HealBoxx

Privacy Policy

This website, www.healboxx.com, and its mobile application, "HEALBOXX," is authored, published, and owned by Wings and Dreamz Private Limited—a company incorporated under the Companies Act, 2013, with its registered office at 18, Ancheril House, Central Excise Colony, P.N. Pudur, Coimbatore, Tamil Nadu - 641041, India, operating under the brand name HEALBOXX ("HEALBOXX").

Your access and use of HEALBOXX, its services, and tools are governed by the following terms ("PRIVACY POLICY"), User Agreement (which refers to "User Agreement – Terms and Conditions" uploaded in HEALBOXX), and other applicable policies, rules, codes, conditions, and guidelines of HEALBOXX (collectively referred to as "HEALBOXX Policies"). This Privacy Policy, along with other applicable policies, rules, codes, and guidelines of HEALBOXX (collectively, "HEALBOXX Policies"), may be updated from time to time. If you're a registered user you will be notified of any significant changes to these policies through a notice on our platform or via your registered email. By clicking "I Agree" on relevant consent notices that may be designed and offered to you in the form of pop-ups or any other modes of notification as chosen by HEALBOXX, you will be deemed to have provided your consent to the aforementioned, further you will acknowledge that you have read, understood, and given your free and informed consent to the collection and processing of your personal data as described in this Privacy Policy. You will however have the right to withdraw this consent at any time by contacting us at support@healboxx.com, though such withdrawal may limit your access to certain services or disentitle you of the same completely.

The Professionals (as defined in the User Agreement), Users (as defined in the User Agreement), and any other HEALBOXX visitors are hereby collectively and severally referred to as "you" or "users", "data principals" in this Privacy Policy. The terms "we", "us", "our", "Company" and "data fiduciary" shall mean HEALBOXX and/or its assignees, employees, and authorized representatives.

This privacy statement ("Privacy Policy") is a part and parcel of the User Agreement- Terms and Conditions, and HEALBOXX Policies, which describes how we collect, use, share, disclose, and protect the personal data of users. We pledge to preserve your privacy and personal data you have provided to us on the HEALBOXX platform by way of our Privacy Policy. Any service that you use through the HEALBOXX platform is governed by our User Agreement and Privacy Policy. Any term used in this Privacy Policy but not defined herein shall have the meaning ascribed to it in our User Agreement as the context requires.

We, Wings and Dreamz Private Limited, are committed to providing the best user experience, ensuring users' data protection and privacy. The objective of this Privacy Policy is to inform users about data collection and its usage by HEALBOXX.

This Privacy Policy is published in compliance with and is governed by the provisions of Indian law (as amended from time to time), including:

  • The Consumer Protection Act, 2019, Consumer Protection (E-Commerce) Rules, 2020 and relevant Rules framed thereunder;
  • The Indian Contract Act, 1872;
  • The Digital Personal Data Protection Act, 2023, and the Digital Personal Data Protection Rules, 2025 framed thereunder;
  • The (Indian) Information Technology Act, 2000 and the rules, regulations, guidelines and clarifications framed thereunder, including the (Indian) Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011; and
  • The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021,

And rules and guidelines framed thereunder. By taking a clear affirmative action in the form of registering/creating an account with us and explicitly agreeing to this Privacy Policy, you will be deemed to have read, understood, and agreed to the practices and policies outlined herein. You hereby provide your free and informed consent for the collection, use, limited sharing and disclosure of your personal data as described in this Privacy Policy.

We reserve the right to change, modify, add, or delete portions of this Privacy Policy at our sole discretion, at any given time, subject to your consent wherever necessary and mandated. If you do not agree with this Privacy Policy, you are at liberty to withdraw your consent and opt out of the services provided by Us at any given time.

If you use the services on behalf of another individual (such as a family member, dependent, or minor) or an entity, you represent and warrant that you have the legal authority and explicit permission from such individual or entity to: Accept this Privacy Policy on such individual's or entity's behalf; and Provide free and informed consent on behalf of such individual or entity to our collection, use, sharing, and disclosure of their personal data as described in this Privacy Policy.

If you are providing the personal data of a child (under 18 years of age) or a person with a disability, you explicitly represent and warrant that you are the parent or lawful guardian of such individual and possess the legal authority to provide verifiable consent for the processing of their personal data; However, it is patently stated at the very outset that HEALBOXX and the services offered by HEALBOXX are not intended for the use of minors/children.

This Privacy Policy states the following:

  • The type of personal data collected from the users (as defined under Clause 1 herein) relating to an individual;
  • The purpose, means, and modes of collection, usage, processing, retention, and destruction of such personal data; and
  • How and to whom HEALBOXX will disclose such personal data.

