docdune privacy policy and data privacy
At docdune, keeping your information secure is a top priority for us, and we are committed to the security and privacy of our users. This means we're always working hard to safeguard your data and continually earn your trust. If you have questions regarding security, we are happy to answer them. Please write to [email protected] , and we will respond as quickly as we can.
We place strict controls over our employees' access to user data and have technical controls and audit policies in place to ensure the confidentiality, integrity, and availability of user data. Our employees and contracted personnel working with any user data are bound to our policies, and we treat these issues as matters of the highest importance.
Everyone at docdune receives regular training to ensure that we remain focused on privacy and security. This includes privacy training that covers the Health Insurance Portability and Accountability Act ("HIPAA") and Digital Information Security in Healthcare Act (DISHA), which establishes national standards for protecting the identifiable health information of health plan beneficiaries and patients, and other relevant state and federal laws. We also ensure that our employees receive annual data security training, regardless of their role in the company.
docdune works with outside experts to maintain high standards and rigorous security practices. We hire third parties to test our services and processes as part of our recurring penetration testing program. In addition, we conduct SOC 2 Type II audits annually.
We employ industry-standard technology to safeguard data. Our platform uses full volume encryption on all data stored at rest, with secure backups and robust backup policies. We also use Transport Layer Security (TLS) connections to transmit data over HTTPS.
docdune leverages secure cloud computing, including Amazon Web Services (AWS), to store data in physically and electronically secure facilities. For a list of all current AWS security accreditations, see the AWS Compliance Programs page.
In addition to sophisticated system monitoring and logging, we utilize robust administrative identity, authorization, accountability, and authentication controls (including multi-factor authentication), as well as intrusion prevention and detection controls to protect our platform.
We have a vulnerability management policy that covers internal and external testing, including annual third-party penetration testing, to find and remediate vulnerabilities that may present a risk to our platform or data.
docdune operates an extensive security information and events management system. docdune maintains a centralized logging environment, which contains events pertaining to security, monitoring, availability, access, and other metrics about the platform. We review our logging and monitoring systems regularly and respond promptly to automatic alerts.
docdune has incident management policies and procedures in place in the event of a security breach. This includes notifying users of any unauthorized access to their data in the event of a breach as defined under relevant state laws.
New features, functionality, and design changes go through a security review process facilitated by the docdune development team. We utilize automated static analysis software, and our teams manually peer-review code prior to being deployed to production. The Information Security team works closely with development teams to resolve any security concerns that may arise during development.
docdune operates a vendor management program, which requires our Legal and Information Security Teams to evaluate all third-party vendors, service providers, and partners. We review each potential service provider to ensure that our vendors continue to meet docdune's strict security and legal standards.
We maintain a disaster recovery plan that supports a robust business continuity strategy. This plan has been developed to meet industry standard methodologies and principles of high-availability engineering.
Still have questions or comments? Please reach out to [email protected].
Privacy Policy: Our agreement with you outlines how we collect, use, and share your data.
Terms of Use: Your rights, responsibilities, and relationship with docdune and our providers.
Acceptable Use Policy: Guidelines for your appropriate use of our basic services.
This Privacy Policy describes how XLCLOUDIFY PVT LTD and its affiliates (collectively " XLCLOUDIFY PVT LTD, we, our, us") collect, use, share, protect, or otherwise process your information/ personal data through our app https://play.google.com/store/apps/details?id=com.xlcloudify.docdune&hl=en_IN (hereinafter referred to as Platform). Please note that you may be able to browse certain sections of the platform without registering with us. We do not offer any product /service under this platform outside India, and your personal data will primarily be stored and processed in India. By visiting this Platform, providing your information or availing any product/service offered on the Platform, you expressly agree to be bound by the terms and conditions of this Privacy Policy, the Terms of Use and the applicable service/product terms and conditions, and agree to be governed by the laws of India including but not limited to the laws applicable to data protection and privacy. If you do not agree, please do not use or access our platform.
We collect your personal data when you use our Platform, services, or otherwise interact with us during the course of our relationship, and related information provided from time to time. Some of the information that we may collect includes, but is not limited to personal data/information provided to us during sign-up/registering or using our platform such as name, date of birth, address, telephone/mobile number, email IDand/or any such information shared as proof of identity or address. Some of the sensitive personal data may be collected with your consent, such as your bank account or credit or debit card or other payment instrument information or biometric information such as your facial features or physiological information (in order to enable use of certain features when opted for, available on the Platform) etc all of the above being in accordance with applicable law(s) You always have the option to not provide information, by choosing not to use a particular service or feature on the Platform. We may track your behaviour, preferences, and other information that you choose to provide on our Platform. This information is compiled and analysed on an aggregated basis. We will also collect your information related to your transactions on the platform and such third-party business partner platforms. When such a third-party business partner collects your personal data directly from you, you will be governed by their privacy policies. We shall not be responsible for the third-party business partner's privacy practices or the content of their privacy policies, and we request that you read their privacy policies prior to disclosing any information. If you receive an email or a call from a person/association claiming to be XLCLOUDIFY PVT LTD seeking any personal data like debit/credit card PIN, net-banking, or mobile banking password, we request you to never provide such information. If you have already revealed such information, report it immediately to an appropriate law enforcement agency.
