📜 SafeQR – Privacy Policy

This Privacy Policy governs the data collection, processing, and protection practices of SafeQR. We are fully compliant with our obligations under the Digital Personal Data Protection (DPDP) Act, 2023, and other applicable laws of India.

1. Information We Collect

We may collect the following types of personal information to provide and improve our services:

• Basic Details: Name, Age, Gender, Contact Number, Address.
• Emergency Details: Blood Group, Allergies, Pre-existing Medical Conditions, and Emergency Contacts (name and phone number).
• Optional Information: Any additional data you choose to provide, such as ID proofs, vehicle details, or other important notes for emergency situations.
• Technical Information: Device type, browser information, IP address, and system usage logs for security and analytical purposes.

2. Purpose of Data Collection

We collect your personal data strictly for the following purposes:

• To provide critical information to authorized personnel (like doctors or police) when your SafeQR code is scanned in an emergency.
• To allow emergency responders to contact your family, doctor, or designated emergency contacts when necessary.
• For account creation, management, and providing customer support.
• To improve our services, maintain the security of our platform, and prevent fraud.

We state explicitly that we do not sell, rent, or share your personal data with advertisers or any third parties for marketing purposes.

3. Consent

We process your data only after receiving your clear and informed consent. By creating a SafeQR account and submitting your information, you agree to the terms outlined in this Privacy Policy. You reserve the right to withdraw this consent at any time by contacting us, which may affect your ability to use our services.

4. Data Storage & Security

We implement robust technical and organizational measures to protect your data:

• Encryption: Your data is encrypted during transmission using HTTPS/SSL and while at rest in our databases using industry-standard AES-256 encryption.
• Password Security: All user passwords are cryptographically hashed and salted, meaning even we cannot view your password.
• Access Control: Access to personal data is strictly limited to authorized personnel who require it to perform their job functions.
• Breach Notification: In the unlikely event of a data breach, we will promptly notify you and the relevant authorities as required by law.

5. Your Rights (under DPDP Act, 2023)

As a registered user ("Data Principal"), you have the right to:

• Access Your Data: Request a copy of the personal data we hold about you.
• Correct & Update: Rectify any inaccurate or incomplete information in your profile.
• Delete Your Data: Request the permanent deletion of your account and associated data.
• Withdraw Consent: Withdraw your consent for the processing of your data at any time.

You can exercise these rights through your account settings or by contacting our Grievance Officer.

6. Data Retention

We will retain your personal information only for as long as it is necessary to fulfill the purposes outlined in this policy, or as required by applicable laws and regulations. When your data is no longer required, it will be securely and permanently deleted from our systems.

7. Sharing of Data

We limit the sharing of your data strictly to the following parties:

• Authorized Responders: Emergency responders or verified organizations who scan your QR code, and only with your explicit or pre-configured consent.
• Service Providers: Trusted cloud storage and infrastructure partners who are bound by strict Data Processing Agreements (DPAs) and confidentiality obligations.

8. Grievance & Contact

If you have any questions, concerns, or complaints regarding your data or this policy, please contact our dedicated Grievance Officer: