Objective and Scope
Neocortex Life Sciences Private Limited (“we”, “us”, “our”, “Neocortex”) values the trust placed in us by data subject (“you”, “your”, “user”, “consumer”) and therefore, we assure that we follow the highest standards of privacy guidelines to protect the information shared by you with us.
This Policy covers both our online and offline data collection activities, including Personal Data that We collect through our various channels such as websites, apps, third party social networks, Consumer Engagement Service, points of sale and events. Please note that We might aggregate personal data from different sources (website, offline event). As part of this, We combine Personal Data that were originally collected by different Neocortex entities or Neocortex partners.
If you do not provide necessary Personal Data to us We may not be able to provide you with our goods and/or services. This Policy can change from time to time.
By using Neocortex Website (for example, when you register for an account, communicate with us, on our sites or applications or through social media), you agree to provide consent to our collection, use and sharing of your personal information as described in this policy. In some cases, particularly if you reside in a country governed by a data protection regulation, we may ask you to provide explicit consent to access our services before proceeding for further operations.
If you are a traveller visiting various countries around the world and avail the Platform’s services, then we will determine your location using your IP address and in the event IP detection fails, we will consider the last cached location as your current location to provide you services and the consents obtained at the time of registration in that location will be valid for processing of your personal information. We use third party service providers to help us determine your location to provide you with appropriate content and services on our Platform.
Upon implementation of GDPR, existing user in order to receive full scale services as provided will be required to opted in, subscribe and consent for provision of services, failure to subscribe will deny the use the access and full use of the services provided by Neocortex.
‘Personally Identifiable Information’ or ‘PII’ is defined as any information that identifies (whether directly or indirectly) to a particular individual or natural person, such as the individual’s name, postal address, email address, mobile number and any other specific identifier indicating to that particular person. When anonymous information is directly or indirectly associated with personal information, the resulting information also is treated as personal information.
This Policy applies to Personal Data that We collect from or about you, through the methods described below, from the following sources:
The above information may also be captured by keeping cookies on our websites by our affiliates for the purposes mentioned in this document elsewhere.
Depending on how you interact with Neocortex (online, offline, over the phone, etc.), We collect various types of information from you, as described below:
Web beacons (also known as "web bugs") are small strings of code that deliver a graphic image on a web page or in an email for the purpose of transferring data back to Us. The information collected via web beacons will include information such as IP address, as well as information about how you respond to an email campaign (e.g. at what time the email was opened, which links you click on in the email, etc.). We will use web beacons on our Websites or include them in e-mails that We send to you. We use web beacon information for a variety of purposes, including but not limited to, site traffic reporting, unique visitor counts, advertising, email auditing and reporting, and personalisation.
*In case of sharing or referring the subscription to another user then the personal information of the referrer will only be used for the purpose for which it has been shared. Other than the purpose, We won’t provide or process the referrals personal information for analytics, direct marketing etc. without prior consent provided by the referral to receive such services from us.
We may receive financial or transactional information (for e.g., transaction ID, order ID etc.) from third party vendors in case of payments, for reconciliation and validation of transactions and also for the purpose of resolutions of complaints (in case of failed transactions and refunds).
Neocortex does not knowingly solicit or collect personal data from children below the age of 18 (Eighteen Years). Neocortex does not knowingly permit any person who is under 18 years of age to register with the services or to provide any other personally identifying information. If Neocortex becomes aware that any personally identifiable information of persons less than 18 years of age has been collected on the Neocortex without verified parental consent, then Neocortex will take the appropriate steps to delete any such information and notify the parent. However, we consider it the responsibility of parents to monitor their children’s use of our services. Nevertheless, it is our policy not to collect and process any personal information from children below 18 years of age or offer to send any promotional materials to persons in that category. Neocortex does not seek or intend to seek or receive any personal information from children. Should a parent or guardian have reasons to believe that a minor has provided Neocortex with personal information without their prior consent, please contact our customer support team to ensure that the personal information is removed from the Neocortex.
The following paragraphs describe the various purposes for which We collect and use your Personal Data, and the different types of Personal Data that are collected for each purpose. Please note that not all of the uses below will be relevant to every individual.
We will only collect and process personal data about you where we have lawful basis. Lawful basis on which we would process your personal information includes obtaining explicit consent from you for processing your personal information or processing for “legitimate interests” where processing is necessary by us to provide you with services (For e.g. processing your information by our group companies/affiliates).
