Customer Support: 918660658584

Need Help?

Offer Offers

Zenrx Privacy Policy - Your Data, Our Responsibility

We collect the e-mail addresses of those who communicate with us via e-mail, aggregate information on what pages consumers access or visit, and information volunteered by the consumer (such as survey information and/or site registrations). The information we collect is used to improve the content of our Web pages and the quality of our service, and is not shared with or sold to other organizations for commercial purposes, except to provide products or services you have requested, when we have your permission, or under the following circumstances: It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law. We transfer information about you if Zenvito is acquired by or merged with another company. In this event, Zenvito will notify you before information about you is transferred and becomes subject to a different privacy policy.

 

Personal info

When you register for Zenvito, we ask for information such as your   Name, Email address, Cell phone number, Billing address,  and/or credit card information.

Zenvito uses collected information for the following general purposes: products and services provision, billing, identification and authentication, services improvement, contact, and research.

Or for the following specific purposes mentioned below: 

 Name:   Name to establish the identity of users and maintain their accounts.

 Email:   Email ID to send you transaction and order-related notifications to help you with resetting passwords and/or login purposes. 

 Address:   Address to facilitate home delivery of goods and for billing purposes.

 Phone numbers:   Phone numbers for login purposes and to show them on the profile or to contact you.

 

Photos and Videos

We collect Prescription images in some cases as mandated by the law. We do not collect video files.

 

Files and docs

 PDFs:  We allow uploading of prescriptions in PDF format. We do not collect any other files.

 

COOKIES
A cookie is a small amount of data, which often includes an anonymous unique identifier, sent to your browser from a website 's computer and stored on your computer's hard drive.

COOKIES ARE REQUIRED TO USE THE ZENVITO TECH SERVICE.
We use cookies to record current session information but do not use permanent cookies. You are required to log in to your Zenvito Project Site after a certain period of time has elapsed to protect you against others accidentally accessing your account contents.

DATA STORAGE
Zenvito uses third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run Zenvito. Although Zenvito owns the code, databases, and all rights to the Zenvito application, you retain all rights to your data. Zenvito may disclose personally identifiable information under special circumstances, such as to comply with subpoenas or when your actions violate the Terms of Service.

CHANGES
Zenvito may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Zenvito primary account holder account or by placing a prominent notice on our site.

 

1. Introduction

Zenrx Healthcare Private Limited (“Zenrx”, “we”, “us”, or “our”), with its registered office at [insert complete address], acts as the Data Fiduciary under the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and as a Data Controller under the General Data Protection Regulation (“GDPR”), where applicable. This Privacy Policy explains in detail how we collect, use, retain, process, disclose, protect, and transfer your personal data when you use our website, mobile app, or related services (“Service”). It also explains your rights and our obligations concerning your data.

2. Definitions

  • Personal Data: Any data about an individual who is identifiable by or in relation to such data.

  • Sensitive Personal Data: Includes health data, prescription information, financial information, and biometric data.

  • Processing: Any operation performed on personal data, whether automated or not, such as collection, storage, use, disclosure, or erasure.

  • Data Principal/Data Subject: User whose data is being processed.

  • Data Processor: Third-party entity processing personal data on behalf of Zenrx.

3. Categories of Data Collected

Information you provide directly:

  • Full Name (identification and account creation)

  • Email address (communication, login/verification, alerts)

  • Mobile/Cell phone number (contact, authentication)

  • Physical address (shipping and billing)

  • Payment and billing information (credit/debit card/UPI, where applicable)

  • Prescription uploads (images/PDFs)

  • Responses to surveys, forms, and feedback submissions

Information collected automatically:

  • Device identifiers (e.g., IP address, MAC address)

  • Browser information and metadata

  • Log-in history, authentication tokens, session duration

  • Web/pages visited, actions performed, navigation path

  • Cookies/session data (see Section 10)

Special Categories (Sensitive Data):

  • Medical data: prescription details, medications requested/ordered, and health information submitted for order compliance

  • Financial: only when explicitly required for processing transactions

4. Lawful Bases for Processing

Your personal data is processed on the following grounds:

  • Consent: Explicit consent for processing sensitive categories (medical, biometric, financial data, marketing communications). Consent records are maintained.

  • Contractual Necessity: To enter or perform contracts for registered services, product delivery, account management, transaction facilitation, and customer support.

  • Legal Obligation: To comply with Indian pharmaceutical law, tax regulations, record-keeping requirements, and regulatory audits.

  • Legitimate Interests: Service improvement, security/fraud prevention, analytics, customer research, and website operation—always balancing your rights and interests.

  • Vital Interests/Public Interest: When necessary to protect an individual’s life, health, or safety.

5. Use of Personal Data (Purposes)

Data collected is used for the following explicit, specified, and legitimate purposes:

  • Identity verification and user account management

  • Product/service provision, order fulfillment, and compliance with medical/pharmaceutical regulations

  • Billing, payment processing, transaction management, tax-related filings

  • Authentication, password resets, and account security (including multi-factor authentication, where provided)

  • Communications: notifications (transactional, promotional if consented, order updates), customer support, user feedback, password assistance

  • Regulatory compliance, risk management, fraud detection, dispute resolution

  • Service enhancement, analytics, research, trend monitoring (aggregated/anonymized)

  • Legal compliance and response to valid requests by government authorities, courts, or law enforcement

6. Data Sharing and Disclosure

We do not sell or lease your data to any third party. Data is only shared as follows:

  • With contracted service providers (Data Processors): Payment gateways, hosting/cloud vendors, IT operations, email/SMS vendors, logistics partners—all contractually bound by data protection agreements and confidentiality clauses.

