This Privacy Policy explains how SugarSight, a product of VTPL, collects, uses, shares, and protects your personal and sensitive data when you use our mobile application, website and Services. 

This document contains information on how we process personal data, the type of personal data that is collected, the purpose of using the collected personal data, the access of third parties to such data and the security measures to be taken with regard to the collection of personal data. 

We are committed to protecting your privacy and handling your data in compliance with the Digital Personal Data Protection Act (DPDP), 2023, Information Technology Act (IT Act), 2000 and Sensitive Personal Data Rules, 2011 and other applicable laws and regulations in India. 

1.       The Information We Collect 

We collect information to provide and improve our Services to you. The data we collect depends on how you use SugarSight and what features you engage with. 

Information You Provide to Us: 

This is information you voluntarily give us when you register, use our features, or communicate with us. 

• Registration and Profile Data: Your name, email address, phone number, date of birth, and role (patient, caregiver, doctor, or dietician). 

• Health and Medical Data: This is sensitive personal data that we collect to provide our core services. It includes: 

• Glucose Data: Continuous Glucose Monitor (CGM) readings and Blood Glucose Meter (BGM) readings. 

• Logging Data: Records of your meals (including photos and estimated carb/calorie counts), insulin doses, and exercise activities. 

• Medical Reports: Prescriptions, lab reports, and other medical documents you upload. 

• Communication Data: Information from your interactions with us, including in-app messages and video consultations with healthcare professionals. 

• Payment Information: If you use paid Services (like consultations), we collect necessary billing details. 

Information Collected Automatically: 

When you use the App, certain data is collected automatically. 

• Technical Information: Device information (model, OS version), IP address, and App usage data. 

• Usage and Interaction Data: Details about how you interact with the App, such as the features you use, the duration of your sessions, and any errors that occur. 

• Location Data: If you grant us permission, we collect your location to enhance services like Google Fit/Apple Health integration and for a more accurate experience. 

2.       How We Use Your Information 

We use the information we collect for the following purposes, with your explicit and informed consent as required by law. 

• To Provide and Manage Our Services: 

• We collect your data in order to help you to register and facilitate provision of our Services. We also use your information to analyse and identify your requirement/behaviour to enhance the interactions you have with the App/website. 

• To display your glucose readings, trends, and summaries in your personalized dashboard. 

• To apply our proprietary CGM error correction algorithm to your data for more accurate readings. 

• To enable you to log and view your meals, insulin, and exercise activities. 

• To facilitate and store your in-app video consultations, e-prescriptions, and diet plans. 

• To generate daily/weekly summaries and reports for you and your healthcare providers. 

• We use the data for analytic, and reviews to improve the Services and for any research purposes. 

• We also use the data to provide support to law enforcement agencies/court orders or in connection with h investigation on matters related to public safety as permitted by law. 

• We may use your data in an aggregate and deidentified form for internal and third party  research purposes based on our legitimate interest  in generating non personally identifiable insights including analytic of trends, user behaviour and other patterns for inclusion in scientific publications, presentation or reports while maintaining user anonymity .To reinstate all such research utilizes data that is deidentified ensuring no individual user can be identified. 

• To Enhance and Improve the App: 

• To use our AI models for meal estimation and predictive alerts. 

• To use data from Google Fit and Apple Health to refine glucose predictions. 

• To personalize your experience and improve our features. 

• For Communication and Support: 

• To send you predictive alerts and other notifications related to your health. 

• To respond to your inquiries and provide technical support. 

• To Promote Engagement: 

• To track your progress and award points through our reward/loyalty program. 

3.       How We Share Your Information 

We do not sell your personal or health data. We only share it for the purposes described below, with your explicit consent, as permitted by the DPDP Act. 

• With Your Consent: 

• Healthcare Providers: We share your health data with the doctors you choose to consult with, as well as with their teams, to enable consultations, diagnoses, and treatment. 

• Caregivers: We share your glucose and activity data with the caregivers you specifically designate in your app settings to allow for remote monitoring. 

• Nutritionist/Dieticians: We share your glucose and activity data as well as your meal information with the nutritionists and dieticians you specifically designate in your app settings to allow for remote monitoring. 

• For Legal Reasons: 

• We may share your data if required by law, a court order, or to cooperate with regulatory bodies like the Central Drugs Standard Control Organisation (CDSCO). 

• With Third-Party Service Providers: 

• We use third-party services to operate and maintain the app (e.g., cloud hosting, video conferencing SDKs, notification services). These providers are bound by confidentiality agreements and are only permitted to use your data to perform the Services we have contracted them for. 

4.       Your Rights (as a Data Principal) 

Under the Digital Personal Data Protection Act (DPDP), 2023, you have the following rights regarding your data: 

• Right to Access: You can request to access and obtain a summary of your personal data held by us. 

• Right to Correction and Erasure: You can ask us to correct any inaccurate or incomplete personal data, or request the erasure of your data. 

• Right to Grievance: You have the right to file a complaint with us if you believe we have violated the terms of this policy. 

• Right to Nominate: You can nominate another person to exercise your rights in the event of your death or incapacity. 

You can exercise these rights by contacting us through the methods provided above. 

5.       Data Security 

We implement robust security measures to protect your data from unauthorized access, loss, or disclosure. We implement the industry standard, technical and organisational measures including cryptographic techniques by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, laws, disruptions, or disclosure. 

• Encryption: All data, especially sensitive health data, is encrypted both when it is stored on our servers (at rest) and when it is transmitted between your device and our servers (in transit). 

• Access Controls: Access to your data is strictly limited to authorized personnel who have a legitimate need to see it to provide our Services. 

• Please be advised that we have taken all the necessary steps for the security and protection of all our digitals platforms. However, we shall not be responsible or liable for any breach of security or the disclosure of personal data for reasons beyond our control including but not limited to hacking, social engineering, cyber terrorism, espionage by third third parties., or by any events by way of force majeure such as sabotage, fire, flood, explosion, acts of God, civil commotion, strikes, or industrial action of any kind, riots, insurrections, war or acts of government. 

6.       Data Retention 

We will retain your personal and health data for as long as your account is active or as needed to provide you with our Services. We will also retain and use your data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. 

We may retain your personal data even if you seek deletion thereof if it is needed to comply with our legal obligations, resolve disputes and to enforce our agreements. 

If you are a registered user please be informed that after you terminate your usage or Services we may, unless legally prohibited delete all your data provided or collected by you from our servers. 

The following data will be kept permanently: 

• Patient information (Name, Age, BMI, HbA1c, Type of Diabetes, Other co-morbidities) 

• Continuous Glucose Monitor Data. 

s 

However, please note that the following data will be deleted on a monthly basis: 

• Meal images that are uploaded to the app 

• Prescriptions that are more than a year old 

• Lab reports that are more than a year old 

7. Compliance with children’s data protection 

As part of the app Service provided, children under the age of 18( or such other minimum age prescribed under law of the relevant territory ) may use the App/website to avail the Services .However children should seek the consent of their parents before providing any information about themselves on App/website and the usage of the Services should be under the guidance of an adult at all times. 

8.       Storing your personal data 

VTPL will store your information for as long as we have to under the applicable law, and where there is no legal requirement, we will only store it for as long as necessary to fulfil the purposes for which it was collected as described in this policy. To determine the appropriate period for storing personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. 

Data that VTPL collects using the App/website is as below: 

Name, gender, age, phone number, email address, mailing address, height, weight, lifestyle, medical conditions, health or fitness goals, user name or other identifiers, payment details, location details, IP address, food photos, prescriptions, all other health details, fitness details etc.