We may also use your information:
We use information to provide, analyze, administer, enhance and personalize our service and marketing efforts, to process your registration, to provide you services, and to communicate with you related to below mentioned points. For example, we use information to:
JUSTIFICATION OF USAGE OF DATA:
How your information is used for Advertising
We use third-party advertising companies to serve ads when you visit or use our website, mobile application or services. These companies may use information (not including your name, address, email address or telephone number or other personally identifiable information) about your visits or use of a particular website, mobile application or service, in order to provide advertisements about goods and services of interest to you.
Presentation of information to our advertisers for helping them to understand our audience(s) and to know the value of advertising on our websites or applications, is usually in form of aggregated statistics on traffic to various pages / content within our websites or Applications.
We do not provide any personally identifiable information to any third party websites / advertisers / ad-servers without obtaining your consent.
Information Use by the Company
The Information supplied by you enables us to improve our services and provide you the most user-friendly experience(s). In some cases, for e.g. provision of certain service(s) or utility (ies), we may require your contact information as well. All required information is service dependent and the Company may use the above said user. Information to, maintain, protect, and improve the Services (including advertising on the "Application") and for developing new services. We may also use your email address or other personally identifiable information to send commercial or marketing messages with your consent [with an option to withdraw your consent (wherever feasible)]. Any personally identifiable information provided by you will not be considered as sensitive if it is freely available and / or accessible in the public domain like any comments, messages, blogs, scribbles available on social platforms like Facebook, twitter etc.
When you register with the Application or Services, we may contact you from time to time about updating your personal information to provide you features that we believe may benefit / interest you.
In addition to the Neocortex entities We share your Personal Data with the following types of third party organizations subject to obtaining your consent as may be required in some jurisdictions, we may share or disclose your personal data as necessary for the purposes described above and as further detailed below:
We may offer some of our Services together with or through third parties who may be system integrators, resellers, solution partners, network partners and affinity organizations. If we do so, we will need to share your personal data with these third parties to assist in providing and marketing that Service to you, as well as to enable the third parties to market their own products and services to you (with your permission, if required). We may also share your personal data with companies that are system integrators, resellers, solution partners, network partners and affinity organizations, and whom we believe might offer products and services of interest to you (again with your permission, if required).
In accordance with applicable laws, We will use your Personal Data for as long as necessary to satisfy the purposes for which your Personal Data was collected or to comply with applicable legal requirements. Personal data used to provide you with a personalized experience will be kept for a duration permitted by applicable laws.
We retain the information which we have collected no longer than is necessary. This is determined on a case by case basis . Normally we will retain the information as long as you maintain an account with us and till the time you continue to access and use our services. We retain personal data for as long as and/or for no longer than we are permitted to do by applicable law, regulation, tax or accounting practice or the terms of any governmental telecommunications licenses or authorizations to which we may be subject. We also delete personal data in accordance with any contractual obligations that we may be subject to (for example if we are processing personal data on behalf of one of our customers rather than for our own business purposes).
Where maximum or minimum data retention periods are not otherwise stipulated, we determine appropriate retention period for the personal data by considering: the amount, nature and sensitivity of the personal data contained in the records; the potential risk of harm from unauthorised use or disclosure of personal data; the purposes for which we process the personal data and whether we may be able achieve those purposes through other means; whether the personal data can be permanently and effectively anonymized; the security measures in place in relation to that personal data and any other relevant factors.
We will delete your information whenever you request us to do so. However, we may archive and/or retain some information for legal purposes.
We retain your personal information as long as necessary for us to provide services to you or you ask us to not retain your data. If you no longer want us to use your information, then you can request that we erase your personal information and close your account. Please note that if you request for the erasure of your personal information; Your request will be processed, and you will receive confirmation of the same via email. Please note that this will only perform a deletion of the information that has been collected by us and will disable your SSO information for Neocortex.
Please note that if you have multiple accounts with us, then you will have to raise separate requests for each of the accounts, along with the associated email IDs or phone numbers.
We use appropriate measures (described below) to keep your Personal Data confidential and secure. Please note, however, that these protections do not apply to information you choose to share in public areas such as third party social networks.
People who can access your Personal Dat: Your Personal Data will be processed by our authorised staff or agents, on a need to know basis, depending on the specific purposes for which your Personal Data have been collected (e.g. our staff in charge of consumer care matters will have access to your consumer record).
Measures taken in operating environment: We store your Personal Data in operating environments that use reasonable security measures to prevent unauthorised access. We follow reasonable standards to protect Personal Data. The transmission of information via the Internet is, unfortunately, not completely secure and although We will do our best to protect your Personal Data, We cannot guarantee the security of the data during transmission through our Websites/apps.
