9810 190 624
Delhi, India
My Account
My Account
Mayur Vihar, Delhi, India
9810 190 624

Privacy and Policy

HEARTIEST – PRIVACY POLICY Effective Date: October 2025 Issued by: Heartiest Wellness Pvt. Ltd. (“Heartiest”, “we”, “our”, or “us”) Registered Address: Dr. R. Gupta P-45, Mayur Vihar Phase I, Near Ahlcon Public School Near Mayur Vihar Metro Station, Delhi – 110091 Email: info@heartiest.org Phone: +91 9810 190 624
  1. Introduction and Commitment
Heartiest.org (“Website”) and Heartiest App (“App”) are operated by Heartiest Wellness Pvt. Ltd., a health and wellness organisation dedicated to preventive heart care, holistic wellbeing, and digital education. We are deeply committed to safeguarding the privacy, confidentiality, and security of every user’s personal information. This Privacy Policy outlines how we collect, use, process, share, and protect your information when you use our website, mobile application, assessments, online programs, corporate wellness packages, or any related services. We uphold the belief that privacy is a right, not a privilege. Every piece of data you share with us is treated with care, consent, and respect. By accessing or using our services, you agree to the terms described in this policy.
  1. Scope of Policy
This Privacy Policy applies to:
  • All individuals using the Heartiest Website, Heartiest App, or Heartiest Store.
  • Participants in our assessments, courses, challenges, events, corporate programs, and wellness initiatives.
  • All offline and online data collected through forms, communications, feedback, or transactions.
It does not apply to third-party platforms or affiliates linked to our site (e.g., payment gateways, delivery partners, or advertisers). Their privacy practices are governed by their own respective policies.
  1. Information We Collect
We collect only the information necessary to deliver our services effectively and improve your experience. Data is collected either directly from you or automatically through your use of our digital platforms. 3.1 Personal Information (Directly Provided by You) When you create an account, register, or engage with Heartiest, we may collect:
  • Full name, contact number, and email address
  • Date of birth, gender, and demographic details
  • Billing and shipping address (for product deliveries)
  • Health-related information (only if voluntarily shared during assessments or programs)
  • Corporate/Institutional details (for B2B clients)
  • Login credentials, profile photo, and preferences
  • Communications and messages sent through support, chat, or social channels.
3.2 Health and Assessment Data Certain programs may require optional health metrics (e.g., height, weight, blood pressure, lifestyle habits, medical history). This information:
  • Is used only to generate personalized reports, recommendations, and progress tracking.
  • Is never shared externally without explicit written consent.
  • Is stored securely and anonymized for analytical or educational insights.
3.3 Automatically Collected Data When you visit or use our website/app, we automatically collect certain data:
  • Device type, browser, IP address, and operating system
  • Pages visited, duration of visit, and referring URLs
  • Cookies and session identifiers
  • Mobile device identifiers, app version, and crash logs
This information helps us improve performance, analytics, and personalization. 3.4 Payment Information For purchases, payments are processed through secure third-party gateways (e.g., Razorpay, PayU, Stripe). We do not store card details or banking credentials. Payment-related details are handled per PCI-DSS compliance standards.
  1. How We Use Your Information
Heartiest uses collected data only for legitimate, consent-based, and service-related purposes. 4.1 Primary Uses
  • To create and manage your user account
  • To process orders, subscriptions, and program enrollments
  • To generate personalized reports or wellness recommendations
  • To deliver purchased digital or physical products
  • To communicate transactional and service-related information
  • To provide customer support and respond to queries
4.2 Secondary Uses
  • To send educational newsletters, updates, or promotional messages (only if opted-in)
  • To improve app/website performance through analytics
  • To understand usage patterns and content engagement
  • To develop new programs, features, and services
  • To ensure compliance with applicable laws and regulatory requirements
4.3 Sensitive Health Data Usage Health and assessment data are used solely for personalized reporting and aggregate research analysis (de-identified). No health data is ever sold or shared with advertisers or third parties for profit.
  1. Consent and Legal Basis for Processing
We process personal data based on one or more of the following legal grounds:
  1. Your explicit consent (e.g., when signing up or submitting assessments).
  2. Performance of a contract (e.g., program enrollment, purchase fulfillment).
  3. Legitimate interest (e.g., improving user experience, analytics).
  4. Compliance with legal obligations (e.g., tax or audit purposes).
Users can withdraw consent anytime by contacting info@heartiest.org. However, withdrawal may limit access to certain services.
  1. Data Retention Policy
  • Heartiest retains user data only as long as necessary for legitimate business, legal, or operational purposes.
  • Health assessment data is retained securely for up to 5 years to allow users to track progress over time.
  • Inactive accounts may be anonymized after 24 months of inactivity.
  • Transaction and invoice data are stored per accounting requirements.
Upon user request, data can be deleted or anonymized, except where retention is legally required.
  1. Data Sharing and Disclosure
Heartiest does not sell, rent, or trade user information. Information may be shared only under these circumstances: 7.1 Trusted Service Providers We work with verified partners (e.g., hosting providers, analytics platforms, payment gateways, courier services) strictly under data processing agreements (DPAs) that ensure confidentiality. 7.2 Corporate Clients For institutional wellness programs, aggregate, anonymized data may be shared with the organization’s HR or wellness team only after explicit consent from participants. 7.3 Legal Compliance Data may be disclosed when required by:
  • Law, regulation, or court order
  • Government or enforcement agencies under due legal process
7.4 Business Transfers In case of mergers, acquisitions, or restructuring, user data may be transferred to the new entity under identical privacy safeguards.
  1. Cookies and Tracking Technologies
Heartiest uses cookies, pixels, and analytics tools to:
