track” signals as currently no standard exists for how online services should respond to “Do Not Track” signals or other mechanisms that may allow You to opt out of  the collection of information across networks of websites and online services. As standards develop, We will revisit this issue and update this notice if Our practices change.

8. KNOWLEDGE TO BE PROVIDED BY USERS OF OUR SERVICES  

A. During the process of using Our service, certain sensitive personal information shall be collected  from You for the primary purpose of helping You through the tele-covid helpline. It is to be noted  that the said information will only be accessible by the team of StepOne, the contact details of  whom are addressed below:  

Name – 

Email – 

Phone Number  

Address 

9. RETAINING INFROMATION, REVIEW AND AUTHENTICITY OF USER INFORMATION  

A. The Trust shall not retain information for longer than the for the lawful purpose for which it was  collected, the purpose of which is more particularly stated hereinabove. The Sensitive Information  shall be permitted to be reviewed by the persons who provide such information. Please note, that  

the trust, shall not be responsible for the authenticity of the information that has been given by  the information providers.  

10. WITHDRAWAL OF CONSENT AND UPDATING INFORMATION PROVIDED

 A. All the information provided by You to Us, including sensitive personal information, is voluntary.  You have the right to withdraw Your consent at any time, in accordance with the terms of this  policy, but please note that the withdrawal of consent will not be retroactive.

 B.You are responsible for maintaining the accuracy of the information that You submit to Us. If You  need to update or correct your Personal Information, You may send such updates and corrections  to Us at hello@projectstepone.org.

11. SHARING AND TRANSFERRING OF PERSONAL INFORMATION

A. Once you have freely consented to share Your Personal Information with Us, You authorize Us to  exchange, transfer, share, part with all or any of Your Personal Information, across borders and from  Your country to any other countries across the World with the Cloud Service Provider and Our  affiliates / agents / third party service providers / partners / banks and financial institutions or any  other persons, for the Purposes specified under this Policy or as may be required by applicable law.

12. COOKIES

 A. Cookies are files with a small amount of data that are commonly used as anonymous unique  identifiers. These are sent to your browser from the websites that You visit and are stored on your  device’s internal memory.

B. Our Services may use cookies or temporary device storage to store certain data (that is not Your  sensitive personal data or information) that is used by Us and Our service providers for the 

technical administration of the Website, research and development, and for administration.  Additionally, the Website may use third-party code and libraries that use “cookies” to collect  information to improve their services. You have the option to either accept or refuse these cookies  and know when a cookie is being sent to your device. If You choose to refuse our cookies, you  may not be able to use some portions of this Service.

C. However, it is pertinent to note that we do not store any Personally Identifiable Information in  the Cookies. 

13. SERVICE PROVIDERS 

A. We may use Your data for consultation, to improve Our technology, algorithms, services, to bill &  contact You. We may also use/share anonymized and/or aggregate level data for research  purposes and/or business reasons with Our partners. We may employ third-party companies and  individuals due to the following reasons: 

  • To facilitate Our Service; 
  • To provide the Service on Our behalf; 
  • To perform Service-related services; or 
  • To assist Us in analyzing how Our Service is used. 

B. We want to inform users of Our Services that these third parties have access to Your Personal  Information so as to perform the tasks assigned to them on Our behalf. However, they are  obligated not to disclose or use the information for any other purpose by way of a Non-disclosure  Agreement.

14. CHILDREN’S PRIVACY 

These Services may be availed by Children under the age of 18 only with the prior consent of their parent.  We do not knowingly collect personally identifiable information from children under 18 without parent’s 

prior consent. In case We discover that a child under 18 has provided Us with personal information  without parental or guardian consent, We will immediately delete this from Our servers. StepOne strongly  encourages parents and guardians to supervise the online activities of their minor children and if You are  a parent or guardian and are aware that Your child has provided Us with personal information without  Your knowledge, please contact Us immediately so that We will be able to take necessary action. 

15. CHANGES TO THIS PRIVACY POLICY 

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically  for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These  changes are effective immediately after they are posted on this page. 

16. GRIEVIENCE  

In the event you have any grievance relating to the processing of information provided by you, you may  contact our Grievance Officer, at hello@projectstepone.org or write at the following address: ___________

We request You to please provide the following information in Your complaint: 

Identification of the information provided by You.

Clear statement as to whether the information is personal information or sensitive personal  information.

  • Your address, telephone number or e-mail address. 
  • A statement that You have a good-faith belief that the information has been processed  incorrectly or disclosed without authorization, as the case may be. 
  • A statement, under penalty of perjury, that the information in the notice is accurate, and that  the information being complained about belongs to You. 

While We have taken utmost care to ensure Your data security and integrity. The field of data science is forever evolving. Keeping that in mind, We cannot be held responsible for any compromise of data.