Measures We expect you to take: It is important that you also play a role in keeping your Personal Data safe and secure. When signing up for an online account, please be sure to choose an account password that would be difficult for others to guess and never reveal your password to anyone else. You are responsible for keeping this password confidential and for any use of your account. If you use a shared or public computer, never choose to have your login ID/email address or password remembered and make sure to log out of your account every time you leave the computer. You should also make use of any privacy settings or controls We provide you in our Website/app.
DATA TRANSFER, STORAGE & PROCESSING GLOBALLY: Because of the international nature of our business, we may need to transfer your personal data within the Neocortex group, and to third parties, in connection with the purposes set out in this Privacy Notice. For this reason, we may transfer your personal data to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
INTERNATIONAL TRANSFER OF PERSONAL DATA:
To enforce your rights, please use the details provided in the “Contact. In doing so, please ensure that an unambiguous identification of your person is possible.
1 Right to information and access
You have the right to obtain confirmation from us about whether or not your personal data is being processed, and, if this is the case, access to your personal data.
2 Right to correction and deletion
You have the right to obtain the rectification of inaccurate personal data. As far as statutory requirements are fulfilled, you have the right to obtain the completion or deletion of your data.
This does not apply to data which is necessary for billing or accounting purposes or which is subject to a statutory retention period. If access to such data is not required, however, its processing is restricted (see the following).
3 Restriction of processing
As far as statutory requirements are fulfilled, you have the right to demand for restriction of the processing of your data.
4 Data portability
As far as statutory requirements are fulfilled you may request to receive data that you have provided to us in a structured, commonly used and machine-readable format or – if technically feasible – that we transfer those data to a third party.
5 Right of objection
5.1 · Objection to direct marketing
Additionally, you may object to the processing of your personal data for direct marketing purposes at any time. Please take into account that due to organizational reasons, there might be an overlap between your objection and the usage of your data within the scope of a campaign which is already running.
5.2 · Objection to data processing based on the legal basis of “legitimate interest”
In addition, you have the right to object to the processing of your personal data at any time, insofar as this is based on “legitimate interest”. We will then terminate the processing of your data, unless we demonstrate compelling legitimate grounds according to legal requirements which override your rights.
6 Withdrawal of consent
In case you consented to the processing of your data, you have the right to revoke this consent at any time with effect for the future. The lawfulness of data processing prior to your withdrawal remains unchanged.
7 Right to lodge complaint with supervisory authority
You have the right to lodge a complaint with a supervisory authority. You can appeal to the supervisory authority which is responsible for your place of residence or your state of residency or to the supervisory authority responsible for us.
RESOLUTION OF RIGHTS:
To exercise any of these rights, to raise any concerns about our privacy practices, or to obtain other privacy related information, you can get in touch with us, see our contact details above. If you have unresolved concerns, you may have the right to complain to your relevant national data protection authority. Please do contact us before making such a complaint however as we would appreciate the opportunity to investigate and address your concerns first.
Access to Personal Data: You have the right to access, review and request a physical or electronic copy of information held about you. You also have the right to request information on the source of your Personal Data.
These rights can be exercised by sending Us an e-mail firstname.lastname@example.org or writing to us at NeoCortex Life Sciences Private Limited, Reg Off: 8-2-293/82/A/384, ROAD NO.22, JUBILEE HILLS, HYDERABAD, Telangana, 500033 attaching a copy of your ID or equivalent details (where requested by Us and permitted by law). If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected. Please note that any identification information provided to Us will only be processed in accordance with, and to the extent permitted by applicable laws.
Additional rights (e.g. modification, deletion of Personal Data): Where provided by law, you can
(i) request deletion, the portability, correction or revision of your Personal Data;
(ii) limit the use and disclosure of your Personal Data; and
(iii) revoke consent to any of our data processing activities.
Please note that, in certain circumstances, We will not be able to delete your Personal Data without also deleting your user account. We may be required to retain some of your Personal Data after you have requested deletion, to satisfy our legal or contractual obligations. We may also be permitted by applicable laws to retain some of your Personal Data to satisfy our business needs. When you use the Services Website/application (or any of its sub sites), we make good faith efforts to provide you, as and when requested by you, with access to your personal information and shall further ensure that any personal information or sensitive personal data or information found to be inaccurate or deficient shall be corrected or amended as feasible. We ask individual users to identify themselves and the information requested to be accessed or corrected before processing such requests. We may decline to process requests that are unreasonably repetitive or systematic, requiring disproportionate technical effort, jeopardizing the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. You can make access requests by sending an e-mail to our Grievance officer . You can ask us to correct inaccurate or incomplete personal information.
