Privacy Policy

SK Brand Tech - Healthcare Digital Marketing & WhatsApp Business Solutions

1. Introduction

Welcome to SK Brand Tech ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our WhatsApp Business API integration services, website, and digital marketing solutions.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, business name, and address
• WhatsApp Data: Phone numbers, messages sent and received through our platform, message status (delivered, read), and user interactions
• Business Information: Healthcare facility details, service offerings, and operational data
• Account Credentials: Login information for accessing our dashboard and services
• Payment Information: Billing details for service subscriptions processed securely through Razorpay (our payment gateway partner). We do not store complete card details on our servers.

2.2 Information Collected Automatically

• Usage Data: Information about how you interact with our services, including message volumes, delivery rates, and engagement metrics
• Technical Data: IP address, browser type, device information, operating system, and timestamps
• Cookies: We use cookies and similar tracking technologies to track activity and improve user experience
• WhatsApp Platform Data: Data received from Meta's WhatsApp Business API, including message metadata and delivery confirmations

2.3 Information from Third Parties

• Meta/Facebook: Data related to WhatsApp Business API usage, account status, and messaging analytics
• Integration Partners: Data from CRM systems, hospital management software, and other integrated platforms

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

• Facilitate WhatsApp messaging between healthcare providers and patients
• Send appointment reminders, lab reports, and health notifications on behalf of our clients
• Manage and optimize message delivery and response systems
• Provide automated customer support through WhatsApp chatbots

3.2 Service Improvement

• Analyze usage patterns to improve our services
• Monitor message delivery rates and engagement metrics
• Develop new features and functionalities
• Troubleshoot technical issues and maintain service quality

3.3 Communication

• Send service-related notifications and updates
• Respond to your inquiries and support requests
• Provide information about new services and features
• Send marketing communications (with your consent)

3.4 Legal and Compliance

• Comply with applicable laws and regulations
• Protect against fraudulent or illegal activities
• Enforce our Terms of Service
• Respond to legal requests and prevent harm

4. Healthcare Data and Patient Privacy

4.1 HIPAA-Aware Practices

Although SK Brand Tech operates in India and is not directly subject to US HIPAA regulations, we follow HIPAA-inspired best practices for healthcare data protection:

• We do not store sensitive medical information in plain text
• All communications are encrypted in transit
• We require patient consent before initiating communications
• Healthcare providers maintain control over their patient data
• We provide audit logs for compliance purposes

4.2 Indian Healthcare Compliance

• Compliance with Digital Information Security in Healthcare Act (DISHA) principles
• Adherence to Information Technology Act, 2000
• Respect for patient confidentiality and consent requirements

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

• Meta/WhatsApp: As required to deliver WhatsApp Business API services
• Razorpay (Payment Gateway): For secure payment processing, subscription management, and transaction handling. Razorpay is PCI-DSS compliant and follows industry security standards.
• Cloud Hosting: For secure data storage and processing
• Analytics Providers: For service improvement and analytics

5.2 Business Clients

• Healthcare providers and businesses that use our services receive data necessary to communicate with their patients/customers
• Message delivery status and engagement metrics
• Analytics and reporting data

5.3 Legal Requirements

• To comply with applicable laws, regulations, or legal processes
• To respond to government requests or legal orders
• To protect our rights, privacy, safety, or property
• To enforce our Terms of Service

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption: All data transmitted between our servers and users is encrypted using SSL/TLS
• Access Controls: Strict access controls limit who can view and process personal data
• Secure Infrastructure: Data stored on secure servers with regular security updates
• Regular Audits: Periodic security assessments and vulnerability testing
• Staff Training: Regular privacy and security training for all team members
• Incident Response: Established procedures for handling potential security breaches

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce our agreements
• Maintain business records and analytics

Specific Retention Periods:

• WhatsApp Messages: Retained for 30-90 days unless required for compliance
• Account Information: Retained for the duration of your account plus 1 year
• Transaction Records: Retained for 7 years for tax and accounting purposes
• Analytics Data: Anonymized and retained indefinitely for service improvement

8. Your Data Rights

You have the following rights regarding your personal information:

8.1 Access and Portability

• Request access to your personal data
• Receive a copy of your data in a structured, machine-readable format

8.2 Correction and Update

• Request correction of inaccurate or incomplete data
• Update your account information at any time

8.3 Deletion

• Request deletion of your personal data (subject to legal retention requirements)
• Close your account and remove associated data

8.4 Restriction and Objection

• Object to processing of your personal data
• Request restriction of processing in certain circumstances
• Opt-out of marketing communications

8.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Remember your preferences and settings
• Analyze website traffic and usage patterns
• Improve user experience and service functionality
• Deliver targeted content and advertising

Types of Cookies We Use:

• Essential Cookies: Required for basic website functionality
• Performance Cookies: Help us understand how visitors use our website
• Functionality Cookies: Remember your preferences and choices
• Marketing Cookies: Track your online activity to deliver relevant ads

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

10. Third-Party Services

Our services integrate with third-party platforms and may contain links to external websites:

Third-Party Services We Use:

• Meta/WhatsApp Business API: For messaging services
• Razorpay: For payment processing and subscription management (Razorpay Privacy Policy)
• Google Analytics: For website analytics
• Cloud Storage Providers: For data hosting

These third parties have their own privacy policies. We are not responsible for their practices. Please review their policies before using their services.

11. International Data Transfers

Your information may be transferred to and processed in countries other than India, including the United States where Meta's WhatsApp servers are located. We ensure that:

• Appropriate safeguards are in place for international transfers
• Data protection standards are maintained
• Compliance with applicable data protection laws is ensured

12. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

13. Marketing Communications

With your consent, we may send you marketing communications about:

• New services and features
• Special offers and promotions
• Industry insights and best practices
• Company news and updates

Opt-Out:

You can opt-out of marketing communications at any time by:

• Clicking "unsubscribe" in any marketing email
• Contacting us at [email protected]
• Updating your preferences in your account settings

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Displaying a prominent notice on our platform

Your continued use of our services after changes indicates acceptance of the updated Privacy Policy.

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

16. Grievance Redressal

In accordance with Information Technology Act, 2000 and rules made thereunder, if you have any grievances regarding this Privacy Policy, please contact our Grievance Officer: