Innerhush Private Limited, a company incorporated under the laws of India having its registered office at House No 116, first floor, State Bank Nagar, Pachim Vihar, New Delhi 110063, India (hereinafter referred to as "INNERHUSH") has coined, adopted and is operating the website https://www.innerhush.net and https://www.innerhush.com (including but not limited to software applications, mobile applications, “hereinafter referred to as Digital Platform”) for providing catena of Services.
This Policy document is an ‘electronic record’ within the meaning of section 2(t) of the Information Technology Act, 2000 and the rules made thereunder. This Policy being an electronic record requires no signature.
This Policy should be read in conjunction with the “Terms and Conditions of Use” of the Digital Platform which are deemed to have been incorporated herein by way of reference.
Identity Details, Contact Details, Personal Health Information (PHI), Personal Data, Sensitive Personal Data, Technical Information (such as IP address etc), Security Details (such as User Name, Password), Other Details (as may be required for providing the Services), data from Google Fit, and Apple Health and other fitness devices. We do not share any Identifiable Personal Information with any individuals, organizations and other companies. User(s) information is securely stored and utmost confidentiality is maintained and may be accessed/used/disseminated by us as per the terms specified herein.
The Information provided by User(s)/you and collected by us on this Digital Platform may be accessed/used/disseminated for the following purposes and the User(s) explicitly consent to the same:
Information collected from the User(s)/HCPs/HSPs on the Digital Platform forms an essential part of business structure and may be shared/used as described here in below and User(s) hereby consent to the same:
After User(s) create the account and if there is any change in the Information provided earlier, the User(s) can edit their profile and make necessary modifications. User(s) are solely responsible for the Information provided by them.
Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, phones and other devices. Other technologies, including data we store on your web browser or device, identifiers associated with your device, and other software, are used for similar purposes.
If any User(s) creates an account on this Digital Platform for and on behalf of any other Party/ third party (other than for his use) like their family member(s)/friend(s) such User(s) acknowledge that they are duly authorized by the other Party/third party to create an account on this Digital Platform by furnishing such details as may be required for availing the Services, In case any User(s) is/are creating account on behalf of a minor, such User(s) acknowledge that they are legally authorized to act on behalf of such minors. User(s) acknowledge that Innerhush shall in no case be held responsible/liable for any third party claims/damages if any arising from any action in this regard.
With a view to provide better Services Innerhush may send various communications to the User(s) regarding its Products/Services If the User(s) do not wish to receive such communications they may unsubscribe to such communications as per the procedure set out in those communications.
For availing certain Services/Products the User(s) may be required to subscribe/purchase such Services by entering requisite payment details. The payment details are captured by third party service providers and the User(s) are advised to read the terms and conditions of such third party service providers before making any payment. For the purpose of this section it is clarified that the Digital Platform does not collect sensitive personal or security related information like passwords etc., which are totally under encryption. User(s) may note the Third Party Service Providers are not under the direction, supervision and control of Innerhush and Innerhush expressly disclaims any and all liabilities associated, therewith. User(s) are advised to note this while providing their personal or security related information.
'User information' for the purpose of this Policy includes the User’s personally identifiable information including but not limited to name, email address, residential address, phone number, photograph, identity and address proof and other information collected by Innerhush to provide its Services/Products to the User through their Digital Platform. User(s) have the option not to provide any information if they do not intend to avail any Service/Product. If any User(s) are providing information on behalf any legal entity or third party, such User(s) should be authorized to provide the information.
To protect your privacy and security, Innerhush takes steps to verify Users’ identity before granting Users access to accounts, or before Users can make corrections to their information. Users are advised to maintain a strong password to help ensure the security of user accounts.
Innerhush implements high standard security measures to protect User(s) Information from and against unauthorized access. To this effect, Innerhush uses certain, physical, managerial, technical and operational safeguards as per industry standards and established best practices to protect information of Users which is collected by Innerhush.
Notwithstanding the above, User(s) may note that no online platform can fully eliminate the security risks. Innerhush shall take all possible measures to protect the date, security, confidentiality and integrity of the User(s) information from unauthorised access. User(s) may also note that internet where the Digital Platform is hosted is not completely a secure environment, therefore Innerhush does not warrant a 100% security of the User(s) Information/data from being hacked/misused/copied/used unauthorizedly and in such cases User(s) agree not to hold Innerhush responsible for any consequences arising therefrom.
