Your privacy is important to us. It is YogHaealthWeb’s policy to respect your privacy regarding any information we may collect from you across our website, https://www.yogahealthweb.com, and other sites we own and operate.
We only ask for personal information when we truly need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used.
We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we’ll protect within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification.
We don’t share any personally identifying information publicly or with third-parties, except when required to by law.
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.
You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some of your desired services.
Your continued use of our website will be regarded as an acceptance of our practices around privacy and personal information. If you have any questions about how we handle user data and personal information, feel free to contact us.
This policy is effective as of 18 September 2020.
What Personal Data We Collect and Why We Collect It
We collect personal data to manage our customer relationship with you, target marketing and develop products and services according to our customers’ preferences.
We process your personal data only for predefined and lawful purposes.
Customer relationship management
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We collect the following data:
Personal identification information (Name and email address (if you provide it) and IP address)
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded Content from other Websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We currently use Google Analytics (traffic analysis, SEO optimization).
– Google Analytics: anonymous (ad serving domains, browser type, demographics, language settings, page views, time/date), pseudonymous (IP address)
We also use social buttons provided by services like Twitter, Google+, LinkedIn, and Facebook. Your use of these third-party services is entirely optional. We are not responsible for the privacy policies and/or practices of these third-party services, and you are responsible for reading and understanding those third party services’ privacy policies.
We employ and contract with people and other entities that perform certain tasks on our behalf and who are under our control (our “Agents”). We may need to share personal information with our Agents in order to provide products or services to you. Unless we tell you differently, our Agents do not have any right to use Personal Information or other information we share with them beyond what is necessary to assist us. You hereby consent to our sharing of Personal Information with our Agents.
We may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your personal information as set forth in this policy.
Who We Share Your Data With
We only use your personal information to provide you the Contently services or to communicate with you about the services or the Website.
With respect to any documents you may choose to upload to Contently, we take the privacy and confidentiality of such documents seriously. We encrypt all documents, and permanently delete any redacted edits you make to documents. If you choose to make a document public, we recommend you redact any and all references to people and addresses, as we can’t protect public data and we are not responsible for any violation of privacy law you may be liable for.
We employ industry-standard techniques to protect against unauthorized access of data about you that we store, including personal information.
We do not share personal information you have provided to us without your consent, unless:
– doing so is appropriate to carry out your own request;
– we believe it’s needed to enforce our Terms of Service, or that is legally required;
– we believe it’s needed to detect, prevent or address fraud, security or technical issues;
– otherwise protect our property, legal rights, or that of others.
How Long We Retain Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What Rights You Have Over Your Data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where We Send Your Data
Visitor comments may be checked through an automated spam detection service.
How We Protect Your Data
We securely store your data on a protected database which only we have access to.
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request to complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
What Data Breach Procedures We Have in Place
Data Protection Laws in India
Data Protection refers to the set of privacy laws, policies, and procedures that aim to minimise intrusion into one’s privacy caused by the collection, storage, and dissemination of personal data. Personal data generally refers to the information or data which relates to a person who can be identified from that information or data whether collected by any Government or any private organization or an agency.
The Constitution of India does not patently grant the fundamental right to privacy. However, the courts have read the right to privacy into the other existing fundamental rights, ie, freedom of speech and expression under Art 19(1)(a) and the right to life and personal liberty under Art 21 of the Constitution of India. However, these Fundamental Rights under the Constitution of India are subject to reasonable restrictions given under Art 19(2) of the Constitution that may be imposed by the State. Recently, in the landmark case of Justice K S Puttaswamy (Retd.) & Anr. vs. Union of India and Ors., the constitution bench of the Hon’ble Supreme Court has held the Right to Privacy as a fundamental right, subject to certain reasonable restrictions.
India presently does not have any express legislation governing data protection or privacy. However, the relevant laws in India dealing with data protection are the Information Technology Act, 2000 and the (Indian) Contract Act, 1872. A codified law on the subject of data protection is likely to be introduced in India in the near future.
