Privacy Policy

Doorbell Pharmacy ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (doorbellpharmacy.xyz), use our mobile application, or interact with our services in any manner. Please read this policy carefully to understand our practices regarding your personal data.

By using our platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms of this policy, please do not access or use our services. This policy applies to all visitors, users, customers, and others who access our platform.

1. Information We Collect

We collect information that you provide directly to us, information that is collected automatically when you use our platform, and information that we receive from third-party sources. The types of information we collect include:

1.1 Personal Information You Provide

• Identity Data: Your full name, date of birth, gender, and profile photograph when you create an account with us.
• Contact Data: Your mobile phone number, email address, and residential or delivery address including pincode, city, and state.
• Medical Data: Prescription details, medication history, health conditions (if voluntarily shared), doctor's information, and any health-related queries you submit through our platform. This data is handled with the highest level of confidentiality.
• Payment Data: Your payment method details including UPI ID, card details (processed securely through our payment gateway partners), billing address, and transaction history.
• Communication Data: Records of correspondence between you and our team through email, phone calls, WhatsApp, chat support, or any other communication channel.
• Enquiry Data: Information submitted through our contact or enquiry forms including name, phone, email, subject, and message content.
• Feedback Data: Product reviews, ratings, survey responses, and any feedback you provide about our products or services.

1.2 Information Collected Automatically

• Device Information: Type of device you use to access our platform, operating system, browser type and version, screen resolution, and device identifiers.
• Usage Data: Pages visited, time spent on each page, links clicked, features used, search queries, browsing patterns, and interaction with our platform.
• Location Data: Approximate location based on your IP address, GPS data (if you have enabled location services), and Wi-Fi access point information for delivery optimization.
• Log Data: IP address, access times, referring URLs, and other technical log information generated when you access our platform.
• Cookie Data: Information stored in cookies and similar tracking technologies on your device (detailed in Section 4 below).

1.3 Information from Third Parties

• Payment Processors: Transaction confirmation and payment status information from our payment gateway partners such as Razorpay, PayU, or other authorized processors.
• Delivery Partners: Delivery status updates, proof of delivery, and location data from our logistics and delivery partners.
• Social Media Platforms: Information you choose to share when you log in or interact with our platform through social media integrations.
• Analytics Providers: Aggregated and anonymized user behavior data from analytics tools like Google Analytics to help us understand platform usage patterns.

2. How We Use Your Information

We use the information we collect for various purposes to provide, improve, and personalize our services. The specific purposes include:

• Service Delivery: To process your orders, verify prescriptions, dispense medicines, arrange deliveries, and provide customer support for all your pharmacy-related needs.
• Account Management: To create and manage your user account, authenticate your identity, maintain your order history, and provide personalized recommendations based on your preferences.
• Communication: To send you order confirmations, delivery updates, payment receipts, appointment reminders, medication refill reminders, and respond to your queries and support requests.
• Personalization: To tailor your experience on our platform by showing relevant products, health tips, and content based on your browsing history, purchase patterns, and stated preferences.
• Improvement & Analytics: To analyze usage patterns, identify popular products, optimize our platform's performance, fix bugs, and develop new features and services based on user behavior insights.
• Marketing & Promotions: To send you promotional communications about new products, special offers, discounts, loyalty rewards, seasonal campaigns, and other marketing materials that we believe may interest you.
• Safety & Security: To detect, prevent, and address fraud, unauthorized access, illegal activities, and other security threats to protect our platform, users, and business interests.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests, including pharmaceutical regulations under the Drugs and Cosmetics Act.

3. Information Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following limited circumstances:

• Service Providers: We share information with trusted third-party service providers who assist us in operating our platform, processing payments, delivering orders, sending communications, and performing analytics. These providers are contractually obligated to protect your data.
• Licensed Pharmacists: Your prescription and related medical data may be shared with our in-house or associated licensed pharmacists for the purpose of verifying prescriptions and ensuring safe dispensing of medicines.
• Delivery Partners: Your name, delivery address, and phone number are shared with our delivery partners solely for the purpose of completing your order delivery. No medical or prescription information is shared with delivery personnel.
• Payment Processors: Your payment-related information is shared with our payment gateway partners in encrypted form to process your transactions securely.
• Legal Requirements: We may disclose your information if required to do so by law, in response to a valid legal request (such as a court order, subpoena, or government investigation), or when we believe in good faith that disclosure is necessary to protect our rights.
• Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

4. Cookies & Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect and store information about your interactions with our platform. These technologies help us remember your preferences, understand how you use our platform, and improve your overall experience.

