This Privacy Policy (“Policy”) outlines how Homies Roam LLP (“Company,” “we,” “us,” or “our”), operating and handling Ear me out, the platform/website (“Platform”), collects, uses, discloses and protects the personal information of users (“User,” “you,” or “your”). This Policy is designed to comply with the applicable Indian laws, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000 and other relevant data protection laws and regulations regulated in India.
By accessing or using our Platform and services, you explicitly consent to the collection, use and disclosure of your information as described in this Policy. If you do not agree with any part of this Policy, you must not use our Platform or services.
ARTICLE 1: DEFINITIONS
For the purposes of this Policy, the following terms shall have the meanings ascribed to them below. Terms not explicitly defined herein shall carry the meaning attributed to them in the Terms and Conditions governing the use of the Platform/ Website, Ear me out
1.1. “Personal Information”: Any information that relates to a natural person which is capable of identifying such person, directly or indirectly, in combination with other information available or likely to be available with a data fiduciary.
1.2. “Sensitive Personal Data or Information” (SPDI): Such personal information which consists of information relating to: password; financial information such as bank account or credit card or debit card or other payment instrument details; physical, physiological, and mental health condition; sexual orientation; medical records and history.
1.3. “Data Fiduciary”: Refers to the Company, which determines the purpose and means of processing personal data.
1.4. “Data Principal”: Refers to the individual to whom the personal data relates, in this case, the user.
1.5. “Processing”: Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
ARTICLE 2: INFORMATION WE COLLECT
We collect various types of information to provide and improve our services, which may include personal information and sensitive personal data or information.
2.1. Information You Provide Directly:
2.1.1. Account and Profile Data: When you register for an account, create a profile or provide information through consent over a form displayed on our platform, we collect your name, email address, phone number, date of birth, gender and other demographic details. For mental health professionals, this includes qualifications, professional experience, licenses and areas of expertise.
2.1.2. Communications and Interactions: We collect information from your communications with us through emails, chat logs, support requests and your interactions with mental health professionals through the Platform which may include session notes, chat transcripts and assessment responses.
2.1.3. Transactional Data: If you make payments for the products or services such as event registration, therapy sessions, joining support groups and other service related payments, we collect information necessary to process the transaction, such as billing address and payment method details, while the actual payment card details are handled by secure third-party payment processors.
2.1.4. Health and Wellness Information: As a platform facilitating mental health services, we may collect sensitive personal data or information related to your mental and physical health, including but not limited to: your reasons for seeking therapy, symptoms, diagnoses, treatment goals, progress notes, medical history relevant to mental health and responses to self-assessment tools or questionnaires. This information is collected with your explicit consent and handled with the utmost care.
2.1.5. Event Participation Data: When you register for or participate at any of our events, we collect information related to your registration, attendance and any special requirements you may have.
2.2. Information We Collect Automatically: 2.2.1. Log Data: Our servers automatically record information when you access or use the Platform, including your Internet Protocol (IP) address, browser type, operating system, referring/exit pages, access times and activities on the Platform.
2.2.2. Cookies and Similar Technologies: We use cookies, could possibly use web beacons and other tracking technologies to collect information about your browsing behavior, preferences and interactions with our Platform. This helps us personalize your experience, analyze trends and improve our services being rendered. You can manage your cookie preferences through your browser settings.
2.2.3. Device Information: We may collect information about the device you use to access the Platform, including the device type, model, unique device identifiers, operating system version and mobile network information.
2.2.4. Location Information: With your consent, we may collect precise geolocation data from your device. Without such consent, we may infer your general location from your IP address.
ARTICLE 3: LAWFUL BASIS FOR PROCESSING PERSONAL INFORMATION
We process your personal information and sensitive personal data or information only when we have a lawful basis to do so, in accordance with the Digital Personal Data Protection Act, 2023 and other applicable laws. The lawful bases for our processing activities include:
3.1. Consent: You have provided your explicit consent to the Processing of your personal information for one or more specific purposes which may include therapeutic services, event registration’s or pre-bookings and marketing communications. You have the right to withdraw your consent at any time.
3.2. Contractual Necessity: Processing is necessary for the performance of a contract to which you are a user being provided with requested services, processing payments or to take steps at your request prior to entering into a contract.
3.3. Legal Obligation: Processing is necessary for compliance with a legal obligation to which the Company is subject to maintaining records as required by the laws governed in India, responding to legal requests.
3.4. Vital Interests: Processing is necessary to protect your vital interests or the vital interests of another natural person in case an emergency situation arises, involving threat of harm, to yourself or others.
3.5. Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by the Company or by a third party, provided that such interests are not overridden by your fundamental rights and freedoms and also to constantly improving Platform functionality and preventing fraud.