Where available, our Websites have a dedicated feature through which you can review and edit the Personal Data that you have provided. Please note that We require our registered consumers to verify their identity (e.g. login ID/email address, password) before they can access or make changes to their account information. This helps prevent unauthorised access to your account.
We hope that We can satisfy queries you may have about the way we process your Personal Data. However, if you have unresolved concerns you also have the right to complain to competent data protection authorities.
We strive to provide you with choices regarding the Personal Data that you provide to Us. The following mechanisms give you the following control over your Personal Data:
Cookies/Similar Technologies: You manage your consent via (i) our consent management solution or (ii) your browser so as to refuse all or some cookies/similar technologies, or to alert you when they are being used. Please see Section 4 above.
Advertising, marketing and promotions: You can consent for your Personal Data to be used by Nestlé to promote its products or services through tick-box(es) located on the registration forms or by answering the question(s) presented by our Customer Care representatives. If you decide that you no longer wish to receive such communications, you can subsequently unsubscribe from receiving marketing-related communications at any time, by following the instructions provided in each such communication. To unsubscribe from marketing communications sent by any medium, including third party social networks, you can opt-out at any time by unsubscribing through links available in our communications, logging into the Websites/apps or third party social networks and adjusting your user preferences in your account profile by unchecking the relevant boxes or by calling our Customer Care. Please note that, even if you opt-out from receiving marketing communications, you will still receive administrative communications from Us, such as order or other transaction confirmations, notifications about your account activities (e.g. account confirmations, password changes, etc.), and other important non marketing related announcements.
Personalization (offline and online): Where required by law, if you wish to have your Personal Data used by Neocortex to provide you with a personalized experience/targeted advertising & content, you can indicate so through the relevant tick-box(es) located on the registration form or by answering the question(s) presented by our CES representatives. If you decide that you no longer wish to benefit from this personalization, you can opt-out at any time by logging into the Websites/apps and adjusting your user preferences in your account profile by unchecking the relevant boxes or by calling our Customer Care.
Targeted Advertising: We partner with ad networks and other ad serving providers ("Advertising Providers") that serve advertising on behalf of Us and other non-affiliated companies on the Internet. Some of those advertisements are tailored to your interests based on information collected on Neocortex sites or on non-affiliated websites over time. You can visit www.aboutads.info/choices to learn more about this type of advertising, as well as about how to opt-out of interest-based advertising practices from companies that participate in the Digital Advertising Alliance's ("DAA") self-regulatory program. Additionally, you can opt-out of this type of advertising in mobile applications from companies that participate in the DAA's AppChoices app by downloading the app from the iOS or Android app store. You can also stop the collection of precise location data from a mobile device by accessing your device location service settings.
If We change the way We handle your Personal Data, We will update this Notice. We reserve the right to make changes to our practices and this Notice at any time, please check back frequently to see any updates or changes to our Notice.
Security is our highest priority. We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. To prevent unauthorized access, maintain data accuracy and ensure the correct use of information, we have put in place physical, electronic, and managerial procedures to safeguard and secure the personal data we collect through our Sites and in the provision of our services. These include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store personal data. All information gathered is securely stored within the Company controlled database. The database is stored on servers secured behind a firewall on the cloud; access to the servers is password-protected and is strictly limited. However, as effective as our security measures are, no security system is impenetrable, and so we cannot assure you that personal data that we collect will never be accessed or used in an unauthorised way, which may happen due to circumstances beyond our reasonable control. We have put in place procedures to deal with a suspected personal data breach, and we shall notify you and any applicable regulator of a breach where we are legally required to do so. If you know or have reason to believe that your account credentials have been lost, stolen, altered, or otherwise compromised or in case of any actual or suspected unauthorized use of your account, please contact us by contacting our customer support team. If you have a user name and password to access our Services, you should take steps to protect against unauthorized access to your password, phone and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen or compromised passwords, or for any activity on your account via unauthorized password activity or other security breach caused by you.
To ask questions or make comments on this Notice and our privacy practices or to make a complaint about our compliance with applicable privacy laws, please contact Us at email@example.com or writing to us at :
Neocortex Life Sciences Pvt. Ltd., 8-2-293/82/A/384, Road No.22, Jubilee Hills, Hyderabad, Telangana, 500033 or
contact our customer care at firstname.lastname@example.org.
We will acknowledge and investigate any complaint about the way We manage Personal Data (including a complaint that We have breached your rights under applicable privacy laws).