4.1 Types of Cookies We Use

• Essential Cookies: These cookies are strictly necessary for the operation of our platform. They enable core functionalities such as user authentication, shopping cart management, secure checkout, and ensuring the security of your browsing session.
• Performance Cookies: These cookies collect information about how visitors use our platform, such as which pages are visited most often and how users navigate between pages. All data collected is aggregated and anonymized.
• Functionality Cookies: These cookies allow our platform to remember choices you make (such as your preferred language, city, or delivery address) and provide enhanced, personalized features.
• Advertising Cookies: These cookies are used to deliver advertisements that are relevant to you and your interests. They also help limit the number of times you see an advertisement.
• Analytics Cookies: These cookies help us understand how our platform is being used and how we can improve the user experience. We use tools like Google Analytics for this purpose.

4.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or accept cookies, delete existing cookies, or set preferences for certain websites. Please note that disabling certain cookies may affect the functionality of our platform and limit your ability to use some features.

5. Data Security Measures

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

• Encryption: All data transmitted between your device and our servers is encrypted using industry-standard SSL/TLS encryption protocols.
• Secure Storage: Your personal data is stored on secure servers with enterprise-grade firewalls, intrusion detection systems, and access controls.
• Access Control: Access to your personal information is restricted to authorized personnel on a need-to-know basis. All employees undergo data protection training.
• Payment Security: All payment transactions are processed through PCI-DSS compliant payment gateways. We do not store complete credit/debit card numbers on our servers.
• Regular Audits: We conduct periodic security audits, vulnerability assessments, and penetration testing to identify and address potential security weaknesses.
• Incident Response: We have a documented incident response plan to quickly identify, contain, and remediate any data security breaches.

6. Data Retention Policy

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. The specific retention periods are as follows:

• Account Data: Retained for the duration of your account's active status plus 3 years after the last activity on your account.
• Order & Prescription Data: Retained for a minimum of 5 years from the date of the transaction, as required by pharmaceutical regulations under the Drugs and Cosmetics Act, 1940.
• Payment Records: Retained for 7 years as required by Indian tax and financial regulations.
• Communication Logs: Retained for 2 years from the date of communication for quality assurance and dispute resolution purposes.
• Marketing Data: Retained until you withdraw your consent or opt out of marketing communications, after which it will be deleted within 30 days.
• Server Logs & Analytics Data: Retained for 90 days, after which the data is anonymized or deleted.

7. Your Rights & Choices

Under applicable Indian data protection laws, including the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, you have the following rights:

• Right to Access: You have the right to request a copy of the personal information we hold about you.
• Right to Correction: You have the right to request correction of any inaccurate or incomplete personal information.
• Right to Deletion: You have the right to request deletion of your personal information, subject to certain exceptions such as legal retention requirements.
• Right to Withdraw Consent: Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time.
• Right to Data Portability: You have the right to request your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to the processing of your personal information for direct marketing purposes.
• Right to Lodge a Complaint: You have the right to lodge a complaint with the relevant data protection authority if you believe that our processing of your personal information violates applicable data protection laws.

To exercise any of these rights, please contact us at info@doorbellpharmacy.xyz. We will respond to your request within 30 days.

8. Notification and Communication Consent

By accepting this policy, you acknowledge and consent to receive notifications and promotional communications from us through various channels, including but not limited to email, mobile push notifications, SMS, RCS (Rich Communication Services), WhatsApp, or any other digital communication platforms.

8.1 Types of Communications

• Transactional Communications: Order confirmations, order processing updates, dispatch notifications, delivery tracking information, delivery confirmation, payment receipts, refund notifications, invoice copies, and other essential communications related to your orders and account activities.
• Promotional Communications: Information about new product launches, special discount offers, coupon codes, seasonal sales, festive deals, combo offers, loyalty program updates, referral program invitations, and other marketing materials.
• Service Communications: Account verification emails, password reset links, security alerts, account activity notifications, policy update notifications, terms changes, and scheduled maintenance notices.
• Health & Wellness Communications: Medication refill reminders, health awareness articles, seasonal health tips, new wellness product recommendations, and general health information.
• Feedback & Survey Communications: Requests for product reviews, satisfaction surveys, and other feedback collection communications.

