Privacy Policy

1. PREFACE

Support Elders Private Limited (hereinafter referred to as “Company”, “we”, “us” or “our”) is a company incorporated under the laws of India having its registered office at DT 1, Phase I, Golf Green Urban Complex, Kolkata-700095, West Bengal, India. The Company owns and operates the website www.supportelders.com (“Website”), the Support Elders Member App (“Support Elders App”), and any other digital tools or platforms through which it provides its services (collectively, the “Digital Platform”). The Digital Platform and all services made available through it are referred to herein as the “Services”.

This Privacy Policy (“Policy”) governs the manner in which the Company collects, stores, uses, processes, discloses, and protects the personal information and sensitive personal data or information of Members, Sponsors, Nominees, and all other users of the Digital Platform (collectively, “Users”, “you” or “your”). Capitalised terms not defined herein shall have the meaning ascribed to them in the Member Terms and Conditions available on the Website.

This Policy is made and hosted in accordance with the following applicable laws and regulations:

Information Technology Act, 2000 (“IT Act”)
Rule 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011
Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”)
Digital Personal Data Protection Act, 2023 (“DPDPA”) and the rules framed thereunder.

This Policy should be read together with the Member Terms and Conditions, which are deemed incorporated herein by reference. By accessing or using the Digital Platform, submitting an enrolment form, clicking any acceptance button, or availing of any Service, you confirm that you have read, understood, and agreed to this Policy. If you do not agree, you are advised to discontinue access to the Digital Platform immediately.

2. MODIFICATION OF THIS POLICY

The Company may update this Policy from time to time. Any updated version shall be published on the Digital Platform and shall become effective upon publication or such later date as may be specified therein. However, the Company will use your personal information in a manner consistent with the Policy in effect at the time you provided it.

By continuing to access or use the Digital Platform after any modification, you are bound by the updated Policy. You are encouraged to check this Policy periodically on the Website for updates. The Company reserves the right to terminate or suspend Services to any User who does not comply with the terms of this Policy.

3. DEFINITIONS

For the purposes of this Policy, the following terms shall have the meanings assigned to them below (in addition to defined terms in the Member Terms and Conditions):

“Confidential Information”: means all information obtained or received during the Term (as defined in the Member Terms and Conditions), including but not limited to Company’s terms, business transactions, technical and operational information and financial arrangements, whether or not such information has commercial value.
“Data Principal”: means the natural person (Member, Sponsor, Nominee or other User) to whom the Personal Data relates.
“Member Data”: means any personal information, health data, location data, medical records, or other Sensitive Personal Data or Information relating to the Member, as provided to or collected by the Company in the course of providing the Services.
“Personal Data” / “Personal Information”: means any data about an individual who is identifiable by or in relation to such data, as defined under the DPDPA and the IT Act.
“Sensitive Personal Data or Information” (“SPDI”): includes passwords, financial information (bank account / credit card / debit card details), physical, physiological and mental health conditions, sexual orientation, medical records and history, biometric information, and any other information designated as SPDI under applicable law.

4. INFORMATION WE COLLECT

The Company collects the following categories of information from Users:

4.1 Identity and Contact Details

Full name, date of birth, age, gender
Residential address, city, state, pin code
Mobile number(s) and e-mail address(es)
Photographs or profile images (where provided)
Emergency contact details (Sponsor, Nominee)

4.2 Personal Health Information and Medical Data

Medical history, current diagnoses, prescriptions, and health conditions
Electronic medical records and health check-up reports
Data from wearable devices, fitness trackers, or connected health platforms
Physiological and mental health information shared during service delivery
Records of hospital admissions, medical visits, and care plans

4.3 Financial Information

Service fee and payment-related information (processed through third-party payment providers)
Bank account or card details are not stored by the Company on its own servers, they are handled exclusively by the relevant payment gateway or third-party processor

4.4 Technical and Device Information

IP address, device type, operating system, and browser type
Firebase ID or equivalent device identifier
App usage data, session duration, and interaction logs
Cookie data and tracking identifiers

4.5 Service Interaction Data

Records of bookings, service requests, and care plans
Telephonic and chat conversation logs with the Company’s National Alarm Centre (NAC) and staff
Feedback, ratings, and complaints submitted through the Digital Platform
GPS / location data (where geographic tracking services are activated, such as MEAS or DTM)

4.6 Enrolment and Onboarding Data

enrolment form, nominee form, welcome letter, and all other Member Documents
Identity verification documents (as required for the relevant Service)

Users have the right not to supply personal information, but in such cases the Company may be unable to provide certain or all Services. Where a User provides information on behalf of another individual, such User confirms that they are duly authorised to do so.

5. CONSENT

5.1 Obtaining Consent

Company processes Personal Data only on the basis of free, specific, informed, unconditional, and unambiguous consent of the Data Principal, provided through a clear affirmative action (such as signing the enrolment Form, clicking an acceptance button on the Digital Platform, or availing Services). Where a Sponsor creates an account on behalf of a Member, the Sponsor confirms that they are duly authorised to provide consent on the Member’s behalf.

5.2 Withdrawal of Consent

You have the right to withdraw your consent to processing of your Personal Data at any time. Withdrawal may be communicated to the Company in writing at the contact details mentioned in Paragraph 11 of the Privacy Policy. However, withdrawal of consent may result in the Company being unable to continue providing some or all Services, and shall not affect the lawfulness of processing carried out prior to such withdrawal.

5.3 Legitimate Uses – Processing Without Consent

In addition to processing based on consent, the Company may process Personal Data without consent in circumstances permitted under Applicable Laws, including:

Compliance with a legal obligation or order of a competent court or statutory authority
Medical emergency or threat to the life or safety of the Member or any other person
Processing for the purposes of the State for providing benefits, services, or subsidies.

5.4 Specific Consent – Partner and Associate Sharing

The Member and/or Sponsor hereby grant specific consent to the Company to share Member Data (including medical health records and other health-related data) with Company’s partners and associates for specific purposes including but not limited to enabling geographic tracking (MEAS, DTM), storing and accessing electronic medical records, facilitating hospital admissions, enabling consultations with registered medical practitioners, and any other purpose reasonably required for delivery of the Services.

5.5 Rights of Data Principals

Subject to Applicable Laws, a Data Principal may:

request a summary of the Personal Data being processed by the Company and information relating to such processing;
request correction, completion, updating or erasure of Personal Data that is inaccurate, misleading, incomplete or no longer necessary for the purpose for which it was processed;
withdraw consent previously provided to the Company for processing of Personal Data, provided that such withdrawal shall not affect the lawfulness of processing undertaken prior to such withdrawal and may affect the Company’s ability to provide certain Services;
nominate another individual to exercise the rights of the Data Principal in accordance with Applicable Laws; and
submit grievances relating to the processing of Personal Data in accordance with Paragraph 11 of this Policy.

The Company shall process and respond to such requests in accordance with Applicable Laws.

6. PURPOSE OF COLLECTION AND USE

Personal Data collected by Company will be used only for the purposes for which it was collected and compatible purposes disclosed at the time of collection. The specific purposes include:

Providing, managing, and improving the Services subscribed to by the Member
Member enrolment, onboarding, identity verification, and account management
Facilitating medical emergency alerts, out-of-home assistance, hospital admissions, and care visits
Geographic tracking and digital monitoring (MEAS, DTM, CMS, OHA, and related Services)
Communication with Members, Sponsors, and Nominees via SMS, email, the Support Elders App, and other channels
Service fee billing, invoicing, and payment processing
Research and analytics (in anonymised, de-identified, or aggregated form) to improve service quality and health outcomes
Sharing with the National Alarm Centre (NAC) and third-party service providers to fulfil service obligations
Customising and personalising Member experience on the Digital Platform
Feedback, complaint resolution, and quality assurance (including recording of telephonic and chat interactions)
Compliance with applicable laws, court orders, and regulatory requirements
Investigating suspected fraud, illegal activity, or violations of Company’s terms
Sending service updates, healthcare packages, offers, and promotional communications (with opt-out option)

