Privacy Policy
Sahej Life (“Sahej”, “we”, “us”) respects your privacy. This Policy explains what personal data we collect, how we use and protect it, and the rights you have — including under India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”). Because Sahej helps you access healthcare, we may handle health information, which we treat with particular care.
For the purposes of the DPDP Act, the data fiduciary is registered legal entity name — to be confirmed, contactable at team@sahej.life.
Information we collect
- Identity & contact data: your name, phone number, and (if provided) email and address.
- Health information: the symptoms, conditions, service needs and care preferences you share so we can match and coordinate care. This is sensitive personal data.
- Booking & transaction data: appointments, sessions, care records, and payment status (payment card details are handled by our payment partner, not stored by us).
- Usage & device data: how you interact with the Platform, and basic device/technical information needed to operate and secure it.
- Consent records: the purpose you consented to, when, and the version of the consent text shown.
How we collect it
We collect information directly from you — through WhatsApp, web forms, a missed-call or callback, or during your care journey — and, for Provider listings, from public directories and Providers themselves. We use limited, essential cookies and similar technologies as described in our Cookie Policy.
Purpose and lawful basis (consent)
We process your personal data for specified, lawful purposes, on the basis of your consent (or another lawful basis permitted by the DPDP Act). We ask for consent before processing, in clear language, and you can withdraw it at any time (see “Your rights”).
We collect only what we need for the purpose, and we do not use your health information for advertising.
How we use your information
- to understand your needs and match you with suitable Providers;
- to arrange, confirm and coordinate bookings, sessions and follow-ups;
- to maintain your care record and share relevant details with the Provider you choose;
- to process payments and, where applicable, refunds;
- to send you service messages (confirmations, reminders, and — only with consent — helpful nudges), subject to frequency limits;
- to keep the Platform safe, prevent misuse, and meet legal obligations.
Who we share it with
We share your information only as needed to provide the service:
- the Provider you are matched with or book, so they can deliver care;
- service providers who process data on our behalf under contract — for example our payment gateway, WhatsApp business messaging provider, and cloud hosting provider — bound to protect it and use it only for our instructions;
- authorities or others where required by law, or to protect rights and safety.
We do not sell your personal data.
Where your data is processed
Our infrastructure is currently hosted in Singapore. Where personal data is processed outside India, we do so in accordance with the DPDP Act and applicable transfer rules, and we apply appropriate safeguards. If regulations or our hosting arrangements change, we will update this Policy.
How long we keep it, and erasure
We keep personal data only for as long as needed for the purposes above or as required by law. You may ask us to erase your personal data; we will action valid erasure requests within 30 days, except where we must retain certain records to meet legal, accounting or safety obligations. Anonymised or aggregated data that no longer identifies you may be retained.
Your rights
Subject to the DPDP Act, you have the right to:
- access a summary of the personal data we process about you;
- request correction or updating of inaccurate or incomplete data;
- request erasure of your data;
- withdraw consent at any time (this will not affect processing done before withdrawal);
- nominate another person to exercise your rights in the event of death or incapacity;
- raise a grievance with us, and escalate to the Data Protection Board of India.
To exercise any right, email team@sahej.life.
Security
We use reasonable technical and organisational measures to protect your data, including access controls, encryption in transit, and audit logging of sensitive actions. No system is perfectly secure, but we work to protect your information and to notify you and the authorities of a reportable breach as required by law.
Children’s data
Where care is arranged for a minor, we rely on the consent of a parent or lawful guardian, and we do not process a child’s data in ways restricted by the DPDP Act. If you believe a child’s data has been provided without proper consent, contact team@sahej.life.
Cookies
We use limited cookies and similar technologies as described in our Cookie Policy.
Grievance Officer
In line with the DPDP Act and IT rules, you can contact our Grievance Officer for any data-protection concern:
- Name: Grievance Officer name — to be appointed
- Email: team@sahej.life
- Address: registered office address — to be confirmed
We aim to acknowledge grievances promptly and resolve them within the timelines required by law.
Changes to this Policy
We may update this Policy from time to time. Material changes will be notified through the Platform, and the “last updated” date above will change.
इस पेज के बारे में सवाल? team@sahej.life पर ईमेल करें।