8.2 Communication Channels

• Email: To your registered email address. You may receive 2-4 emails per week.
• SMS: To your registered mobile number. Promotional SMS may be sent 2-4 times per month in compliance with TRAI regulations.
• WhatsApp: To your WhatsApp registered number. You may receive 4-6 messages per month.
• RCS (Rich Communication Services): To your RCS-enabled mobile number for enriched messaging experiences.
• OBD (Outbound Dialing): Automated voice calls for important order updates and critical service notifications.
• Mobile Push Notifications: Through our mobile application for real-time order updates and personalized offers.

8.3 Your Right to Opt Out

We respect your communication preferences and will process your opt-out request within 7 business days of receiving it. Once your opt-out request is processed, you will no longer receive promotional emails, SMS, WhatsApp messages, RCS messages, or push notifications from us. You will continue to receive essential transactional communications as these are necessary for the provision of our services.

8.4 Third-Party Communication by My Inbox Media

Certain promotional communications may be sent on our behalf by My Inbox Media, our authorized communication partner. My Inbox Media operates under strict data processing agreements that ensure your personal information is handled in compliance with this Privacy Policy and applicable laws. My Inbox Media does not use your information for any purpose other than sending communications on behalf of Doorbell Pharmacy as authorized by you.

8.5 Regulatory Compliance

All communication activities carried out by us and on our behalf comply with the following regulations:

• TRAI DND Regulations: Telecom Commercial Communications Customer Preference Regulations, 2018. We respect the National Customer Preference Register (NCPR/DND) and do not send promotional communications to numbers registered under DND without explicit consent.
• IT Act, 2000: Information Technology Act and associated rules regarding electronic communications and data protection in India.
• WhatsApp Business Policy: Meta's WhatsApp Business Messaging Policy regarding user consent, messaging templates, and response time requirements.
• Pharmaceutical Regulations: Drugs and Cosmetics Act, 1940, and Pharmacy Practice Regulations regarding communication related to medicines and healthcare products.

9. Children's Privacy

Our platform is not intended for use by individuals under the age of 18 years. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and become aware that your child has provided us with personal information without your consent, please contact us immediately at info@doorbellpharmacy.xyz. Upon receiving verifiable notice, we will take prompt steps to delete that information from our servers and records.

10. Third-Party Links

Our platform may contain links to third-party websites, applications, or services that are not operated or controlled by Doorbell Pharmacy. These links are provided for your convenience and reference only. We do not endorse, guarantee, or assume responsibility for the accuracy, relevance, legality, or quality of the content, products, or services available on or through any third-party platform. This Privacy Policy does not apply to third-party websites or services. We encourage you to review the privacy policies of any third-party platforms you visit through links on our website.

11. International Data Transfers

Your personal information is primarily stored and processed on servers located within India. However, in certain circumstances, your data may be transferred to or accessed from countries outside of India, including when you access our platform from outside India, when our service providers are located outside India, or when required by law. In such cases, we ensure that appropriate safeguards are in place, including standard contractual clauses and data processing agreements. By using our platform, you consent to the transfer of your information to countries that may have different data protection standards than India.

12. Changes to This Privacy Policy

Doorbell Pharmacy reserves the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this policy, we will update the "Last Updated" date at the top of this page, post a prominent notice on our website or mobile application, send an email notification to registered users for significant changes, and display a notification popup when you next access our platform. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and protect your information. Your continued use of our platform after any changes to this policy constitutes your acceptance of the revised Privacy Policy.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your privacy concerns promptly and transparently.

For opt-out requests related to promotional communications, please email us at info@doorbellpharmacy.xyz with the subject line "OPT-OUT" along with your registered mobile number and email address. We will process your request within 7 business days as stated in Section 8.3 of this policy.

This Privacy Policy is effective as of January 01, 2025, and applies to all information collected by Doorbell Pharmacy from that date forward.