1. Collection of Personal Data

a. It is mandatory for you to register yourself with HEALBOXX as detailed in the User Agreement and other HEALBOXX Policies to gain access to its contents. HEALBOXX collects personal and digital personal data from its users. We may also collect technical and usage data, which may include, but is not limited to, the details of your geographical location, your internet service provider, the type of your internet browser, the operating system of your device, the website or application that you last visited before visiting HEALBOXX, the website or application which you may visit next to HEALBOXX, and/or the duration of your stay on HEALBOXX. Please note that if any such technical or usage data can be used to directly or indirectly to identify you as an individual, it will be treated as personal data and protected in accordance with this Privacy Policy and as per applicable Laws or discarded when You withdraw your consent.

b. The information collected from you by HEALBOXX constitutes "personal data" under the Digital Personal Data Protection Act, 2023, and the Digital Personal Data Protection Rules, 2025 made thereunder. Under section 2(t) of the Act, "personal data" is broadly defined to mean any data about an individual who is identifiable by or in relation to such data. The Act does not differentiate between standard and sensitive data; therefore, all identifiable data is subject to the same strict protection standards. The personal data collected by HEALBOXX may include, but is not limited to, information relating to:

  • passwords and authentication details;
  • financial information such as bank accounts, credit and debit card details, or other payment instrument details;
  • physical, physiological, and mental health conditions;
  • sexual orientation;
  • medical records and history;
  • biometric information;
  • any detail relating to the above clauses as provided to us for the purpose of providing our services; and
  • any of the information received under the above clauses by us for processing, stored, or processed under a lawful contract or otherwise.

c. When you sign up and register with HEALBOXX, we may collect your personal data to facilitate our services. This personal data may include your username, password, name, gender, age, date of birth, telephone number, mobile number, email address etc. Subject to your explicit device permissions and voluntary consent, we may also collect photos, files, or documents you actively upload, as well as any feedback, reviews, messages, or comments (whether text, voice notes, photos, or videos) that you choose to post on HEALBOXX. Furthermore, we collect technical and behavioral data such as your Internet Protocol (IP) address, your preferences, and your usage behavior on the platform. To facilitate transactions, we or our secure third-party payment gateways may collect necessary financial and payment instrument details.

d. You may have limited access to HEALBOXX without creating an account. However, to access all features and benefits of our services, you must first create an account on the platform. To create an account, you are required to provide specific information. This mandatory data may include your name, User ID, email address, country, ZIP/postal code, age, phone number, a password of your choice, and, if applicable for transactions, valid financial account information. Any other information requested while signing up is strictly optional as may be specified in HEALBOXX. Furthermore, your consent to receive promotional offers and marketing communications from HEALBOXX is completely voluntary and is not a condition for creating an account. HEALBOXX may, in the future, request additional optional personal data to help customize the platform and deliver a more personalized experience; any such future requests will be accompanied by a clear notice and will be followed by your explicit, prior consent.

e. HEALBOXX occasionally conducts user surveys to collect information about users' preferences and experiences. Participation in these surveys is entirely optional. If a survey is conducted anonymously, the resulting data cannot be linked to you and falls outside the scope of personal data. If a survey requires identifiable information, we will treat that information as personal data and process it only with your explicit consent. Similarly, HEALBOXX may offer contests or promotions to qualifying users. Participation is voluntary, and if you choose to enter, we may ask for contact and demographic information, such as your name, email address, and mailing address. We collect this specific personal data solely for the purpose of administering the contest, notifying winners, and delivering prizes. The demographic information collected during registration and through non-anonymous surveys is used exclusively to tailor HEALBOXX's features, provide more relevant mental health resources, and enhance the overall user experience based on aggregated needs and preferences.

f. No identifiable personal data is automatically collected by HEALBOXX from casual visitors who are merely browsing the platform, with the exception of the technical and usage data detailed earlier in this Privacy Policy. Nevertheless, the relevant provisions and obligations of this Privacy Policy and the User Agreement apply to all casual visitors. Visitors are encouraged to read and understand the privacy practices set out herein. If you do not agree with the terms of this Privacy Policy, you must refrain from accessing or using the HEALBOXX platform.

g. If you, as a casual visitor, have inadvertently browsed HEALBOXX prior to reading this Privacy Policy and do not agree with the manner in which your data is processed, simply quitting your browser application should ordinarily clear any temporary session cookies installed by us. However, we highly encourage all visitors to use the "clear cookies" functionality within their browser settings to ensure complete deletion, as HEALBOXX cannot guarantee or control the behavior of individual devices or third-party browsers; However, you will not be considered a casual visitor if you have voluntarily submitted any personal data to HEALBOXX through any means, including via email, customer support channels, or the formal registration process. Such individuals will be classified and treated as "Users" for the purposes of this Privacy Policy, and all statements and protections set out herein shall fully apply to them.

