Your personal data relationship with the Company varies based on the capacity in which you interact with us/avail of our products and services. You could be: (i) a visitor to our Platform (“Visitor”); or (ii) a person who has an account with Toneop to avail our Services (“Registered User”);
This Policy will clarify the rights available to you vis-à-vis the personal data you share with us.
1. DATA COLLECTION AND USE
|Type of user||Visitor||Registered User|
|Data||1. Your IP Address;||1. Your name, age, gender, phone number, e-mail address, mailing address;|
|2. Your location;||2. Your height, weight;|
|3. How you behave on the Website/ App, (what pages you land on, how much time you spend, etc.);||3. Your lifestyle, food preferences, medical conditions (if any), health goals or other fitness regimes;|
|4. What device you use to access the Website/ App and its details (model, operating system, etc.); and||4. Your ethnicity, genetics, health or sexual orientation;|
|5. Cookies and web beacon data.||5. Username or other relevant unique identifier;|
|6. How you behave on the Platform, (what pages you land on, how much time you spend, etc.);|
|7. Credit card/debit card/other payment mode information to facilitate payments for our Services;|
|8. Your IP Address;|
|9. Your location unless you deactivate location services in the relevant section of the Website/App;|
|10. How you behave in the relevant product environment and use the features;|
|11. What device you use to access the Website/App and its details (model, operating system, etc.); and|
|12. Cookies and web beacon data.|
|USE||We use this information to analyse and identify your behaviour and enhance the interactions you have with the Website/ App.||We collect this data in order to help you register for and facilitate provision of our Services.|
|If you submit your details and give us your consent, we may use your data to send you e-mails/newsletters, re-target||We use this data to show age appropriate content and advertisements.|
|We use this data to track your nutrition, weight and fitness regimes.|
|Type of user||Visitor||Registered User|
|advertisements or re-market our Services using services from third-parties.||We use the data from the device you access our Website/App to identify the login information of multiple users from the same device.|
|We use this data to prepare a specific diet plan and training regime for you.|
|We use this data to enable you to make payments for our Services. We use a third-party service provider to manage payment processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of payment processing on our behalf.|
|We use this data for processing your requests, enquiries and complaints, customer services and related activities.|
|We use this data to communicate about existing or new offers, content, advertisements, surveys, key policies or other administrative information.|
|We also use this data to provide you with informative features and services that are developed by us from time to time.|
|We also use this data for providing, testing, improving, or recommending the Services.|
|We also use this data for analytics and reviews to improve the Services.|
|We also use this data to provide support to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law or anti-fraud activities/systems.|
|If you give us your consent, we may send you newsletters and emails to market|
|Type of User||Visitor||Registered User|
|Other products and services we may provide.|
SENSITIVE PERSONAL DATA
We may collect and process 'sensitive personal data' such as ethnic origin, genetics, health or sexual orientation. We use this special category of personal data, for example to provide specialized Services. We require your explicit consent to collect and process special categories of personal data. You may refuse or revoke your consent at any time. A limited number of our personnel will have access to special categories of personal data provided by you.
COOKIES AND WEB BEACONS
|TYPE OF FILE||COOKIES||WEB BEACON|
|You can disable them through your browser should you so wish.|
Usually, browsers have default setting to accept cookies until you change your browser settings. You can choose to reject and remove cookies from our Website by changing your browser settings. If you reject or remove our cookies, it could affect how our Website works.
In cases where we anonymize and aggregate information collected from you, we will be entitled to use such anonymized data freely, without any restrictions other than those set out under applicable law.
The data provided by you as a Visitor, or when you sign up as a Registered User for our Services will be processed by us for the purpose of rendering Services to you or in order to take steps prior to rendering such Services, at your request. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time by writing to us at [email protected]
. Additionally, we may process your data to serve legitimate interests.
Accordingly, the grounds on which we can engage in processing are as follows:
|NATURE OF DATA||GROUNDS OF PROCESSING|
|Visitor Data||Upon consent;|
|Contractual obligations; and|
|Registration Data||Contractual obligations; and|
|Sensitive Personal Data||Upon consent; and|
|Payment Data||Legitimate interest; and|
|Contractual obligations; and|
|Compliance with applicable laws.|
|Service Usage Data||Contractual obligations; and|
|Data for Marketing our Services||Upon consent; and|
|Public Content||Upon consent|
2. PUBLIC CONTENT
Any personal success stories, comments, messages, blogs, scribbles etc. posted/ uploaded/ conveyed/ communicated by you on the public sections of the Website/App becomes public content. We may publish such public content on our Website/App so long as you consent. You may request that such public content be taken down at any time and we shall remove such public content. However, we are not responsible for any actions taken by third parties with respect to such public content.
3. DATA OBTAINED FROM THIRD PARTIES
We may receive data about you from other sources i.e., expert calls, smart watch, surveys, and such data may be added to our Website/App from time to time. We use the data collected from other sources to prepare a specific Services for you. We also use this data for providing, testing, improving, or recommending the Services.
4. ACCESS TO THIRD PARTIES
Your personal data will primarily be stored in electronic form. We may enter into agreement with third parties to collect, store, process your personal data but under full compliance with applicable laws. In the event, you have any telephonic interactions with our customer representatives, the call data is recorded and stored for training and quality purposes.
Upon receiving your specific consent, we may share the data we collect from cookies or web beacons with our advertisement partners to track your visits, establish your non-personal identity and present you with targeted advertisements about our Services
5. DATA TRANSFER
Where applicable - if the entities to which these transfers are effected are not situated in countries deemed 'adequate' by the European Commission or are not registered under the EU-US Privacy Shield framework, we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures (including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws.
6. DATA RETENTION
We will store any personal data we collect from you as long as it is necessary in order to facilitate your use of the Services and for ancillary legitimate and essential business purposes - these include, without limitation, for improving our Services, attending to technical issues, and dealing with disputes.
We may need to retain your personal data even if you seek deletion thereof, if it is needed to comply with our legal obligations, resolve disputes and enforce our agreements.
If you are a Registered User, please be advised that after you terminate your usage of a Service, we may, unless legally prohibited, delete all data provided or collected by you from our servers.
7. DATA SECURITY
We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data (such as a credit card number or your geo-location), it is encrypted using industry-standard cryptographic techniques.
The collection, storage, usage, and sharing of your data by the Company shall be in compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and other applicable laws.
Your password is your first line of defence once you set up a Toneop account, we recommend that you set a strong password which you never share with anyone.
We have taken appropriate steps for the security and protection of all our digital platforms including internal applications, however, we shall not be responsible for any breach of security or the disclosure of personal data for reasons outside our control, such as hacking, social engineering, cyber terrorism, espionage by third parties, or any events by way of force majeure such as sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war or acts of government.
8. TERMS SPECIFIC TO DATA SUBJECTS IN THE EUROPEAN UNION
Subject to the GDPR and applicable law's limitations, the rights afforded to you if you are a data subject in the European Union are:
• RIGHT TO BE INFORMED
You have a right to be informed about the manner in which any of your personal data is collected or used.
• RIGHT OF ACCESS
You have a right to access the personal data you have provided by requesting us to provide you with the same.
• RIGHT TO RECTIFICATION
You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.
• RIGHT TO ERASURE
You have a right to request us to delete your personal data.
• RIGHT TO RESTRICT
You have a right to request us to temporarily or permanently stop processing all or some of your personal data.
• RIGHT TO OBJECT
You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.
• RIGHT TO DATA PORTABILITY
You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third party's product/service.
• RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING
You have a right to not be subject to a decision based solely on automated decision-making, including profiling.
9. COMPLIANCE WITH CHILDREN'S ONLINE PRIVACY PROTECTION ACT SPECIFIC TO DATA SUBJECTS IN THE UNITED STATES
As a business service, we neither knowingly collect or store nor use any personal data of any individuals under the age of 13. We do not target our Services towards individuals under the age of 13. Individuals under the age of 13 should seek the consent of their parents before providing any information about themselves, their parents, or other family members on our Website/App.
10. THIRD PARTY LINKS
We may receive data whenever you visit a third-party link through our Website/App which includes the date and time of your visit to the third-party website, the web address or URL, technical information about the IP address, browser and the operating system you use and, if you are logged into Toneop, your username.
• to protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;
• to investigate fraud, credit risk or violation of our policies;
• in connection with legal proceedings brought against the Company, its officers, employees, affiliates, customers or vendors;
• to establish, exercise, protect, defend and enforce our legal rights; or
• when we do a business deal or negotiate a business deal, or our assets are merged or acquired by the other business entity, or during restructuring of business or re-organization, we may have to share information provided by you with the other business entities.
12. DATA ACCESS, MODIFICATION & DELETION
You may request access, correction or updates, and deletion of the data by contacting [email protected]
. You may note that deletion of certain data or withdrawal of consent may lead to cancellation of your registration with us or your access to our Services.
Based on technical feasibility, we will provide you with access to all your personal and sensitive personal data that we maintain about you. We will perform verification before providing you access to this data.
You may opt out of our marketing emails by clicking on the 'opt-out' link provided in the emails. However, we may still send you non-marketing emails about your accounts or any other transactions with you.
13. ACCOUNT DELETION, DEACTIVATION AND REACTIVATION
Users may delete or deactivate the account through User Management Option in Settings Menu.
The user may reactivate his/her account at any point of time after deactivation. The user will not receive any application notifications until he/she reactivates the account.
If the account is deleted by the user, he/she may recover the account within 30 days. The account and user details will be permanently deleted from our database after 30 days of deletion of the account.
14. GRIEVANCE REDRESSAL