Scope of this Policy
This policy applies only to information collected and received by us through access and use of the “Services” and/or “Sites”
and does not apply to any other information collected by us through other means. Further, this policy does not cover the activities of third parties.
It is your responsibility to read and understand this policy. By using our “Services” and/or “Sites”, you are agreeing and consenting to the practices
described in this policy. If you do not agree to all of this policy and do not wish to be bound by it, you should not use our “Services” or “Sites”. Please
read the following to learn more about how we collect, use and safeguard the information you may provide to us via these “Sites” and/or “Services”.
1. What is the Legal Purpose for collecting personal information?
- To fulfil business obligations as per Terms of Usage.
- To store information of the Patients, doctors, students and individuals for the usage of the application by us.
2. Who are we, controller and/or processor?
- We are processors and controller as we store, process, and transmit data as per customer requirements.
3. What information do we collect?
Via our “Sites” and/or “Services”, Criterion Tech collects from you:
- (i): certain personally identifiable (i.e., non-business) information,
- (ii): certain business information, and
- (iii): technical and other information
o General Site Visitors - When you browse the non-password protected portions of our “Sites” and/or “Services”, we only collect information tied to your name, email, postal address, phone, and other contact details when you engage in the following activities:
- Request information;
- Participate in a survey;
- Interact with our social media pages;
- Apply for employment, internship, or other volunteer opportunities;
- Subscribe to one of our newsletters;
- Post content where permitted on the Site or our other online locations.
This information is only used to fulfill your specific request, unless you give us permission to use it in another manner, for example, to add you to one of our mailing lists.
o Registered Customers and Suppliers - At the time you become a registered customer of Criterion Tech or you register as a supplier on the site, we request that you provide us with certain personal information (including your or a business executive’s name, address, phone number, and email address).
o All Site Users - Criterion Tech uses commonly-used automated information-gathering tools such as cookies. While you are browsing our “Sites” and/or “Services”, we automatically log your browser type, operating system, IP address (a number assigned to your computer when you use the Internet), general data (including your domain name, and the name of the web page from which you entered our site, and your activity while using our site. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. For the purpose of enrolment, we collect the following information:
From Student, Doctors, Patients, users
- Parent/Guardian information
- Student information
- Phone numbers
- Physical characteristics - height, weight
- Bank account/branch
- Health related Data
- Geographical location
- Social Security Number
- Other Personal Information Necessary
Users of the organization (e.g. Hospitals)
- Other Personal Information Necessary
4. How long do we retain this information?
We retain personal information as per the Terms of contracts with our customers, the educational institutes (controller). We secure purge/delete the data in case of contract termination.
5. Where do we transfer this personal information?
We transfer this information as per customer requirements. We currently keep customer data at the following location/s. (Central India for both Production and backup.
6. How do we fulfil data Subject rights?
Data subject rights
- The Right to Information
- The Right of Access
- The Right to Rectification
- The Right to Erasure
- The Right to Restriction of Processing
- The Right to Data Portability
- The Right to Object
- The Right to Avoid Automated Decision-Making
When you raise any request to fulfil your rights, we will first establish your identity and will then escalate the request to the entity,
which is the source of the data for us.
We will perform the task as per our customer (controller) direction.
7. Who do we share information with?
- We do not share your personal information with any third parties.
- We use the services of cloud service providers, who provide their independent assurance of privacy obligations.
- To know more about their privacy policies and assurance, please visit:
8. How do we ensure the security of personal information?
Reasonable security controls are in place that includes technical, personnel, and procedural controls to protect against unauthorized access, unauthorized modification, and unavailability.
- Access control
- Backup and Recovery
9. Whom to contact in case of data subject rights, questions, or complaints
Our site permits you to contact us via email. Whenever you send an email via our site, you will be providing us with your name, title, email address, phone number, and any information you choose to include in the text of your message. For example, you may choose to provide your mailing address or other information necessary or helpful for us to address your query or other concern. Privacy Contact information: email@example.com
10. When do we update this policy?
At last, annually, or as and when changes are required.