h. You acknowledge that, in accordance with the Digital Personal Data Protection Act, 2023, ("DPDP Act"), HEALBOXX is not required to obtain your consent to collect, use, or disclose personal data that you yourself have voluntarily made publicly available, or personal data that is made publicly available under a legal obligation. Furthermore, HEALBOXX does not collect personal data about casual visitors from external sources, such as public records or private organizations. For registered Users, we may collect personal data from authorized third parties strictly for the purposes of facilitating registration and effectively rendering our services, provided that such third-party sharing is conducted in compliance with applicable data protection laws and valid consent.

2. Purpose and Consent

a. HEALBOXX collects and processes the following categories of personal data strictly for the corresponding purposes outlined below:

  • Passwords and authentication details: To facilitate secure account creation, verify your identity, and protect your profile from unauthorized access.
  • Financial information (such as bank accounts, credit/debit card details, or payment instruments): To process payments securely for appointments, consultations, and other services rendered through our platform.
  • Physical, physiological, mental health conditions, medical records and history, and sexual orientation: To enable Professionals on our platform to provide accurate, personalized medical advice, therapy, mental health support, and appropriate practitioner matching.
  • Biometric information: To facilitate enhanced, secure or convenient identity verification where required or opted-in by the user.
  • Any related details provided for services, or received under lawful contract: To deliver, administer, and manage the core healthcare and technological services offered by HEALBOXX as and when necessary.

b. You retain the right to withdraw your consent for the processing of your personal data at any time. To do so, you may:

  • Contact our support team directly at: nancykurianpsy@gmail.com; or
  • Manage your preferences through a Data Protection Board-registered Consent Manager.

c. If you have any concerns, questions, or grievances regarding the processing of your personal data, you are hereby informed that you must first exhaust the opportunity to resolve the issue by contacting our designated Grievance Officer. All initial grievances may be directed to our Grievance Officer mentioned hereunder in clause 21 of this Privacy Policy.

d. If your grievance is not resolved satisfactorily by our Grievance Officer, you have the right to escalate the matter by making a complaint to the Consent Manager or to the Data Protection Board of India that may be constituted by the appropriate government under DPDP Act. The Board may be constituted to function primarily as a digital office, and complaints will be handled via an online mechanism. HEALBOXX will update this Privacy Policy or issue relevant notifications with the manner of accessing the Board, once the official complaint mechanisms are fully released and notified by the Government.

e. If you have registered and provided consent for the processing of your personal data prior to the commencement of the Digital Personal Data Protection Act, 2023, HEALBOXX will, as soon as reasonably practicable, provide you with an updated notice detailing the aforementioned particulars. HEALBOXX may continue to process your previously collected personal data based on your original consent, until and unless you explicitly choose to withdraw it.

f. While HEALBOXX primarily relies on your explicit consent to process personal data, HEALBOXX may process your personal data without prior consent in the following scenarios:

  • When you voluntarily provide your personal data to us for a specified purpose (for example, proactively messaging our support team to resolve an issue) and have not indicated that you object to the use of your data for that specific purpose.
  • When it is strictly necessary to respond to a medical emergency involving a threat to your life or an immediate threat to your health, or the health of another individual.
  • To comply with any judgment, decree, or order issued under any law in force in India, or to fulfill any mandatory legal obligation requiring the disclosure of information to the State, law enforcement, or regulatory bodies.
  • To take measures to ensure the safety of, or provide assistance to, any individual during a recognized disaster or breakdown of public order, where applicable.

3. Retrieval of Personal Data

a. Users have the right to request and obtain transparent information regarding the personal data we hold about you. Upon making a formal request to HEALBOXX (via our Grievance Officer or an authorized Consent Manager), we will provide you with:

  • A summary of the personal data pertaining to you that is currently being processed by us;
  • The processing activities undertaken with respect to your personal data;
  • The identities of all third-party Data Processors and other Data Fiduciaries with whom we have shared your personal data;
  • A specific description of the categories of personal data that have been shared with such third parties; and
  • Any other data as mandated to be provided under applicable Laws.

Please note that HEALBOXX reserves the right to withhold the disclosure of information pertaining to the sharing of your personal data, for the purpose of preventing, detecting, or investigating offenses, cyber incidents, or for the prosecution or punishment of offenses.

4. Usage of Information

a. Your access to and use of HEALBOXX is governed by our User Agreement and other HEALBOXX policies. By accessing or using the platform, you legally bind yourself to those contractual terms. While your use of the platform requires the processing of specific mandatory personal data to function, your consent to such processing remains free, specific, and unbundled. If you choose not to provide consent for the processing of personal data that is strictly necessary to deliver our services, or if you subsequently withdraw such essential consent, HEALBOXX reserves the right to restrict, suspend, or terminate your access to the platform, as we will be technically unable to render our services to you.

b. The primary objective of HEALBOXX in collecting your personal data is to provide you with a secure, seamless, and customized service experience. You acknowledge that the collection, storage, and processing of your personal data are strictly necessary for the basic functioning of the HEALBOXX platform and the delivery of our services to you. We assure you that all such processing activities are conducted lawfully, strictly limited to the specified purposes outlined in this Privacy Policy, and in full compliance with the Digital Personal Data Protection Act, 2023.

c. You acknowledge and agree that all personal data provided by you to HEALBOXX is submitted on a completely voluntary basis. By providing this data, you acknowledge and consent that HEALBOXX may process your personal data for the following specific and limited purposes, in addition to the purposes stated in the previous paragraphs:

  • To deliver, facilitate, and manage the services requested by you;
  • To address and resolve your technical issues, queries, or grievances related to your interactions and transactions on HEALBOXX;
  • To send you important administrative notices, including updates to our User Agreement, Privacy Policy, or other platform guidelines;
  • To conduct internal reviews, data analysis, and analytical studies on user behavior and preferences to enhance the platform's efficiency;
  • To conduct research, statistical analysis, and business intelligence purposes;
  • To investigate, prevent, or take action regarding suspected fraud, security breaches, or violations of any applicable Laws or HEALBOXX Policies;
  • To improve existing functionalities and develop new features on the platform;
  • To facilitate communications, streamline appointment bookings, enable consultations, and request user feedback or ratings to improve our overall service quality; and
  • To troubleshoot and debug technical or customer support issues.

Please note that if the data is fully anonymized and cannot directly or indirectly identify you, it ceases to be personal data. You explicitly consent to HEALBOXX's right to use or share such non-identifiable, aggregated statistical data with affiliates or third parties for commercial research.

d. HEALBOXX complies strictly with the guidelines established by the Telecom Regulatory Authority of India (TRAI). We will not send any promotional or commercial marketing communications to your registered telephone number if it is listed on the National Customer Preference Register (NCPR) or "Do Not Disturb" (DND) registry, unless you have provided us with your explicit, affirmative consent to receive such communications. However, you acknowledge and agree that HEALBOXX retains the right to send you transactional and service-related communications—such as OTPs, appointment confirmations, medical alerts, and critical account updates—which are essential for the functioning of the platform and the delivery of our services, irrespective of your DND registry status.

e. In the event that HEALBOXX undergoes a corporate reorganization, merger, amalgamation, acquisition, or a sale of all or a portion of its assets, we may disclose or transfer your personal data to the acquiring third party or newly formed entity. Any such transfer shall be conducted in strict compliance with the applicable Laws. The acquiring entity will have the right to continue processing your personal data strictly for the originally consented purposes as outlined under HEALBOXX Policies.

f. HEALBOXX may keep records of electronic communications and telephone calls received and made for making Appointments or other purposes for the purpose of administration of services, customer support, research and development and for better listing of Professionals. These records are processed strictly for the specified purposes of facilitating appointment bookings, providing customer support, resolving disputes, and internal quality assurance. Any communication data utilized for research, platform development, or optimizing Professionals listings will be suitably aggregated and anonymized to ensure your individual privacy is maintained in compliance with the applicable Laws.

g. If any other information is to be collected/released/stored/disposed/modified from the Users other than that which has already been stated in this Privacy Policy in order to facilitate specific features of the HEALBOXX mobile application, such as live telemedicine consultations, proximity-based practitioner searches, or push notifications, we may require access to specific device-level hardware or data, including your camera, microphone, real-time location, or background processing capabilities. HEALBOXX will not access these features without your explicit, separate, and prior consent, which will be requested dynamically through just-in-time system pop-ups or permission prompts at the exact moment the feature is utilized or through other methods. In the event that HEALBOXX seeks to collect new categories of personal data or utilize your data for purposes not previously stated in this Privacy Policy, we will provide you with a fresh Notice and obtain your explicit consent prior to undertaking any such new processing activities.

6. Sharing of Information

a. HEALBOXX also reserves the right to use the information provided by or about the User for the following purposes:

  • I. Publishing strictly intended public information (such as a voluntarily submitted public review) on HEALBOXX.
  • II. Contacting Users for offering new products or services, subject to obtaining your prior explicit consent and respecting your status on the National Customer Preference Register (NCPR/DND).
  • III. Contacting Users for taking feedback.
  • IV. Analysing software usage patterns for improving product design and utility.
  • V. Analysing anonymised practice information, including but not limited to financial and inventory information, for commercial use.

b. Usage of data in anonymised form: Due to the communications standards on the Internet, when a User visits HEALBOXX, HEALBOXX automatically receives the URL of the site from which the visit originated. HEALBOXX also receives the Internet Protocol (IP) address of each User's computer (or the proxy server a User used to access the Internet), the User's computer operating system, the type of web browser the User is using, as well as the name of the User's ISP. This technical data is used strictly to analyse overall trends to help HEALBOXX improve its services and ensure platform security. The linkage between a User's IP address and the User's personal data is not shared with or disclosed to third parties. Notwithstanding the above, HEALBOXX may share and/or disclose some of the aggregate findings, not the specific personal data, in anonymised form with advertisers, sponsors, investors, strategic partners, and others in order to help grow its business.

c. Disclosure of Personal Data: To the extent necessary to provide Users with the Services, HEALBOXX may provide their personal data to third party contractors who work on behalf of or with HEALBOXX for purposes including but not limited to secure cloud hosting providers, infrastructure partners, and communication tools, to process personal data on our behalf for activities related to delivering our services. In accordance with the applicable Laws, HEALBOXX ensures that all such Data Processors are engaged under valid, legally binding contracts. These contractors are prohibited from utilizing, sharing, or disclosing your personal data for any independent purposes. They are authorized to process your personal data solely on our behalf, strictly adhering to our instructions and the specific, consented purposes outlined in this Privacy Policy.

d. HEALBOXX maintains a strict "No-Spam" policy, which means that HEALBOXX does not intend to sell, rent or otherwise give Your e-mail address or contact phone number to a third party without Your consent.

7. Waiver

HEALBOXX does not control or endorse the content, messages or information found in any services and, therefore, HEALBOXX specifically disclaims any liability with regard to the services and any actions resulting from Your participation in any Services, and You agree that You waive any claims against HEALBOXX relating to same, and to the extent such waiver may be ineffective, You agree to release any claims against HEALBOXX relating to the same, except those liabilities that are expressly undertaken by HEALBOXX herein.

8. Responsibility for Maintaining Accuracy of Information

a. You are responsible for maintaining the accuracy of the information you provide. HEALBOXX generally displays user-provided information on an as-is basis. We strongly encourage you to review your information periodically and inform us immediately of any changes. In accordance with the Digital Personal Data Protection Act, 2023, where your personal data is used to make a decision that affects you, HEALBOXX shall take reasonable steps to ensure the accuracy and completeness of such data. If your personal data changes or is found to be inaccurate, you may correct, update, or request erasure of inaccuracies by modifying your Account settings or by contacting us at nancykurianpsy@gmail.com. We will implement requested changes in our active databases as soon as reasonably practicable, subject to any legal requirements for data retention.

b. If You provide any information that is untrue, inaccurate, out of date, or incomplete, or if HEALBOXX has reasonable grounds to suspect such inaccuracy, HEALBOXX reserves the right to suspend or terminate Your access to the Services. HEALBOXX may decline a request for correction or erasure of personal data under specific circumstances, including but not limited to: (i) where the data is necessary for the prevention, detection, investigation, or prosecution of any offence or contravention of any law; (ii) where the processing is necessary for enforcing any legal right or claim; or (iii) where the data is maintained for specific evaluative or archival purposes as permitted by law.

c. HEALBOXX may display or process information for Users who have not formally registered for the Services, provided such Users have provided their explicit consent for such collection and processing. While HEALBOXX and its associates make reasonable efforts to ensure the accuracy of such information, HEALBOXX shall not be liable for any inaccuracies in information provided by third parties or such Users themselves.

9. Cancellation of Services & Erasure of Personal Data

a. If You wish to cancel Your Account or opt out of the services of HEALBOXX or withdraw consent for the processing of Your personal data, You may do so at any time by contacting us at nancykurianpsy@gmail.com. You acknowledge that withdrawing consent for essential data or cancelling Your Account will result in HEALBOXX being unable to provide you Our services or maintain any proper existing relationship. Upon such a request, HEALBOXX shall initiate the erasure of Your personal data and cause its Data Processors to do the same. HEALBOXX will provide notification at least forty-eight (48) hours prior to such erasure, allowing You to halt the process by logging into Your account or providing a communication in this regard to nancykurianpsy@gmail.com. Notwithstanding such a request for cancellation of accounts or withdrawal of consent or request for erasure of data, HEALBOXX may retain such personal data, associated traffic data and processing logs for a minimum period of one (1) year or for further period as required for security, audit, and legal compliance purposes, after which such logs shall be erased.

b. You have the right to request the complete erasure of your personal data for which you previously provided consent, including data provided voluntarily for a specific purpose. Upon receiving a formal request for erasure, HEALBOXX shall securely erase Your personal data and direct Our third-party Data Processors to do the same, subject to procedure and rights reserved under Clause 9(a).

c. If You wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the services, please send us an email at nancykurianpsy@gmail.com.