ARTICLE 4: HOW WE USE YOUR INFORMATION
We use the collected information for the following purposes:
4.1. To Provide and Improve Our Services: 4.1.1. To operate, maintain and enhance the functionality and user experience of our Platform and services.
4.1.2. To facilitate and manage your connections with mental health professionals and enable effective therapeutic sessions.
4.1.3. To process your transactions, manage your account and provide efficient customer support.
4.1.4. To organize, manage and promote events and other activities.
4.1.5. To personalize your experience on the Platform, including customizing content and recommendations.
4.1.6. To develop new features, products and services based on user needs and user-centered feedback.
4.2. To Communicate with You: 4.2.1. To send you essential service-related notifications, not limited to, updates to our Terms or this Policy, appointment reminders, appointment re-scheduling, event booking or pre-booking confirmations, invoicing, account alerts.
4.2.2. To respond to your inquiries, provide technical support and address your feedback.
4.2.3. To send you promotional materials, newsletters and/or offers, where you have explicitly consented to receive such communications.
4.3. For Research and Analytics: 4.3.1. To analyze trends, monitor user behavior and gather statistical data to understand how our Platform and services are used.
4.3.2. To conduct internal research to improve our services, enhance our understanding of mental health trends and contribute to the development of effective therapeutic practices. All research involving personal data will be conducted in an anonymized or aggregated manner where feasible.
4.4. For Legal, Security and Compliance Purposes: 4.4.1. To comply with applicable laws, regulations, legal processes and governmental requests.
4.4.2. To protect the security, integrity and operational continuity of our Platform and services.
4.4.3. To detect, prevent and investigate fraud, abuse, security incidents and other prohibited or illegal activities.
4.4.4. To enforce our Terms and Conditions and other policies.
4.4.5. To monitor and record sessions for quality assurance, training purposes and dispute resolution, with appropriate notice and consent where required.
ARTICLE 5: DISCLOSURE OF INFORMATION
We may disclose your information to the following categories of recipients, strictly in accordance with this Policy and applicable laws:
5.1. Mental Health Professionals: We share relevant personal information and sensitive personal data or information with the mental health professionals you choose to engage with, solely to facilitate consultations, therapy sessions and effective therapeutic engagement.
5.2. Service Providers: We engage trusted third-party service providers to perform functions on our behalf, such as payment processing, hosting, data storage, analytics, marketing, customer support and IT services. These providers are contractually obligated to protect your information, adhere to strict confidentiality requirements and may only use your information for the specific purposes, aligned with the products and services they provide.
5.3. Business Transfers: In the event of a merger, acquisition, reorganization, sale of assets or bankruptcy, your information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.
5.4. Legal and Regulatory Compliance: We may disclose your information if required to do so by law, court order, subpoena or other valid legal process, or if we believe in good faith that such disclosure is necessary to: 5.4.1. Comply with a legal obligation.
5.4.2. Protect our rights, property, or safety, or the rights, property, or safety of others.
5.4.3. Prevent fraud, abuse or other illegal activities.
5.4.4. Respond to a government request.
5.5. Affiliates: We may share your information with our affiliates, subsidiaries and parent companies, provided that their use of your information remains subject to this Privacy Policy and applicable data protection laws.
ARTICLE 6: DATA RETENTION
6.1. Retention Period: We retain your personal information and sensitive personal data or information only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Policy or as required or permitted by applicable laws in India.
6.2. Criteria for Retention: The criteria used to determine our retention periods include: The duration of our ongoing relationship with you and the provision of services. Legal obligations to which we are subject which includes record-keeping requirements for the services we provide. The necessity of retaining data for audit, quality assurance or dispute resolution purposes. The existence of a legitimate interest for retention that is not overridden by your data protection rights.
6.3. Deactivation and Deletion: If you deactivate your account, we may retain your information for a reasonable period thereafter to comply with our legal obligations. Sensitive personal data or information, particularly health information, will be handled with specific care, retained only for the period necessary to provide services, comply with legal obligations and resolve disputes, after which it will be securely deleted or anonymized.
ARTICLE 7: DATA SECURITY
7.1. Security Measures: We implement technical and administrative security measures designed to protect your personal information and sensitive personal data or information from unauthorized access, use, disclosure, alteration and destruction. These measures include, but are not limited to:
7.1.1. Encryption: Use of industry-standard encryption technologies such as SSL/TLS to protect data during transmission and while not in use.
7.1.2. Access Controls: Strict access controls and authentication mechanisms to limit access to personal information to authorized personnel on a need-to-know basis.
7.1.3. Firewalls and Intrusion Detection Systems: Deployment of firewalls and intrusion detection/prevention systems to protect our networks.
7.1.4. Regular Security Assessments: Conducting regular security audits, vulnerability assessments and penetration testing to identify and address potential weaknesses.
7.1.5. Employee Training: Regular training of our employees and associated mental health practitioners on data privacy, security best practices and confidentiality obligations.
7.2. Data Breach Protocol: In the unlikely event of a data breach involving your Personal Information, we will take prompt steps to investigate the breach, mitigate its effects and notify affected users and relevant regulatory authorities as required by applicable law, including the Digital Personal Data Protection Act, 2023.
7.3. Compliance: We adhere to the security safeguards prescribed under the Digital Personal Data Protection Act, 2023 and other relevant laws governed in India.
ARTICLE 8: YOUR DATA PROTECTION RIGHTS
As a Data Principal, you have the following rights concerning your personal information, subject to applicable legal limitations:
8.1. Right to Access: You have the right to request access to your personal information and to receive a copy of the information we hold about you, if you have given consent while voluntarily providing details, that were requested for by the Platform.
8.2. Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal information we hold records for, about you.
8.3. Right to Erasure (Right to be Forgotten): You have the right to request that we delete your personal information, under certain circumstances of the data no longer being necessary for the purposes for which it was collected or you withdraw consent.
8.4. Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information, under certain circumstances such as you contesting the accuracy of the data or of the processing of data being unlawful.
8.5. Right to Data Portability: You have the right to receive your personal information in a structured, commonly used and machine-readable format and to transmit that information to another Data Fiduciary, where technically feasible.
8.6. Right to Object: You have the right to object to the processing of your personal information that includes the right to object to processing for direct marketing purposes.
8.7. Right to Withdraw Consent: If we process your personal information based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
8.8. Right to Grievance Redressal: You have the right to complain to the Data Protection Board of India regarding any possible alleged violation of your data protection rights.
8.9. Right to Nominate: You have the right to nominate any other individual who shall exercise your rights as mentioned in this Policy, in the event of your death or incapacity.
ARTICLE 9: INTERNATIONAL DATA TRANSFERS
9.1. Data Location: Your personal information may be stored and processed in countries other than India, where our service providers or affiliates may operate. These countries may have data protection laws that differ from those in India.
9.2. Safeguards: When transferring your personal information outside India, we will ensure that appropriate safeguards are in place to protect your data, as required by the Digital Personal Data Protection Act, 2023. This may include transferring data to countries recognized as providing an adequate level of data protection or implementing standard contractual clauses approved by relevant authorities.
9.3. Consent to Transfer: By using our platform and services, you consent to the transfer of your personal information to these countries, subject to the safeguards mentioned above.
ARTICLE 10: CHILDREN’S PRIVACY
10.1. Age Restriction: Our platform and services are not intended for and do not knowingly collect personal information from children under the age of 18 years.
10.2. Parental Notification: If you are a parent or guardian and believe that your child under 18 has provided us with personal information without your consent, please contact us immediately. We will take prompt steps to investigate and delete such information from our records.
ARTICLE 11: THIRD-PARTY LINKS AND SERVICES
11.1. External Links: Our platform may contain links to third-party websites, services or products, including those of payment gateway service providers or collaborators.
11.2. Independent Policies: We are not responsible for the privacy practices, terms or content of these third parties. We encourage you to review the privacy policies and terms and conditions of any third-party services before providing them with your personal information or engaging with them. This Policy applies solely to information collected by the Company through the Platform.
ARTICLE 12: CHANGES TO THIS PRIVACY POLICY
12.1. Policy Updates: We reserve the right, in our sole discretion, to update or modify this Privacy Policy from time to time to reflect changes in our data practices, legal requirements or business operations.
12.2. Notification: We will notify you of any material changes to this Policy by posting the updated Policy on our Platform and if the need be, by keeping you notified by one or different modes of communication.
12.3. Acceptance of Changes: Your continued use of our Platform after the effective date of the updated Policy constitutes your acceptance of the revised Policy.
ARTICLE 13: GRIEVANCE REDRESSAL AND CONTACT INFORMATION
13.1. General Contact Information: If you have any questions, concerns or require clarification regarding these Terms, please contact us at:
Homies Roam LLP having its registered address: Krishna Keval Ngr, BL-E/13 SNO 1A, Kondhwa KD, Pune 411048, Maharashtra, India
Email: reach@earmeout.in
Phone: + (91) 9226917038
13.2. Grievance Addressal: In accordance with the Information Technology Act, 2000 and rules made thereunder, the name and contact details of the designated person to address any grievances are provided below: Name: Baby Joseph
Email: resolveissues@earmeout.in
Phone: + (91) 9226917038
The grievance addressable personnel shall address any discrepancies and grievances of the users with regard to processing of information in a time-bound manner.
IN WITNESS WHEREOF, your continued access to or use of the Platform signifies your full and unequivocal acceptance of this Privacy Policy.