7. DISCLOSURE AND SHARING OF INFORMATION

Company does not sell Personal Data to third parties. Personal Data may be disclosed or shared only in the following circumstances:

7.1 Non-Disclosure Obligation

The Company and the Member/Sponsor shall not disclose, divulge, or disseminate to any third party any Confidential Information. This obligation shall not apply to Confidential Information that: (a) is or becomes public knowledge through no fault of the parties; or (b) is required to be disclosed under applicable law or by order of any competent authority. In such cases, the disclosing party shall intimate the other party before making such disclosure, to the extent permitted by law.

7.2 Partners and Associates

The Company may share Member Data with its partners, associates, third-party service providers, and healthcare providers on a need-to-know basis for the purposes of delivering the Services.

7.3 Analytics and Research

In the course of providing the Services, Company may use Member Data for its own research and analytical purposes. Company may share anonymised, de-identified, or aggregated data with its affiliates and trusted business partners (in India or outside India) for research, development, and improvement of Services. Such data will not identify any individual User.

7.4 Need-to-Know Disclosure

The Member and Sponsor hereby grant to the Company express consent to disclose Member Data as is required to be disclosed by the Company to fulfil its obligations under the Member Terms and Conditions, on a need-to-know basis, as the Company may at its sole discretion deem fit.

7.5 Legal Compliance and Regulatory Disclosure

The Company may disclose Personal Data if directed by any judicial or statutory authority, against receipt of a court or statutory order, or to comply with applicable law.

7.6 Investigation of Illegal Activities

Company may share Personal Data to investigate, prevent, or take action regarding illegal activities, suspected fraud, potential threats to the physical safety of any person, or violations of Company’s terms and policies.

7.7 Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets involving Company, Personal Data held by the Company may be transferred to the successor entity, subject to the successor providing equivalent data protection undertakings.

7.8 Sponsor and Nominee

Company may share relevant Member Data (including health updates, alerts, and service reports) with the Sponsor and Nominee identified in the Enrolment Form, as necessary for the provision of Services and in the interests of the Member.

7.9 Security Measures

The Company maintains reasonable security safeguards, technical measures and organisational controls designed to protect Personal Data against unauthorised access, disclosure, alteration, loss, misuse or destruction. However, no method of transmission over the internet or method of electronic storage is completely secure and the Company cannot guarantee absolute security.

8. COOKIES AND ADVERTISEMENTS

Company may place a text file called a “cookie” in the browser files of your device. The cookie itself does not contain Personal Information although it will enable the Services to relate your use of the Company’s Service to information that you have specifically and knowingly provided to the Company. Company may display advertisements from third-party advertisers on its Digital Platform. These advertisers may use cookies or mobile device identifiers on their own platforms. Company is not responsible for these advertisers and does not warrant or endorse their quality, commitment, deliverables, or data protection practices.

9. DATA RETENTION AND DELETION

Company retains Personal Data only for as long as is necessary for the purposes described in this Policy or as required under applicable law. Member Data will generally be retained for the duration of the Term and for such additional period as may be required under applicable law or for legitimate legal or regulatory purposes.

10. THIRD-PARTY LINKS AND PLATFORMS

The Digital Platform may contain links to third-party websites, applications, or digital platforms. This Policy applies only to the Digital Platform and Services operated by the Company. The Company shall not be responsible for the content, terms of use, privacy policies, or modes of operation of third-party platforms.

11. CONTACT, GRIEVANCES, AND DATA PROTECTION OFFICER

In case of any complaints, grievances, or queries regarding this Policy or the Company’s processing of your Personal Data, you may contact us at:

Support Elders Private Limited
Registered Address: DT-1, Phase-I, Golf Green Urban Complex, Kolkata – 700 095
Phone: 0804 595 8888
E-mail: writetous@supportelders.com

12. GOVERNING LAW AND JURISDICTION

This Policy shall be governed by the laws of India. Any disputes arising under or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts at Kolkata, India.

13. UPDATES TO THIS POLICY

This Policy was last updated on 18th day of June 2026.

CONFIDENTIALITY AND DATA PRIVACY

1.1. The parties shall not disclose, divulge and/or disseminate to any third party any Confidential Information. This obligation will not apply to Confidential Information, which is or becomes public knowledge through no fault of the parties hereto as well as Confidential Information, which the parties hereto might be required to disclose under Applicable Law or by order of any Competent Authority.

1.2 The Service Provider, however, may use services of partners and associates, and hence rely on the privacy norms followed by such partners and associates, for specific purposes like enabling geographic tracking, measurement and storage of Personal Data, electronic medical records for delivering Services or getting the Member admitted to a hospital or getting the Member checked by a registered medical practitioner etc. for which the Service Provider may have to share Confidential Information of the Member with such partners and associates. The Member hereby grants specific and permanent consent to the Service Provider for sharing certain Data of the Member including his/her medical health records and other health related data of the Member, with such partners and associates.

1.3 Subject to Paragraph 1.2 above, in the event any party hereto wants to disclose any Confidential Information, it shall take prior written consent of the other party and shall make only such disclosures as allowed by the other party. However, such consent shall not be required for disclosure of any Confidential Information that is already in the public domain or required to be disclosed by any court of law or other authorities under any Applicable Law. In such an event the disclosing party shall intimate the other party before making such disclosure.

1.4 Notwithstanding anything stated herein, the Member and the Sponsor, jointly and severally:

1.4.1 acknowledge and agree that in the course of providing the Services, the Service Provider may use Member’s Personal Data for the purposes of its own research and analytical purposes. Provided that the Service Provider shall at all times treat such Personal Data of the Member as confidential and shall comply with the provisions of this Paragraph 1 in respect of such Member’s Data; and

1.4.2 hereby grant to the Service Provider, express consent to disclose such Member’s Data as is required to be disclosed by the Service Provider to fulfil its obligations hereunder, on a need to know basis, as the Service Provider may at its sole discretion deem fit.

1.5 Personal Data of Members and Visitors will be dealt with as per the Company’s Privacy Policy regarding the protection and processing of Personal Data. The Privacy Policy sets out the manner in which the Company complies with the principles of Personal Data protection, as well as rights of Members and Visitors in relation to the way their Data is used within the Company’s business processes.

1.6 The Company’s Privacy Policy seeks to provide clear and easily accessible information regarding:

1.6.1 its practices and policies;

1.6.2 type of Personal Data or Sensitive Personal Data collected by the Company from Members and Visitors;

1.6.3 purpose of collection and usage of such Personal Data and Sensitive Personal Data;

1.6.4 disclosure of Personal Data or Sensitive Personal Data to third parties, if any; and

1.6.5 reasonable security practices and procedures regarding the processing of Personal Data and Sensitive Personal Data.

1.7 The Company’s Privacy Policy also seeks to ensure that Data Principals are informed of:

1.7.1 the fact that Data or Sensitive Personal Data is being collected;

1.7.2 the purpose for which Data or Sensitive Personal Data is being collected;

1.7.3 the intended recipients of Data or Sensitive Personal Data; and

1.7.4 the name and address of (a) the agency that is collecting the Data or Sensitive Personal Data; and (b) the agency that will retain the Data or Sensitive Personal Data.

Pl note: The Privacy Policy (“Confidentiality And Data Privacy”) laid out above is part of the Member Terms & Conditions and should be read along with it. All references to the Member Terms and Conditions shall include references to the Member Terms and Conditions as it may, from time to time, be amended or modified and available at www.supportelders.com.