The (Indian) Information Technology Act, 2000 deals with the issues relating to the payment of compensation (Civil) and punishment (Criminal) in case of wrongful disclosure and misuse of personal data and violation of contractual terms in respect of personal data.
Under section 43A of the (Indian) Information Technology Act, 2000, a body corporate who is possessing, dealing or handling any sensitive personal data or information, and is negligent in implementing and maintaining reasonable security practices resulting in wrongful loss or wrongful gain to any person, then such body corporate may be held liable to pay damages to the person so affected. It is important to note that there is no upper limit specified for the compensation that can be claimed by the affected party in such circumstances.
The Government has notified the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. The Rules only deals with protection of “Sensitive personal data or information of a person”, which includes such personal information which consists of information relating to:-
Financial information such as bank account or credit card or debit card or other payment instrument details;
Physical, physiological, and mental health condition;
Medical records and history;
The rules provide the reasonable security practices and procedures, which the body corporate or any person who on behalf of body corporate collects, receives, possess, store, deals or handle information is required to follow while dealing with “Personal sensitive data or information”. In case of any breach, the body corporate or any other person acting on behalf of body corporate, the body corporate may be held liable to pay damages to the person so affected.
Under section 72A of the (Indian) Information Technology Act, 2000, disclosure of information, knowingly and intentionally, without the consent of the person concerned and in breach of the lawful contract has been also made punishable with imprisonment for a term extending to three years and fine extending to Rs 5,00,000 (approx. US$ 8,000).
It is to be noted that s 69 of the Act, which is an exception to the general rule of maintenance of privacy and secrecy of the information, provides that where the Government is satisfied that it is necessary in the interest of:
the sovereignty or integrity of India,
defense of India,
security of the State,
friendly relations with foreign States or
public order or
for preventing incitement to the commission of any cognizable offense relating to above or
for investigation of any offense,
It may by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information generated, transmitted, received or stored in any computer resource. This section empowers the Government to intercept, monitor, or decrypt any information including information of personal nature in any computer resource.
Where the information is such that it ought to be divulged in the public interest, the Government may require disclosure of such information. Information relating to anti-national activities that are against national security, breaches of the law or statutory duty or fraud may come under this category.
Information Technology Act, 2000
The Information Technology Act, 2000 (hereinafter referred to as the “IT Act”) is an act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of an alternative to paper-based methods of communication and storage of information to facilitate electronic filing of documents with the Government agencies.
Grounds on which Government can interfere with Data
Under section 69 of the IT Act, any person, authorized by the Government or any of its officer specially authorized by the Government, if satisfied that it is necessary or expedient so to do in the interest of sovereignty or integrity of India, defense of India, the security of the State, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offense relating to above or for investigation of any offense, for reasons to be recorded in writing, by order, can direct any agency of the Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information generated, transmitted, received or stored in any computer resource.
The scope of section 69 of the IT Act includes both interception and monitoring along with decryption for the purpose of investigation of cyber-crimes. The Government has also notified the Information Technology (Procedures and Safeguards for Interception, Monitoring, and Decryption of Information) Rules, 2009, under the above section.
The Government has also notified the Information Technology (Procedures and Safeguards for Blocking for Access of Information) Rules, 2009, under section 69A of the IT Act, which deals with the blocking of websites. The Government has blocked access to various websites.
Penalty for Damage to Computer, Computer Systems, etc. under the IT Act
Section 43 of the IT Act, imposes a penalty without prescribing any upper limit, doing any of the following acts:
1. Accesses or secures access to such computer, computer system, or computer network;
2. Downloads, copies, or extracts any data, computer database or information from such computer, computer system, or computer network including information or data held or stored in any removable storage medium;
3. Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system, or computer network;
4. Damages or causes to be damaged any computer, computer system or computer network, data, computer database or any other programs residing in such computer, computer system or computer network;
5. Disrupts or causes disruption of any computer, computer system, or computer network;
6. Denies or causes the denial of access to any person authorized to access any computer, computer system or computer network by any means; (g) provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder;
7. Charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network, he shall be liable to pay damages by way of compensation to the person so affected.
8. Destroys, deletes, or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means;
9. Steel, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage.
Tampering with Computer Source Documents as provided for under the IT Act, 2000
Section 65 of the IT Act lays down that whoever knowingly or intentionally conceals, destroys, or alters any computer source code used for a computer, computer programme, computer system or computer network, when the computer source code is required to be kept or maintained by law for the time being in force, shall be punishable with imprisonment up to three years, or with fine which may extend up to Rs 2,00,000 (approx. US$3,000), or with both.
Section 66 provides that if any person, dishonestly or fraudulently does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to Rs 5,00,000 (approx. US$ 8,000)) or with both.
Penalty for Breach of Confidentiality and Privacy
Section 72 of the IT Act provides for penalty for breach of confidentiality and privacy. The Section provides that any person who, in pursuance of any of the powers conferred under the IT Act Rules or Regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned, discloses such material to any other person, shall be punishable with imprisonment for a term which may extend to two years, or with fine which may extend to Rs 1,00,000, (approx. US$ 3,000) or with both.
Amendments as introduced by the IT Amendment Act, 2008
Section 10A was inserted in the IT Act which deals with the validity of contracts formed through electronic means which lays down that contracts formed through electronic means “shall not be deemed to be unenforceable solely on the ground that such electronic form or means was used for that purpose”.
The following important sections have been substituted and inserted by the IT Amendment Act, 2008:
1. Section 43A – Compensation for failure to protect data.
2. Section 66 – Computer Related Offences
3. Section 66A – Punishment for sending offensive messages through communication service, etc. (This provision had been struck down by the Hon’ble Supreme Court as unconstitutional on 24th March 2015 in Shreya Singhal vs. Union of India)
4. Section 66B – Punishment for dishonestly receiving stolen computer resource or communication device.
5. Section 66C – Punishment for identity theft.
6. Section 66D – Punishment for cheating by personation by using computer resource.
7. Section 66E – Punishment for violation for privacy.
8. Section 66F – Punishment for cyber terrorism.
9. Section 67 – Punishment for publishing or transmitting obscene material in electronic form.
10. Section 67A – Punishment for publishing or transmitting of material containing sexually explicit act, etc, in electronic form.
11. Section 67B – Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc, in electronic form.
12. Section 67C – Preservation and Retention of information by intermediaries.
13. Section 69 – Powers to issue directions for interception or monitoring or decryption of any information through any computer resource.
14. Section 69A – Power to issue directions for blocking for public access of any information through any computer resource.
15. Section 69B – Power to authorize to monitor and collect traffic data or information through any computer resource for cybersecurity.
16. Section 72A – Punishment for disclosure of information in breach of lawful contract.
17. Section 79 – Exemption from liability of intermediary in certain cases.
18. Section 84A –Modes or methods for encryption.
19. Section 84B –Punishment for abetment of offenses.
20. Section 84C –Punishment for attempt to commit offenses.
What Third Parties We Receive Data From
• how visitors reached our website (eg from an advert, from social networks, from Google, etc)
• the site usage of visitors to our website (such as the number of pages viewed, time spent on individual pages, the pages visitors leave our site on)
• how often visitors return to our site
• visitor technology (eg browser, operating system, device, etc).
These statistics help us make our site as user-friendly as possible, to ensure a good experience for all visitors.
Google Analytics – a program that helps us measure site usage.
What automated decision making and/or profiling we do with user data
Regarding profiling, we use the tracking tool Google Analytics. For further information about our use of Google Analytics.
Industry Regulatory Disclosure Requirements
Additional disclosure laws apply to the securities industry and to the ownership of securities. Officers, directors, and principal stockholders (defined as holding 10 percent or more of the company’s stock) of publicly owned companies must submit two reports to the SEC.