Notwithstanding anything contained in this Policy or elsewhere, Innerhush shall not be held responsible for any loss, damage or misuse of the User Information, if such loss, damage or misuse is attributable to a Force Majeure Event. A "Force Majeure Event" means any event that is beyond the reasonable control of Innerhush and includes, without limitation, fire, flood, explosion, acts of God, civil commotion, strikes, lock outs or industrial action of any kind, riots, insurrection, war, acts of government, power failure, sabotage, computer hacking, unauthorised access to computer data and storage device, system failure, virus, attacks, bugs, computer crashes, breach of security and encryption.
The User Information resides in Innerhush’s database for a certain period of time even after the User ceases to use or access the Digital Platform and in such cases Innerhush is not be liable for any usage of the User Information after the User ceases to use or access the Digital Platform.
Innerhush may avail services of third party service providers for sending e-mail communications to the User(s). The third party email service provider(s) including but not limited to EmailOctopus and its ESPs (EMAIL SERVICE PROVIDERS) will have access to User(s) information and they will be processing User(s) data and information on Innerhush’s behalf. The third party email service provider(s) service involves their data and placement of cookies and may also contain tracking pixels embedded therein along with other tracking technologies. The User(s) would have the option to enable or disable them. The third party Email service providers also track the open and click activity of the e-mail communications by the User(s). The list of ESPs and other terms of EmailOctopus are available at https://emailoctopus.com/legal/terms and https://emailoctopus.com/legal/privacy. The Users have the option to unsubscribe from receiving such e-mail communications.
Federal law requires us to obtain, verify, and record personal information - such as your name, address and date of birth - in order to confirm your identity, social security number and banking information.
INNERHUSH collects, retains, and uses PI from employees and subcontractors including the following:
The User should be aware that the User Information or other data, the User provides to the Digital Platform for availing the services or transacting through the Digital Platform could be read, collected, or used by other users or third parties in which case the User Information might be used for sending messages or communications.
The User agrees and acknowledges Innerhush’s right to utilize the User’s posts, contents, information and other personal data for the purpose of providing services through the Digital Platform. The contents on the Digital Platform may contain comments, post and reviews posted by the Users which may be public and searchable on the internet in which case the User’s comments, post reviews and information and personal data provided to the Digital Platform may be viewed by other users and Innerhush cannot guarantee that other users or third parties have not made copies of or used the ideas and information that the User has shared on the Digital Platform.
If User(s) unsubscribe from the Services and again intends to avail/subscribe to the Services, he/she is authorizing Innerhush to send such information as may be required, including but not limited to SMS, emails for enabling the User(s) to continue to avail the Services. User(s) hereby explicitly consent and agree that any request pursuant to this clause will override any opt-out/ override any opt-out unsubscribe request given by them earlier.
We do not share nonpublic personal information about our customers (present, former and potential) with anyone, except as required by law, or as follows:
We restrict access to information about you to those employees who need to know that information as part of their job responsibilities. We also educate our employees about the importance of confidentiality and customer privacy through standard operating procedures, special training programs, and our Code of Conduct. We take appropriate disciplinary measures to enforce employee privacy responsibilities. We have developed precautions that comply with federal regulations to ensure the security and confidentiality of customer records and information, to guard against any anticipated threats or hazards to the security or integrity of such records, and to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to our customers or our employees.
INNERHUSH maintains strict information security procedures, including physical, electronic and procedural safeguards, to protect the confidentiality of your information. We conduct semi-annual Risk Privacy Assessments and remediate to update our technology to improve the protection of information storage.
INNERHUSH recognizes that California has articulated specific privacy rights of INNERHUSH Users in that State. California Users should understand that INNERHUSH does not sell User data to third parties. Further, INNERHUSH is a medical records retention company. As such, almost all User data is kept in encrypted storage as a medical record, including all User created transcripts. Sate Law requires INNERHUSH to retain such records for at least seven years. The CCPA does not generally apply to medical information governed by the California Confidentiality of Medical Information Act (CMIA) or protected health information collected by a covered entity or business associate governed by the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (HIPAA) (we do not cover insurance at present) and Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request, once a year, if INNERHUSH have shared their personal information (non medical record data only) with other companies for direct marketing purposes during the preceding calendar year. This is California’s “Shine-the-Light Law.” To request a copy of the information disclosure provided by INNERHUSH, please contact us on innerhush.com at the "contact us" link on the website. Please allow reasonable time for a response.
If you are a California resident under the age of 18, and a registered user of any site where this policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted on our site. INNERHUSH does not have User below the age of 13 and does not typically allow Users to publicly post information. However, if you feel you publicly posted information on the Site and you are between the ages of 13 and 17, please contact us on innerhush.com at the "contact us" link on the website. Please allow reasonable time for a response. Please be aware that such a request does not ensure complete or comprehensive removal of the data/content you have posted and that there may be circumstances in which the law does not require or even allow removal of data, specifically medical data, even if requested.