10. Payments and Financial Data

a. Payment Processing: All payments on HEALBOXX are processed through our authorized payment partner, Razorpay. In compliance with the Digital Personal Data Protection Act, 2023, Razorpay acts as a Data Processor and processes your personal data strictly on behalf of HEALBOXX to facilitate secure transactions. Razorpay's security measures and data handling practices are governed by their privacy policy (accessible at https://razorpay.com/privacy/).

b. HEALBOXX may require the User to pay with a credit card, wire transfer, debit card or UPI for which subscription amount(s) is/are payable. HEALBOXX will collect such User's credit/debit card number and/or other financial institution information such as bank account numbers and will use that information for the billing and payment processes, including but not limited to the use and disclosure of such credit/debit card number and information to third parties as necessary to complete such billing operation. Verification of such information, however, is accomplished solely by the User through the authentication process. User's credit-card/debit card details are transacted upon secure sites of approved payment gateways which are digitally under encryption. The User is hereby advised, that internet technology is not full proof safe and User should exercise discretion on using the same. HEALBOXX also provides You an option to not save Your payment details.

11. Cookies

a. HEALBOXX uses "cookies" to enhance your experience. These are categorized as:

  • Strictly Necessary Cookies: Essential for the technical administration, security, and basic functionality of the platform, e.g., maintaining your login session. These do not require prior consent as they are necessary for service delivery.
  • Non-Essential Cookies: Used for research, platform optimization, and serving relevant advertisements. These are only activated if you provide your consent via our cookie consent banner.

b. Third-Party Cookies: We may allow authorized third-party service providers to place unique cookies on your browser to optimize services or serve advertisements. These third parties are bound by strict confidentiality agreements and are prohibited from using this data for any purpose other than as instructed by HEALBOXX.

c. You have the right to accept, reject, or manage your cookie preferences at any time through your browser settings. Please note that disabling strictly necessary cookies may prevent the platform from functioning correctly. Your refusal to consent to non-essential cookies will not result in a denial of access to the basic HEALBOXX services.

12. Security

a. HEALBOXX has implemented best market practices and security policies, rules and technical measures to protect the personal data that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. We further implement reasonable security practices and procedures and have a comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of HEALBOXX's business. However, for any data loss or theft due to unauthorised access to the User's electronic devices through which the User avails the Services, HEALBOXX shall not be held liable for any loss whatsoever incurred by the User.

b. HEALBOXX strives to take reasonable security measures to protect Your personal data which are in its control. However, internet, computer systems, networks and resources are not fully secure. HEALBOXX will not be responsible for any breach of security of Your personal data caused either by Your negligence, or breach caused by other Users, connections or any third parties (including third party sites) receiving Your personal data with your prior consent, or be liable for any loss / misuse in case of events happening beyond the control of HEALBOXX (including, but not limited to, fire, flood, earthquakes, rainstorms, cyclones, explosions, acts of God, civil commotion, riots, insurrection, war, acts of government, hacking and other kinds of cyber attacks, scraping, use of web crawlers, spiderbots, plug-in, add-ons, acts of government, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of Internet service or telephone service of the User, etc.). In the event of such breaches, HEALBOXX's liability shall be limited to the extent it has fulfilled its statutory obligations to maintain reasonable security safeguards as prescribed under applicable Laws.

c. HEALBOXX is committed to providing high-quality, accessible mental health care while maintaining the required standards of data privacy. We comply with the applicable Laws and we abide by all the standard norms of information privacy and at no point, the confidentiality of the User information is compromised, ensuring that your information is treated as confidential. We implement stringent administrative, technical, and physical safeguards to ensure the confidentiality and integrity of all patient health information, adhering to the standard norms of information privacy applicable in India.

d. Disclosure Clause: HEALBOXX takes Your right to privacy very seriously. Other than as specifically stated in this Privacy Policy, we will only disclose Your personal data in the following limited circumstances:

  • (i) Legal Mandates: When required to do so by any law, rule, regulation, or a valid order from a governmental, judicial, or law enforcement agency.
  • (ii) Protection of Rights: Where such disclosure is necessary to enforce or apply our User Agreement, or to protect the rights, property, or safety of HEALBOXX, our Users, or the public.
  • (iii) Prevention of Harm: where disclosure is necessary for the prevention, detection, investigation, or prosecution of any offence, or to prevent fraud and credit risk.
  • (iv) Legal Claims: Where the disclosure is necessary for the exercise or defense of any legal claim or right.

e. In the unlikely event of a personal data breach that compromises your data, HEALBOXX will notify you without delay through your registered user account or email. This intimation will be communicated in a clear, concise, and plain manner, and will include:

  • A description of the breach, including its nature, extent, and the timing of its occurrence;
  • The likely consequences relevant to you;
  • The immediate measures implemented or being implemented by HEALBOXX to mitigate any risks;
  • Actionable safety measures you can take to further protect your interests (e.g., updating passwords or monitoring financial statements); and
  • The direct business contact information of a designated HEALBOXX representative who is equipped to address your queries regarding the incident.

f. Upon becoming aware of any personal data breach, we will notify the Data Protection Board of India without delay and submit a comprehensive compliance report, within seventy-two (72) hours, or as otherwise prescribed by law from time to time.

13. Disclaimer

a. This Privacy Policy applies solely to services owned and operated by HEALBOXX. HEALBOXX does not exercise control over external websites displayed as search results or links within our Services. These third-party sites are independent entities and do not process personal data on behalf of HEALBOXX. These external sites may place their own cookies, collect data, or solicit personal data from You. HEALBOXX is not responsible for the privacy practices, user agreements, or the content, including accuracy and integrity, of such third-party websites. The inclusion of any link does not imply an endorsement by HEALBOXX. If You decide to access a third-party website linked through HEALBOXX, You do so entirely at Your own risk. We strongly encourage You to read the privacy policies of every website You visit to understand how they handle Your personal data.

b. HEALBOXX may allow You to communicate with other Users or post information publicly. Please be aware that any personal data You choose to post in these public areas is considered "publicly available" and HEALBOXX is not responsible for how other Users or third parties may collect or misuse that information. You are strictly prohibited from sharing any unlawful, defamatory, or harmful content and concerned Users are solely liable for the content they choose to share. Any reliance on User-posted information is at Your own risk, and HEALBOXX expressly disclaims any liability for such third-party content.

c. You are solely responsible for the information You share via Your Account or during Calls. You have a statutory duty to provide only verifiably authentic information. HEALBOXX is not liable for any unauthorized or illegal use of Your information by other Users or third parties.

d. You must ensure that any content You share does not violate any laws or third-party rights. As an Intermediary, HEALBOXX disclaims all liability for any illegal sharing or unauthorized usage of information by its Users.

e. HEALBOXX is not liable for any personal, financial, or reputational damages caused by other Users, third parties, or Your own negligence. While we implement all mandatory security safeguards required by law, You agree that Your use of the Services is at Your own risk. HEALBOXX's liability is limited to the maximum extent permitted under the applicable Laws.

14. Confidentiality and Security

a. HEALBOXX adheres to and commits to the protection of data and privacy of information collected from You. In respect of the information provided by or collected from You, the responsibility of HEALBOXX is restricted to that of an 'intermediary' under The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. We collect, store, process, publish, alter, modify, delete, remove and use any information, in part or whole, collected from the Professionals or the Users including but not limited to all information provided in their respective Accounts, records of telephonic and video conferencing conversations of the Users and Professionals in HEALBOXX, etc., in accordance with this Privacy Policy. By providing Your consent through our registration process, You agree to the collection and use of Your personal data as outlined in this Policy. You maintain the right to withdraw this consent at any time, which may result in the termination of certain services.

b. Your personal data is maintained by HEALBOXX in electronic form on its equipment, and on the equipment of its employees. Such information may also be converted to physical form from time to time. HEALBOXX takes all necessary precautions to protect Your personal data both online and offline, and implements reasonable security practices and measures including certain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of the business undertaken by HEALBOXX. HEALBOXX follows reasonable and best industry practices to prevent unauthorized access, use, alteration or destruction of Your personal data as explained above. HEALBOXX further makes all User information accessible to its employees, agents or partners and third parties only on a necessity basis, and binds only its employees to strict confidentiality obligations.

c. It is important for You not to share Your password with anyone to protect Yourself against unauthorised access either through Your computer or Your mobile phone. You shall ensure that You logout from the mobile application/HEALBOXX upon during Your absence from the device in which You may use HEALBOXX. HEALBOXX does not undertake any liability for any unauthorised use of Your Account and password. If You suspect any unauthorized use of Your Account, You must immediately notify HEALBOXX by sending an email to support@healboxx.com. You shall be liable to indemnify HEALBOXX for any loss suffered by it due to such unauthorised use of Your Account and password.

