The website www.thehealingcircle.in (“Website”) which is owned and operated by The Healing Circle (“Trust”), a registered charitable trust, having its offices at #83-84, L G Lakedew, Doddagubbi Post, Bileshivale, Near SSR College, Bangalore – 560 077. The Trust, through the Website, enables the Users to make donations towards various charitable objectives of the Trust (“Donation”) (“Donor”) and has hyperlinks through which any User may visit a third party website to purchase products such as publications, life and living kits and potentially handcrafted work (children's art, curios, handmade paper, wool, fabric products.
This Policy covers our policies and practices regarding collection, use and disclosure of personal information we receive about you when make Donations, or otherwise interact with us on the Website. This Policy does not apply to websites that the Trust does not own or control, or to individuals that the Trust does not employ or manage, such as the third party links on the Website.
We hold the sincere belief that you should always know what data we collect from you, the purposes for which such data is used, and that you should have the ability to make informed decisions about what data you want to share with us. This is why we want to be fully transparent about: (i) how and why we collect, store, share and use your personal data through the various capacities in which you interact with us; and (ii) the rights that you have to determine the parameters of this interaction.
While we would strongly advise you to read the Policy in full, the following summary will give you a snapshot of the salient points covered herein:
Your personal data relationship with the Trust is basis your activity on the Website. . If you have visited our Website, you are a visitor to the Website or any pages thereof (“User”) and/or a Donor.
The type of data we collect and the purpose for which we use is detailed in this Policy.
If you have any queries or concerns with this Policy, please contact our Grievance Officer. Please make a Donation on the Website, only if the terms of this Policy are acceptable to you.
1. USER/DONOR INFORMATION AND HOW WE USE IT
1.1 We will collect the following information from a User of the Website:
1.1.1 Your IP Address;
1.1.2 Your location unless you deactivate location services in the relevant section of the Website;
1.1.3 Your behaviour on the Website (what pages you land on, how much time you spend, etc.);
1.1.4 The device you use to access the Website and its details (model, operating system etc.);
1.1.5 Cookies and web beacon data through a webview;
1.1.6 Your name, PAN number, phone number, correspondence address and e-mail address;
1.1.7 Information submitted to our customer support, such as contact information, problem summary, and any other documentation, screenshots or information that would be helpful in resolving an issue submitted to us;
1.1.8 Your payment information to facilitate payments for the Donation made on the Website.
1.2 Along with 1.1 above, we will collect the following additional information from a Donor (depending on whether the Donor is a person or an entity) who makes a Donation on the Website:
1.2.1 Your complete name;
1.2.2 Your address/registered office address/principal place of business;
1.2.3 Your website address/official E-mail address;
1.2.4 Name of your father/spouse;
1.2.5 Your nationality;
1.2.6 Your Income-tax Permanent Account Number;
1.2.7 Your passport number, date of issue, place of issue and such other details; and
1.2.8 Your occupation.
1.3 The information we collect from a User of the Website is used to maintain records of Donations. . We do not sell your personal information to any third party. We may use this data to show appropriate content and advertisements.
1.4 We use the data from the device you access our Website to identify the login information of User from the same device. We also use the data provided by the User for the following purposes: (i) to enable you make Donations on our Website ; We use a third-party service provider to manage payment processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of payment processing on our behalf; (ii) to process your requests, enquiries and complaints, customer services and related activities; (iii) and/or (iv) to provide support to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law or anti-fraud activities/systems.
1.5 We collect personal data from you when you provide, post or upload it on the Website, such as when you fill out a form, (e.g., while making Donations), respond to a survey. If you opt to import your address book, we receive your contacts, including contact information of your service provider(s) that have been automatically added to your address book prior to using the Website.
2. WHAT ARE THE COOKIES AND WEB BEACONS REFERRED TO ABOVE?
2.1 COOKIES - WHAT THEY DO
2.1.1 They are useful because they allow us to recognize your device when you return. You can disable them through your browser should you so wish.
2.1.3 You can find more information about cookies at: www.allaboutcookies.org
2.2 COOKIES - WHAT THEY WON’T DO
2.2.1 Contain any executable software, malicious code or virus.
2.3 WEB BEACON - WHAT THEY DO
2.3.1 We use web beacons to manage cookies, record visits, and to learn marketing metrics. We also use web beacons to track and monitor email opening rates as well as link clicks.
2.3.2 You can find more information about web beacons at: http://www.allaboutcookies.org/faqs/beacons.html
2.4 WEB BEACON - WHAT THEY WON’T DO
2.4.1 Contain any executable software, malicious code or virus.
3. ANONYMISATION OF DATA
3.1 FOR THE AVOIDANCE OF ANY DOUBT, WE CLARIFY THAT IN THE EVENT WE ANONYMIZE AND AGGREGATE ANY DATA OR INFORMATION COLLECTED FROM YOU, WE WILL BE ENTITLED TO USE SUCH ANONYMIZED DATA OR INFORMATION FREELY, WITHOUT ANY RESTRICTIONS OTHER THAN THOSE SET OUT UNDER APPLICABLE LAW.
4. ACCESS, CORRECTION & DELETION
4.1 You may request access, correction or updation, and deletion of the data by contacting our IT Team at firstname.lastname@example.org. Kindly note that deletion of certain data or withdrawal of consent may lead to you not being able to make any Donations on our Website.
4.2 Based on technical feasibility and subject to suitable identity verification, we will provide you with access to all your personal and sensitive personal data that we maintain about you.
5. RETENTION OF PERSONAL INFORMATION
5.1 Your personal data will primarily be stored in electronic form. We may enter into agreement with third parties to collect, store, process your personal data but under full compliance with applicable laws. In the event, you have any telephonic interactions with our customer/client representatives, the call data is recorded and stored in the IT System for training and quality purposes.
6. SECURITY OF YOUR PERSONAL INFORMATION
6.1 We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data (such as a credit card number or your geo-location), it shall be: (i) in compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and other applicable laws; and (ii) encrypted using industry-standard cryptographic techniques including but not limited to authentication, confidentiality and integrity.
7. TRANSFER OF INFORMATION
7.1 *In the ordinary course of business, we may employ other companies and people to assist us in record keeping, data analysis, processing payments and providing customer service in compliance with the provisions of this Policy. To do so, we may need to share your data with them.
8. USER/DONOR CONTENT
8.1 Any comments, messages, etc. posted/ uploaded/ conveyed/ communicated by you on the public sections of the Website becomes published content. We may publish such published content on our Website so long as you consent. You may request that such published content be taken down at any time and we shall remove such published content. However, we are not responsible for any actions taken by third-parties with respect to such published content.
9. THIRD PARTY LINKS
9.1 We may display links to third-party websites or applications on our Website for advertising or providing you with relevant content. We will not be responsible for such third-party websites or applications if you choose to access them. If you provide any data to such website/application, please ensure you read their policies given that you will no longer be bound by this Policy in doing so.
9.2 We may receive data whenever you visit a third-party link through our Website which includes the date and time of your visit to the third-party website, the web address or URL, technical information about the IP address, browser and the operating system you use and, if you are logged into your account on the Website, your username.
10. COMPELLED DISCLOSURE
10.1 In addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:
10.1.1 under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;
10.1.2 to protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;
10.1.3 in connection with legal proceedings brought against us, our officers, employees, affiliates, customers or vendors; or
10.1.4 when we enter into a business deal or negotiate a business deal, or our assets are merged or acquired by the other business entity, or during restructuring of business or re-organization, we may have to share information provided by you with the other business entities. However, the information shared will be protected by suitable confidentiality arrangements with such third parties.
11. YOUR RIGHTS & PREFERENCES AS A DATA SUBJECT IN THE EUROPEAN UNION
11.2 If the entities to which transfer of data are effected are not situated in countries deemed ‘adequate’ by the European Commission or are not registered under the EU-US Privacy Shield framework, we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures (including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws.
11.3 In case you are a User entitled to data protection under the European Union (EU) called the General Data Protection Regulation (GDPR), we would like to inform you of the features under GDPR. Your rights under the GDPR are listed hereunder.
11.3.1 RIGHT TO BE INFORMED. You have a right to be informed about the manner in which your personal data is collected or used as elucidated in this Policy.
11.3.2 RIGHT OF ACCESS. You have a right to access your personal data provided to us by requesting us for the same.
11.3.3 RIGHT TO RECTIFICATION. You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.
11.3.4 RIGHT TO ERASURE. You have a right to request us to delete your personal data.
11.3.5 RIGHT TO RESTRICT. You have a right to request us to temporarily or permanently stop processing all or a part of your personal data for any reason whatsoever, including, without limitation for the purpose of direct marketing.
11.3.6 RIGHT TO OBJECT. You have a right, at any time, to object to our processing of your personal data under certain circumstances.
11.3.7 RIGHT TO DATA PORTABILITY. You have a right to request for a copy of your personal data in electronic format and to request for transmission of such personal data to third-parties for using such third-party products/services.
11.3.8 RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING. You have a right to ascribe explicit consent requirement for any decisions relating to your personal data. You shall not be subject to automated decision making, including profiling.
11.4 Additionally, we may process your data to serve legitimate interests as described under GDPR. Accordingly, the grounds on which we can engage in processing are as follows:
11.4.1 User Data - Consent, Performance of a Contract and Legitimate Interest.
11.4.2 Special Categories of Personal Data - Consent and Performance of a Contract.
11.4.3 Payment Data - Performance of a Contract, Compliance with applicable laws and Legitimate Interest.
11.4.4 Service Usage Data - Performance of a Contract and Legitimate Interest.
11.4.5. Personal Stories - Consent.
11.5 In case you want to exercise the rights set out above, do feel free to contact our Grievance Officer whose details are set out below. If you believe we have used your personal data in violation of the rights above or have not responded to your objections, you may lodge a complaint with your local supervisory authority.
13. GRIEVANCE OFFICER
13.1 The name and contact details of our Grievance Officer, who you may contact if you have any concerns, complaints or feedback pertaining to this Policy or your personal data, are as follows:
NAME: Ms. Rathy Nair
ADDRESS: #83-84, LG Lakedew, Bileshivale, Bengaluru 560 077, India
TELEPHONE: +91 93422 04301
This Policy was last updated on October 12, 2020.