Labops

PRIVACY POLICY
OF Labops – YOUR AI-DRIVEN HEALTH COMPANION:

Effective Date: 12.07.2025

This Privacy Policy ("Policy") constitutes a legally binding agreement between Labops ("Labops," "we," "our," or "us") and any individual ("you," "your," or "User") who accesses, browses, or uses the services of Labops through its digital health platform. This document outlines Labops's practices regarding the collection, use, storage, disclosure, and protection of Personal Information and Sensitive Personal Data or Information (SPDI) collected through our website, mobile application, APIs, or any other interface that forms part of our service delivery infrastructure (collectively referred to as the "Platform"). es the services of Labops through its digital health platform

This Policy has been prepared in accordance with applicable Indian laws, including the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (hereinafter referred to as the "SPDI Rules"), and also takes into account guidelines issued by the Indian Council of Medical Research (ICMR), the World Health Organization (WHO), an

1. DEFINITIONS

For the purposes of this Privacy Policy:

1.1 Personal Information refers to any information that relates to a natural person, which, either directly or indirectly, in combination with other available information, is capable of identifying such person. This includes, but is not limited to, name, contact number, email ID, and location data.

Sensitive Personal Data or Information (SPDI) includes personal information which relates to: includes personal information which relates to:

  • Passwords;
  • Financial information such as bank account or credit card or debit card...
  • Physical, physiological, and mental health condition;
  • Sexual orientation;
  • Medical records and history;
  • Biometric information;
  • Any detail relating to the above clauses...

1.3 Applicable Law includes all laws, regulations, rules, ordinances, codes, guidelines, or decisions issued by any governmental or regulatory authority applicable to the collection, processing, or storage of data

2. SCOPE AND APPLICABILITY

This Policy applies to:

  • All individuals who use or access the Platform in any manner;
  • All forms of personal and health-related data collected, stored, and processed by Labops;
  • Any interaction through which a User submits data voluntarily or automatically while using the Platform.

By using the Platform, you provide your explicit consent to the terms of this Policy. You are advised to read the Policy carefully before proceeding to use any of our services.

2. SCOPE AND APPLICABILITY

This Policy applies to:

  • All individuals who use or access the Platform in any manner;
  • All forms of personal and health-related data collected, stored, and processed by Labops;
  • Any interaction through which a User submits data voluntarily or automatically while using the Platform.

By using the Platform, you provide your explicit consent to the terms of this Policy. You are advised to read the Policy carefully before proceeding to use any of our services.

3. INFORMATION WE COLLECT

Labops collects various categories of data from Users to provide personalized and effective health services. These include:

3.1 Personal Identifiable Information (PII):

  • Full name, contact details including phone number and email address;
  • Date of birth, gender, and communication preferences;
  • Language preference to provide multilingual support;
  • Location information used for localized health alerts, subject to your explicit consent.

3.2 Health and Medical Information:

  • Uploaded reports, medical records, diagnostic data, or health charts;
  • Medical history including chronic conditions, allergies, or prescribed medication;
  • Inputs relating to symptoms, body metrics, or vital signs;
  • Dermatological images submitted for analysis by our AI engine.

3.3 Technical Data:

  • IP address, browser type, internet service provider, operating system, and other technical identifiers;
  • Usage logs such as date/time of visits, pages viewed, and service interaction data;
  • Cookie identifiers used solely for system performance and preference retention.

3.4 User-Generated Content:

  • Information shared in support queries, chatbot interactions, surveys, or voluntary feedback;
  • Testimonials, app ratings, and user review content.

4. PURPOSE AND LEGAL BASIS FOR DATA PROCESSING

Your information is processed only for lawful purposes, including:

  • Delivering AI-based interpretation of health reports in accordance with ICMR standards;
  • Generating customized wellness plans, diet charts, and lifestyle suggestions;
  • Providing dermatological assessments based on AI-analyzed images;
  • Enabling multilingual and culturally contextual interaction on the Platform;
  • Alerting Users to weather changes impacting health (pollution, temperature, humidity);
  • Educating users through curated health blogs and content;
  • Conducting analytics for product enhancement and machine learning model accuracy;
  • Fulfilling legal or contractual obligations and protecting the legal rights of Labops and Users.

Processing activities are based on:

  • The User’s explicit consent obtained at registration or at the time of service use;
  • Performance of a contractual obligation (e.g., fulfillment of requested services);
  • Compliance with legal obligations (e.g., responding to law enforcement requests);
  • Legitimate interest in providing secure, efficient, and improved services.

5. CONSENT MANAGEMENT

  • 5.1 By using the Platform, you voluntarily and explicitly agree to allow Labops to collect, store, and process your data for the purposes described herein.
  • 5.2 Users have the right to withdraw consent at any time. Such withdrawal can be communicated via email to the Grievance Officer. Please be advised that withdrawal of consent may affect your ability to access services or functionality.
  • 5.3 We may retain limited data for legal compliance or dispute resolution purposes even after consent withdrawal.

6. DATA STORAGE AND SECURITY MEASURES

  • 6.1 All User data is securely stored on cloud-based infrastructure operated by Google Cloud. Labops uses stringent security measures to protect your data including:
    • Encryption of data at rest and in transit (AES-256 and SSL);
    • Use of virtual private clouds and firewalls;
    • Access controls to limit internal data visibility;
    • Regular third-party vulnerability and penetration testing;
    • Two-factor authentication and session management protocols.
  • 6.2 Labops follows internationally accepted standards like ISO/IEC 27001 for data management practices and continuously updates its systems to resist emerging threats.

7. DATA RETENTION AND DELETION

  • 7.1 Labops retains your personal data for as long as necessary to fulfill the purposes stated in this Policy or as mandated under Applicable Law.
  • 7.2 You may request deletion of your data by submitting a written request. Such requests will be verified and honored within legally prescribed timelines unless retention is required by law (e.g., for audit, litigation, or statutory obligations).
  • 7.3 Post-termination or withdrawal, data may be anonymized and used for statistical or research purposes.

8. DATA DISCLOSURE AND SHARING POLICY

Labops does not commercialize user data and limits third-party sharing under these conditions:

  • With prior consent of the User;
  • With third-party vendors bound by confidentiality and data protection contracts, only for specific functions such as cloud hosting, analytics, and customer support;
  • When disclosure is mandated by government authorities or courts of law in accordance with due process;
  • During organizational restructuring (e.g., merger, acquisition), with continued protection of data privacy.

Labops conducts due diligence and audits of third parties to ensure compliance with applicable privacy standards.

9. USER RIGHTS UNDER THIS POLICY

Users are entitled to:

  • Access: Request access to personal data we hold about you;
  • Rectification: Correct inaccurate or outdated information;
  • Data Portability: Request data in a structured, commonly used format;
  • Erasure: Request deletion of your personal data (subject to legal requirements);
  • Objection: Object to processing based on legitimate interests;
  • Grievance: Lodge a complaint with the Grievance Officer.

Requests should be addressed to [Insert Designated Email Address].

10. USE OF COOKIES AND SIMILAR TECHNOLOGIES

  • 10.1 Labops uses cookies to enhance user experience, retain preferences, and ensure efficient service delivery. These cookies do not collect personally identifiable information unless voluntarily submitted.
  • 10.2 Users may disable cookies through browser settings; however, some functions may be affected.
  • 10.3 No cookies are used for advertising, tracking across other platforms, or behavioral profiling.

11. HANDLING DATA OF MINORS

  • 11.1 Labops is intended for individuals aged 18 years and above. No services are knowingly offered to minors.
  • 11.2 If a parent or guardian becomes aware that a minor has submitted personal information, they should contact Labops immediately. Upon verification, such data shall be permanently deleted.

12. INTERNATIONAL TRANSFERS OF DATA

Where personal data is transferred outside India, Labops ensures that:

  • The recipient country has adequate data protection measures;
  • Data Transfer Agreements and Standard Contractual Clauses are in place;
  • Users are informed of such transfers and give their explicit consent when required.

13. POLICY UPDATES AND MODIFICATIONS

Labops may revise this Policy from time to time. Users shall be notified of material changes through email or prominent notices on the Platform. Your continued use of the services post revision will be deemed acceptance of the updated terms.

14. GRIEVANCE REDRESSAL MECHANISM

Pursuant to Rule 5(9) of the SPDI Rules, the following Grievance Officer is appointed to address data protection issues:

  • Name: Sheershadeb Das
  • Designation: Grievance Officer – Data Protection and Compliance
  • Email: sheershadeb@labops.in

Grievances shall be acknowledged within 72 hours and resolved within 30 working days.

15. GOVERNING LAW AND JURISDICTION

This Privacy Policy shall be interpreted in accordance with the laws of the Republic of India. All disputes arising from or relating to this Policy shall be subject to the exclusive jurisdiction of the courts situated in Kolkata, West Bengal.

BY USING THE PLATFORM, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREED TO THIS PRIVACY POLICY AND AUTHORIZE Labops TO PROCESS YOUR PERSONAL AND HEALTH INFORMATION IN ACCORDANCE WITH ITS TERMS.