Jeevalaya Privacy Policy

Our Commitment to Privacy

At Jeevalaya Ayurveda Retreats LLP (“Jeevalaya”, “we”, “us”, “our”), we are committed to protecting the privacy rights of all individuals whose personal information is entrusted to us. This Privacy Policy explains our information security practices and the policies we follow in collecting, storing, and using personal data—including sensitive personal data—received from clients, participants, partners, or directly from you under lawful contracts.

We ensure all Jeevalaya employees, associates, and partners comply with our privacy and security policies. This policy demonstrates our commitment to safeguarding your privacy and personal information when you engage with Jeevalaya through our websites, mobile applications, retreats, wellness programs, or other services (“Services”).

By accessing or using our Services, you confirm your agreement to this Privacy Policy and consent to the collection, use, processing, and sharing of your information as described herein. If you do not agree, please do not use the Services or provide us with your information. If you use the Services on behalf of another individual (e.g., your child, family member) or entity, you represent that you are authorised to accept this Privacy Policy on their behalf.

Collection and Processing of Personal Information

Jeevalaya collects and processes personal information in accordance with applicable laws and only for legitimate purposes related to the delivery of our wellness, retreat, and corporate programs. The information may be collected directly from you, through online forms, emails, mobile applications, or during in-person visits at our centers and retreats. In some cases, it may also be provided by authorised partners or corporate employers (for employee wellness programs) with your consent.

Categories of information we may collect include:

• Basic Identification Data: Full name, gender, age, date of birth, nationality, marital status, and contact details (phone, email, postal address).
• Health and Wellness Information: Medical history, current health conditions, diagnostic test reports, therapy notes, prescriptions, allergies, energy mapping data, and any information relevant to tailoring your wellness plan or treatment.
• Sensitive Personal Data: Financial details (such as bank account information, payment card numbers, billing address), biometric data where relevant to diagnostics (e.g., scans, reports), and government-issued identification numbers where legally required (e.g., Aadhaar, passport).
• Digital Identifiers: Usernames, passwords, login credentials, IP address, browser details, operating system, device identifiers, and geolocation data (where enabled).
• Engagement Information: Information provided when registering for retreats, workshops, events, or when subscribing to newsletters, completing feedback surveys, or interacting with our support team.
• Corporate Program Data: Where services are offered through your employer or partner organisation (e.g., Harmony360 programs), we may receive limited employment details such as employee ID, department, or work email to deliver the program effectively.

How we collect personal information:

• Directly from you when you complete registrations, fill in forms, provide documents, or interact with our staff.
• Through digital interactions such as our website, applications, or customer support channels.
• From authorised third parties such as corporate partners, diagnostic centres, or payment service providers.
• Automatically through cookies, log files, and tracking technologies when you use our digital platforms.

Principles of processing:

• We process data only with your explicit consent, under valid contracts, or where required by law.
• Information is collected for specific, clear, and lawful purposes and not further processed in a manner incompatible with those purposes.
• Data collected is limited to what is necessary (“data minimisation”) and kept accurate and up to date.
• Retention is only for as long as required to fulfil the purpose of collection or as mandated by law.
• Processing is carried out with adequate security safeguards to prevent unauthorised access, alteration, disclosure, or destruction.

All personal data provided is voluntary. However, certain information is essential for us to deliver our services effectively. If you choose not to provide mandatory details, some services may not be available.

How We Use Personal Information

We use personal information responsibly and only for purposes aligned with our mission of providing holistic wellness, retreats, and healing programs. Your information may be used for the following purposes:

• Service Delivery: To deliver therapies, treatments, retreats, and wellness programs customised to your needs and health profile.
• Appointments and Bookings: To confirm, manage, and update appointments, registrations, event participation, and retreat bookings.
• Payments and Billing: To process payments, verify transactions, generate invoices, and manage financial reconciliations.
• Communication: To respond to inquiries, send confirmations, reminders, and important administrative notices (e.g., changes in terms, policies, or program schedules).
• Personalisation: To design and recommend personalised wellness plans, therapies, or retreat experiences based on your health and lifestyle information.
• Education and Awareness: To share newsletters, wellness tips, event updates, and promotional content that may be relevant to your interests (with your explicit consent).
• Feedback and Engagement: To collect and analyse feedback from participants to improve our services and ensure better experiences in the future.
• Corporate Programs: For employees enrolled through our Harmony360 or similar wellness initiatives, to track participation, progress, and outcomes in line with program objectives agreed with the employer.
• Research and Analytics: To conduct internal research, audits, statistical studies, and outcome measurements (using anonymised or aggregated data wherever possible) to improve therapies, validate results, and enhance our offerings.
• Compliance and Risk Management: To comply with applicable legal obligations, maintain records, prevent fraud, manage risks, and respond to regulatory or judicial requests.
• System Improvement: To monitor usage trends of our website and applications, analyse software performance, and improve design, usability, and functionality.
• Marketing and Promotions: With your explicit consent, to inform you about new services, retreats, wellness products, or partnership offerings that may benefit you.

We will never use your personal information for purposes beyond those stated without your consent, unless required by law.

Accessing, Correcting, or Deleting Your Information

We respect your rights to access and control your personal information. If you wish to review, update, correct, or delete personal data that Jeevalaya holds about you, you may submit a request using the contact details provided in the Grievance Officer section of this policy.

How to make a request:

• Send an email or written request clearly stating the type of action you require (access, correction, update, or deletion).
• Provide sufficient details to help us identify you (such as full name, contact details, program/retreat enrolled in, or registered email ID).
• Specify the nature of the request with supporting documents, if relevant (e.g., updated ID proof for correction requests).

Verification process:

• For your security, Jeevalaya will verify the identity of the requestor before processing any request. Verification may include confirming registered contact details, requiring submission of identity proof, or using secure authentication methods.
• In the case of requests made on behalf of another individual (e.g., parent for a child, authorised representative), supporting documentation such as power of attorney or parental consent will be required.

Response timelines and limitations:

• We will respond to verified requests within a reasonable timeframe, typically within 30 days, unless a shorter period is required by law.
• Requests for deletion may be subject to exceptions if retention of data is legally required (e.g., regulatory compliance, tax or audit obligations, dispute resolution).
• Where requests are unreasonably repetitive, excessive, or manifestly unfounded, Jeevalaya reserves the right to charge a reasonable fee or refuse the request, in accordance with applicable laws.

By making such requests, you help us maintain accurate and up-to-date information while ensuring your data rights are respected.

Information Security

We take robust and layered measures to protect your personal information. Our practices include:

• Encryption and Secure Transmission (SSL): All sensitive data shared through our website or mobile application is protected with Secure Socket Layer (SSL) encryption, ensuring that any information transmitted between your device and our systems remains confidential and protected from interception.
• Restricted Access Controls: Access to personal information is strictly limited to authorised personnel who require the data to perform their duties. We enforce role-based access controls and ensure that only trained staff or trusted partners with a legitimate need can view or process sensitive data.
• Authentication and Monitoring: We implement password-protected systems, multifactor authentication for internal staff, and continuous monitoring to detect suspicious activity or unauthorised attempts to access data.
• Secure Storage: Personal data is stored in secure servers and protected with firewalls, intrusion detection systems, and encryption at rest. Physical files, where used, are safeguarded in restricted-access storage facilities.
• Regular Audits and Backups: We carry out regular audits, vulnerability assessments, and penetration testing to strengthen our defences. Data backups are performed routinely and stored securely to ensure business continuity and disaster recovery.
• Staff Awareness and Training: Employees and associates undergo training on data protection and privacy practices, and they are required to comply with confidentiality obligations at all times.

Despite these safeguards, no system is entirely immune to risks. We will, however, take all reasonable steps to minimise risks and to notify you, where required by law, of any data breach that may affect your personal information.

Sharing of Information

We may share personal information with:

• Authorised partners/service providers (labs, doctors, wellness experts, payment gateways) who support our services, bound by confidentiality agreements.
• Corporate partners for employee wellness programs (e.g., Harmony360) where consent has been provided.
• Government or regulatory authorities, if required by law or judicial order.
• Research partners, in anonymised or aggregated formats that cannot identify you.

We do not sell or rent your personal information to third parties.

Cookies and Tracking

Our website/app may use cookies and similar technologies to enhance user experience, remember preferences, improve navigation, and track usage patterns. You may adjust your browser/device settings to decline cookies, but some features may not function optimally.

Law Enforcement and Legal Compliance

If required by law, we may disclose any information we hold about you to law enforcement or other government agencies, pursuant to a subpoena, warrant, or other order issued by a court of competent jurisdiction. Where required by applicable law, we will request written documentation of the demand, verify the identity of the requesting authority, and take steps to authenticate the validity of the request before sharing any data.

In urgent cases or where mandated under applicable law, we may consider requests from law enforcement agencies even without a court order, but only after careful evaluation of the legitimacy, necessity, and proportionality of such requests. Jeevalaya will maintain records of disclosures made and ensure that such disclosures are limited to what is legally required.

We are committed to cooperating with legal and regulatory authorities while protecting the rights and privacy of our users to the fullest extent possible.

Social Media and Third-Party Links

Our website/app may include links to external websites, blogs, or social media platforms (e.g., Facebook, LinkedIn, Instagram). These external websites and platforms have their own privacy policies and terms of use, which may differ from ours. Jeevalaya does not control, endorse, or take responsibility for the content, privacy practices, or security of these third-party sites.

By clicking on such links, you acknowledge that Jeevalaya is not liable for any consequences, losses, or damages arising from your interaction with third-party websites. We encourage you to review the privacy statements of any external sites you visit before sharing your personal information.

Casual Visitors

No sensitive personal data is collected from casual visitors of our website. However, if you voluntarily provide information (via forms, emails, registrations), you will no longer be considered a casual visitor, and this Privacy Policy will apply.

Choice / Opt-Out

You may opt-out of receiving marketing communications from Jeevalaya at any time by following unsubscribe instructions in emails or by contacting us directly. Essential service-related communications will continue.

Updates to This Privacy Policy

We may revise this Privacy Policy periodically to reflect changes in laws, practices, or our Services. The updated policy will be posted on our website/app with the “Last Updated” date. Continued use of Services after updates constitutes acceptance.

Contact Us – Grievance Officer

If you have questions, concerns, or grievances regarding this Privacy Policy or the way Jeevalaya handles your personal information, please contact:

Grievance Officer / Data Protection Officer
Jeevalaya Ayurveda Retreats LLP
No. 4F06, Arya Hub Mall, Whitefield Main Road, Hope Farm Junction, Bangalore 560066
Email: md@jeevalaya.co.in
Phone: +91-99019 33911

---

Consent to this Policy

By accessing or using Jeevalaya’s website, mobile application, retreats, therapies, or other services, you acknowledge that this Privacy Policy forms an integral part of our Terms of Use.

Your continued use of the Services signifies your consent to the collection, use, processing, and sharing of your personal information as described herein.

If you do not agree to this Privacy Policy, Jeevalaya may be unable to provide you with certain services. By affirming your consent, you authorise us to process your personal information in accordance with applicable law.