We use personal data to provide the services you request. To the extent we use your personal data to market to you, we will provide you with the ability to opt out of such uses. We use your personal data to assist sellers and business partners in handling and fulfilling orders; enhancing customer experience; to resolve disputes; troubleshoot problems; inform you about online and offline offers, products, services, and updates; customise your experience; detect and protect us against error, fraud and other criminal activity; enforce our terms and conditions; conduct marketing research, analysis and surveys; and as otherwise described to you at the time of collection of information. You understand that your access to these products/services may be affected in the event that permission is not provided to us.
We may share your personal data internally within our group entities, our other corporate entities, and affiliates to provide you access to the services and products offered by them. These entities and affiliates may market to you as a result of such sharing unless you explicitly opt out. We may disclose personal data to third parties such as sellers, business partners, third-party service providers, including logistics partners, prepaid payment instrument issuers, third-party reward programs, and other payment options opted by you. These disclosures may be required for us to provide you access to our services and products offered to you, to comply with our legal obligations, to enforce our user agreement, to facilitate our marketing and advertising activities, and to prevent, detect, mitigate, and investigate fraudulent or illegal activities related to our services. We may disclose personal and sensitive personal data to government agencies or other authorised law enforcement agencies if required to do so by law or in good faith belief that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process. We may disclose personal data to law enforcement offices, third party rights owners, or others in the good faith belief that such disclosure is reasonably necessary to: enforce our Terms of Use or Privacy Policy; respond to claims that an advertisement, posting or other content violates the rights of a third party; or protect the rights, property or personal safety of our users or the general public.
To protect your personal data from unauthorised access or disclosure, loss, or misuse, we adopt reasonable security practices and procedures. Once your information is in our possession or whenever you access your account information, we adhere to our security guidelines to protect it against unauthorised access and offer the use of a secure server. However, the transmission of information is not completely secure for reasons beyond our control. By using the Platform, the users accept the security implications of data transmission over the internet and the World Wide Web, which cannot always be guaranteed as completely secure, and therefore, there would always remain certain inherent risks regarding use of the Platform. Users are responsible for ensuring the protection of login and password records for their accounts.
You have the option to delete your account by visiting your profile and settings on our platform. This action would result in you losing all information related to your account. You may also write to us at the contact information provided below to assist you with these requests. We may, in the event of any pending grievance, claims, pending shipments, or any other services may refuse or delay deletion of the account. Once the account is deleted, you will lose access to the account. We retain your personal data information for a period no longer than is required for the purpose for which it was collected or as required under any applicable law. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse or for other legitimate purposes. We may continue to retain your data in anonymised form for analytical and research purposes.
You may access, rectify, and update your personal data directly through the functionalities provided on the platform.
By visiting our platform or by providing your information, you consent to the collection, use, storage, disclosure, and otherwise processing of your information on the platform in accordance with this Privacy Policy. If you disclose to us any personal data relating to other people, you represent that you have the authority to do so and permit us to use the information in accordance with this Privacy Policy. You, while providing your personal data over the platform or any partner platforms or establishments, consent to us (including our other corporate entities, affiliates, lending partners, technology partners, marketing channels, business partners and other third parties) to contact you through SMS, instant messaging apps, call and/or e-mail for the purposes specified in this Privacy Policy. You have the option to withdraw your consent that you have already provided by writing to the Grievance Officer at the contact information provided below. Please mention “Withdrawal of consent for processing personal data” in the subject line of your communication. We may verify such requests before acting on them. However, please note that your withdrawal of consent will not be retrospective and will be in accordance with the Terms of Use, this Privacy Policy, and applicable laws. In the event you withdraw consent given to us under this Privacy Policy, we reserve the right to restrict or deny the provision of our services for which we consider such information to be necessary.
Please check our Privacy Policy periodically for changes. We may update this Privacy Policy to reflect changes to our information practices. We may alert/notify you about the significant changes to the Privacy Policy, in the manner as may be required under applicable laws.
Still have questions or comments? Please reach out to [email protected]