  • Improve website performance and load speed
  • Remember user preferences
  • Measure campaign effectiveness
  • Deliver personalized content
You can modify cookie preferences in your browser. However, disabling cookies may limit some features or personalized experiences.
  1. Data Security and Protection
Heartiest employs industry-standard technical and organizational security measures to protect your data from unauthorized access, alteration, or loss. Key Security Practices:
  • Secure Socket Layer (SSL) encryption across all web sessions
  • Multi-layered firewalls and intrusion detection systems
  • Encrypted data storage and restricted access protocols
  • Regular security audits and vulnerability testing
  • Limited employee access to personal data on a need-to-know basis
If a data breach is suspected, Heartiest will:
  • Notify affected users within 72 hours (as per legal requirements)
  • Take immediate remedial measures to contain and rectify the incident
  1. Data Subject Rights (as per Indian DPDPA & Global GDPR Standards)
Every user has the following rights:
  1. Right to Access: Request a copy of your personal data held by Heartiest.
  2. Right to Rectification: Correct or update inaccurate information.
  3. Right to Erasure (“Right to be Forgotten”): Request deletion of data (subject to retention laws).
  4. Right to Restrict Processing: Limit certain uses of your data.
  5. Right to Data Portability: Request export of your data in a structured format.
  6. Right to Withdraw Consent: Stop communications or data processing anytime.
  7. Right to Lodge Complaint: File grievances with regulatory authorities if dissatisfied with our handling.
To exercise these rights, email info@heartiest.org with subject “Data Rights Request.” We will respond within 30 calendar days (or earlier, if possible).
  1. International Data Transfers
Heartiest primarily stores and processes data within India. However, to support global operations, some data may be processed by third-party services located outside India (e.g., cloud hosting, analytics). Such transfers are done only to countries with adequate data protection standards and under binding contractual clauses ensuring safety and compliance.
  1. Minors’ Privacy
Heartiest content is designed for general audiences, but we do not knowingly collect personal information from children under 13 years of age. For educational or family-based programs:
  • Parents/guardians must provide consent before data collection.
  • Children’s data, if collected, is anonymized and used only for educational insight.
If any parent believes a child’s data was collected without consent, they may contact us for immediate deletion.
  1. Corporate and Institutional Clients
When Heartiest delivers corporate or institutional wellness programs:
  • Individual participant data remains confidential.
  • Only aggregate health trends are shared with the organization, never individual results.
  • Corporate administrators must ensure lawful consent collection from their employees or members.
  1. Communication Preferences
Users can manage communication preferences anytime:
  • Unsubscribe from newsletters via footer link
  • Opt out of promotional SMS or WhatsApp by replying “STOP”
  • Modify notification settings in the app or website profile
Transactional messages (payment confirmations, password resets, health reports) are mandatory and cannot be opted out.
  1. Third-Party Links and External Services
Heartiest platforms may include links to third-party websites, apps, or payment gateways. We are not responsible for the content, security, or privacy practices of those entities. We encourage users to review the privacy policies of such third parties before engaging or sharing personal data.
  1. Data Storage Duration and Deletion Requests
  • Customer account data: retained as long as the account is active
  • Assessment data: retained for 5 years (anonymized after expiry)
  • Billing & transaction data: 8 years (per Indian accounting norms)
  • Marketing consent data: until user opts out
To request data deletion, email info@heartiest.org with identity verification. Certain information may remain archived for legitimate legal or audit reasons.
  1. Grievance Redressal Mechanism
Heartiest follows a three-tier grievance process to ensure fairness and timely resolution.
  1. Level 1 – Data Support Team: Email: info@heartiest.org Response: within 7 business days
  2. Level 2 – Grievance Officer: Name: Data Protection Officer (DPO), Heartiest Wellness Pvt. Ltd. Address: P-45, Mayur Vihar Phase I, Near Ahlcon Public School, Delhi – 110091 Email: privacy@heartiest.org Response: within 15 business days
  3. Level 3 – Escalation (Regulatory Complaint): If unsatisfied, you may escalate to the Data Protection Board of India (DPBI) under the Digital Personal Data Protection Act, 2023.
  1. Policy Updates and Notifications
Heartiest reserves the right to modify this Privacy Policy to reflect evolving legal, technical, and operational standards. Updates will be:
  • Posted on Heartiest.org/privacy-policy
  • Communicated via email to registered users (where material changes occur)
  • Effective 7 days after publication
Continued use of our services after any update constitutes acceptance of the revised policy.
  1. Limitation of Liability
While Heartiest adopts the highest security standards, no online system is entirely immune from risk. By using our services, you acknowledge:
  • You share data voluntarily and understand inherent internet risks.
  • Heartiest is not liable for breaches caused by third-party service providers, cyberattacks, or force majeure events beyond its reasonable control.
  • Our liability in any proven breach is limited to the amount paid by the affected user within the preceding 6 months or as otherwise required by law.
  1. Contact Details
For any privacy-related queries, write to: Heartiest Wellness Pvt. Ltd. Attn: Data Protection Officer P-45, Mayur Vihar Phase I, Near Ahlcon Public School Near Mayur Vihar Metro Station, Delhi – 110091 Email: privacy@heartiest.org / info@heartiest.org Phone: +91 9810 190 624
  1. User Acknowledgement
By using Heartiest platforms, the user confirms that they:
  • Have read, understood, and agreed to this Privacy Policy
  • Voluntarily provide data to receive health, wellness, or educational services
  • Understand their rights under Indian law and international best practices
  • Consent to data collection and use as outlined herein
Heartiest values your trust and promises to protect your data as carefully as we protect the human heart — with integrity, vigilance, and accountability. End of Privacy Policy
Close
Search

Hit enter to search or ESC to close

Your shopping cart

Cart