1. Information We Collect

We collect the following types of information:

• Personal Information: Name, email, phone number, date of birth, gender, location (city/state/pin code), profile photo (optional).
• Health & Sensitive Data: STD test results, test dates, diagnostic center details, verification status, Clean Check ID/QR code data, medical reports uploaded by you or synced by centers (classified as sensitive personal data under law).
• Technical Data: IP address, device info, browser type, app usage, cookies, logs.
• From Centers/Partners: Verified test results uploaded by diagnostic labs/centers with your consent.

2. How We Collect Information

• Directly from you when registering, uploading results, or searching centers.
• From partnered diagnostic centers/labs when they sync verified test results (with your explicit consent).
• Automatically through cookies, analytics, and device interactions.

3. How We Use Your Information

We use your data only for:

• Providing core services: finding testing centers, uploading/verifying results, generating shareable Clean Check IDs/QR codes.
• Facilitating secure sharing with chosen partners (dating/matrimonial platforms via API – only with your consent).
• Improving platform, analytics, support, and security.
• Complying with legal obligations, public health needs, or legitimate uses under DPDPA Section 7.

We follow data minimization – collecting only what's necessary.

4. Consent & Lawful Basis

We process your data based on:

• Your explicit, informed consent (withdrawable anytime).
• Legitimate uses under DPDPA (e.g., voluntary provision for service, medical treatment facilitation).

You can withdraw consent via account settings or by contacting us – some core functions may then be unavailable.

5. Sharing & Disclosure

We do NOT sell your data. We share only:

• With partnered testing centers/labs for result syncing (with consent).
• With API partners (dating/matrimonial apps) only when you explicitly share your verification status.
• With service providers (cloud storage, analytics) under strict contracts.
• When required by law, court order, public health emergencies, or to protect rights/safety.

6. Data Security

We implement reasonable security practices including:

• End-to-end encryption for health data.
• Access controls, regular audits, secure storage (ISO 27001-aligned where possible).
• Protection against unauthorized access, alteration, disclosure.

No method is 100% secure – we cannot guarantee absolute security.

7. Your Rights (Data Principal Rights under DPDPA)

• Access, correct, or update your data.
• Withdraw consent.
• Request erasure (subject to legal retention).
• Grievance redressal (response within timelines prescribed by law).

Email us at privacy@safeconnect.in or use in-app tools.

8. Data Retention

We retain your data only as long as necessary for the purpose or required by law (e.g., medical records may have statutory retention). After that, we delete or anonymize it.

9. Children's Privacy

Our services are not directed at children under 18. We do not knowingly collect data from minors without parental/guardian consent.

10. Changes to This Policy

We may update this policy. Changes will be posted here with updated date. Significant changes will be notified via email or in-app notice.

11. Contact Us

For questions, complaints, or to exercise rights:

Email: privacy@safeconnect.in
Grievance Officer: [Name], SafeConnect, Ahmedabad, Gujarat, India