  • With regulatory authorities/government bodies: To comply with statutory obligations or upon receipt of lawful requests for investigation or legal proceedings.

  • Business transfers: In the event of a business acquisition, merger, restructuring, sale, or transfer, your personal data may be transferred as an asset. Notice will be sent to you in advance, and data will remain protected under the existing policy until updated.

  • Legal proceedings and vital interests: If required for fraud prevention, safety, enforcing our rights, or protecting individual/public health.

7. International Data Transfers

Personal data may be processed or transferred to jurisdictions outside India (such as the EU or US) for storage, support, or processing. Cross-border transfers are subject to the following safeguards:

  • Adequacy decisions by the Indian Government or EU Commission

  • Standard contractual clauses and binding corporate rules, where law mandates

  • Your explicit consent prior to transfer, where required

  • Technical safeguards (encryption, access controls) to ensure data security in transit and storage

  • Assessment of foreign law and data protection standards

8. Data Retention and Deletion

Personal data is retained only as long as necessary to fulfill specified purposes, contractual/legal obligations, or legitimate interests. After expiry of statutory periods (e.g., tax/audit/prescription retention), data is securely deleted, erased, or anonymized.

  • User account information: Until account closure, plus a limited period for legal obligations/dispute resolution

  • Prescription and health records: As required by the Drugs and Cosmetics Act, 1940 and pharmacy regulations

  • Transaction records: Per Indian tax and accounting laws

Data subjects may request deletion/erasure (right to be forgotten), unless restricted by legal retention requirements.

9. Your Rights

Zenrx is committed to upholding your rights as a data subject/principal. You may exercise the following:

  • Right to Access: Obtain a copy of all personal data processed.

  • Right to Correction: Rectify or update incomplete/incorrect data.

  • Right to Erasure/Deletion: Request erasure of data not required by law.

  • Right to Withdraw Consent: Withdraw specific consents given, at any time.

  • Right to Data Portability: Receive data in a structured, commonly used, and machine-readable format, or request direct transfer to another service provider, where feasible.

  • Right to Restriction/Objection to Processing: Object to or restrict specific processing activities (subject to legal limitations).

  • Right to Grievance Redressal: File a complaint with the Zenrx Data Protection Officer, and if unsatisfied, escalate to the Data Protection Board of India or the competent EU authority.

All requests will be responded to within statutory timeframes (typically 30 days).

To exercise any of these rights, contact us at privacy@zenrx.in.

10. Cookies and Automated Tracking

  • Cookies are necessary for secure authentication and site operation. No permanent or persistent tracking cookies are used; session cookies expire after a set duration or logout.

  • Cookies may be used for:

    • User authentication and session maintenance

    • Security (detecting unauthorized access attempts)

    • Analytics (strictly aggregate and anonymized, unless you consent otherwise)

  • Cookie preferences can be modified in your browser or within site settings (where available).

11. Profiling and Automated Decision-Making

Zenrx generally does not subject data subjects to automated decisions or profiling that produce legal/significant effects. Automated sorting may be used for service personalization, but no medical advice, eligibility, or credit decisions are made automatically.

If automated processing is used outside the above scope, you will have the right to human intervention, express your point of view, and contest the outcome (GDPR Art. 22).

12. Data Security

We implement technical and organizational safeguards to protect your data, including but not limited to:

  • Encryption of sensitive personal data in transit and at rest (where feasible)

  • Secure server and firewall configurations

  • Access controls, authentication protocols, and regular audits

  • Regular staff privacy training

  • Data backup, redundancy, and incident response planning

  • Vetting and monitoring of all vendors/sub-processors

13. Data Breach Response

Any breach of personal data will be logged and investigated immediately. Where required under the DPDP Act or GDPR, affected users and the Data Protection Board/authority shall be notified within the legally mandated timelines. Details of possible risks, steps taken, and remedial actions will also be shared as appropriate.

Internal policy and escalation procedures are in place for incident management and breach containment/mitigation.

14. Children’s Privacy

Zenrx does not knowingly collect data from minors under the age of 18. Parental/guardian consent is obtained where service is rendered to children, as prescribed by law.

15. Grievance Redressal and Data Protection Officer (DPO) Contact

If you have concerns, questions, or wish to exercise your rights, please contact:

Data Protection Officer – Zenrx Healthcare Private Limited
Email: legal@verdeus.in; zenvitohealth@gmail.com
Postal address: #206/2, New No K-1/5, Oil Mill Road, K R Mohalla, Mysuru- 570024.
 

Escalation:
If your issue is unresolved, you may escalate to the Data Protection Board of India (DPDP Act, 2023), or your local supervisory authority in the EU.

16. Changes to this Privacy Policy

This Privacy Policy may be reviewed and updated to comply with evolving laws and our privacy practices. Major updates will be notified via your registered email or a prominent notice on the Zenrx platform. Please review this policy regularly.

Continued use of our services after policy changes constitutes your acceptance of those changes. Previous versions can be furnished upon request.