California Right to Know: You may request access to the specific pieces of personal data we have collected about you in the last 12 months. You may also request additional details about our information practices, including the categories of personal data we have collected about you, the sources of such collection, the categories of personal data we share for a business or commercial purpose, and the categories of third parties with whom we share your personal data. You may make these requests by contacting us on innerhush.com at the "contact us" link on the website. Please allow reasonable time for a response.
California Designated Agent. You may designate an agent to make a request on your behalf. That agent must have access to your account in order for us to verify the request.
California Non-Discrimination. INNERHUSH will never discriminate against you, including by denying or providing a different level of service should you choose to exercise your rights under the CCPA.
The basic tenants of the promulgated GDPR regulations include, but are not limited to the following:
Access to collected data: At INNERHUSH, you already have the ability to access your shared data (Your personal information, your emergency contact information and all your interactions with your Providers) and use it as you wish.
Security: At INNERHUSH we have encrypted our data from day one and has always been stored all Private Health Information with full HIPAA compliance and in an anonymized form as required by the GDPR.
Notice/Audit: At INNERHUSH, we will provide our Clients notice of any data breach and we employ a full time security Officer, as well as engaging a third party security firm to periodically audit both or code and technology security as well as our HIPAA policies and procedures around data security.
Finally, dependent of your EU country or origin, the GDPR takes into account what was previously termed the right “to forget” or request deletion of your data once you cease using a particular application or site. This particular tenant of the GDPR may conflict with applicable medical records retention laws. In the United States, this requires at least seven years of retention, which is common around the world and is sometime up to ten years or more in certain countries. So, unlike some data platforms, INNERHUSH cannot erase private health data directly upon a Client’s request, as it may be considered essential for other medical file retention purposes. Applicable individual country medical retention laws are generally considered an acceptable exception to the GDPR regulations regarding the right to deletion of certain data.
You will resolve any claim, cause of action or dispute (claim) you have with us arising out of or relating to this Statement or innerhush.com exclusively in a state or federal court located New York. The laws of the State of Delaware will govern this Statement, as well as any claim that might arise between you and us, without regard to conflict of law provisions.
If anyone brings a claim against us related to your actions, content or information on innerhush.com, you will indemnify and hold us harmless from and against all damages, losses, and expenses of any kind (including reasonable legal fees and costs) related to such claim.
In case of any complaints or grievances, the User may contact the Grievance Officer as under:
The terms and conditions of this Policy shall be governed by Indian Laws and the courts at New Delhi shall only have exclusive jurisdiction to resolve any disputes.
We try to keep innerhush.com safe, but you use it at your own risk. We are providing innerhush.com “As Is” without any express or implied warranties. We do not guarantee that innerhush.com will be safe or secure. Innerhush.com is not responsible for the actions, content, information, or data of third parties, and you release us, our directors, officers, employees, and agents from any claims and damages, known and unknown, arising out of or in any way connected with any claim you have against any such third parties.
We strive to create a global community with consistent standards for everyone, but we also strive to respect local laws. You consent to having your personal data transferred to and processed in the United States. If you are located in a country embargoed by the United States, or are on the U.S. Treasury Department's list of Specially Designated Nationals you will not engage in commercial activities on Innerhush.com (such as advertising or payments). By content we mean anything you post on Innerhush.com that would not be included in the definition of information. By data we mean content and information that third parties can retrieve from Innerhush.com or provide to Innerhush.com through Platform. By post we mean post on Innerhush.com or otherwise make available to us (such as by using an application). By use we mean use, copy, publicly perform or display, distribute, modify, translate, and/or create derivative works.
Understand, that we treat your use of our platform with the utmost respect to your privacy. We keep all information not disclosed above private between the Therapist and the User, keeping only non-decimated "file" copies for reference in case of legal dispute of by court order as we are required to under Federal Laws for period up to seven years or by the applicable State Regulation. File retention protects both the User and the Therapists safety. INNERHUSH is not responsible for data lost/exposed/used due to the nature of the Internet and digital environments, including illegal actions of hackers and criminals, technical malfunctions of servers and database etc. These are the accepted risks of our Users and users of the Internet in general. You are agreeing to this standard in using our site.
Innerhush.com reserves the right to amend this Privacy Statement at any time without notice, and only the current Privacy Statement may be deemed effective. Regardless of later updates or changes to our privacy notice, we will never use the information you submit under our current privacy notice in a new way without first providing you an opportunity to opt-out or otherwise prevent that use.