d. You (Users and Professionals) shall strictly adhere to applicable data protection laws and shall:

  • comply with the provisions of all applicable Laws for the time being in force;
  • ensure not to impersonate another person while providing Your personal data for a specified purpose;
  • ensure not to suppress any material information while providing Your personal data for any document, unique identifier, proof of identity or proof of address issued by the State or any of its instrumentalities;
  • ensure secure handling and confidentiality of the data of HEALBOXX, other Users and Professionals that may be intentionally or accidentally accessed by You, without any unauthorized disclosure or usage;
  • comply with HEALBOXX Policies and mandates as issued by HEALBOXX from time to time;
  • ensure not to register a false or frivolous grievance or complaint with the Grievance Redressal Officer herein or Data Fiduciary or the Board; and
  • furnish only such information as is verifiably authentic, while exercising the right to correction or erasure of data hereunder.

e. HEALBOXX facilitates the sharing and organization of information to assist Professionals in providing care. We will share your records with the specific Professional(s) You have engaged for the purpose of Your treatment. Any further disclosure to third parties will only occur with Your explicit consent or as required by law.

f. In case of non-compliance HEALBOXX Policies and/or applicable Laws, by whatever name called, HEALBOXX has the right to terminate or suspend the access or usage rights of the users to the computer resource immediately, or to remove or disable access to non-compliant information, or both, and/or take such other actions as the case may be; PROVIDED where such non-compliance relates to the creation, generation, modification, alteration, hosting, displaying, uploading, publishing, transmitting, storing, updating, sharing or otherwise disseminating of information in contravention of any Law for the time being in force, the User who is responsible for such non-compliance shall be liable to penalty or punishment under the provisions of the applicable Laws; and where such violation relates to the commission of an offence under any law for the time being in force, such as the Bharatiya Nagarik Suraksha Sanhita, 2023 or the Protection of Children from Sexual Offences Act, 2012 which requires such offence to be mandatorily reported, reporting of such offence to the appropriate authority in accordance with the provisions of the applicable Laws.

g. Any User or Professional directing, instructing or otherwise causing the computer resource of the intermediary for creation, generation, modification, alteration publication, transmission, sharing, or dissemination of information as synthetically generated information in contravention of applicable Laws for the time being in force, including but not limited to the provisions of the IT Act, DPDP Act, the Bharatiya Nyaya Sanhita, 2023, the Protection of Children from Sexual Offences Act, 2012, the Representation of the People Act, 1951, the Indecent Representation of Women (Prohibition) Act, 1986, the Sexual Harassment of Women at Workplace (Prevention, Prohibition And Redressal) Act, 2013, and the Immoral Traffic (Prevention) Act, 1956; and the Rules made thereunder may lead to:

  • the immediate disabling of access to or removal of such information;
  • suspension or termination of the User account of the User who violates this sub-rule without vitiating the evidence;
  • in accordance with applicable Law, identification of such User and disclosure of the identity of the violating User to the complainant, where such complainant is a victim of, or an individual acting on behalf of a victim of, such contravention;
  • where such violation relates to the commission of an offence under any law for the time being in force, including the Bharatiya Nagarik Suraksha Sanhita, 2023 or the Protection of Children from Sexual Offences Act, 2012, which requires such offence to be mandatorily reported, reporting of such offence to the appropriate authority in accordance with the provisions of the applicable Law; and
  • any other actions as may be determined by HEALBOXX as permissible under the applicable Laws.

15. Changes to Privacy Policy

HEALBOXX may update this Privacy Policy to reflect changes in law or our services. For any significant changes, we will provide a clear notice on the platform or via email so you can review the new terms. Continuing to use the services after receiving notice and providing any required consent will constitute your agreement to the updated terms.

16. Childrens' and Minors' Privacy

HEALBOXX and its services are not intended for use by minors, HEALBOXX respects the privacy of minors who may inadvertently use the internet or the mobile application. HEALBOXX strongly encourages parents and guardians to supervise the online activities of their minor children and consider using parental control tools available from online services and software manufacturers to help provide a child-friendly online environment. These tools also can prevent minors from disclosing their name, address, and other personally identifiable information online without parental permission.

17. Data of Persons with Disabilities

a. HEALBOXX will not collect or process personal data of 'persons with disabilities' without obtaining verifiable, proper consent from the individual legally authorized to act on their behalf. When an individual registers and purports to act as the lawful guardian for a person with a disability, HEALBOXX requires the submission of valid documentary evidence to verify this status. Processing of the Data Principal's personal data shall only commence after HEALBOXX has verified that the guardian has been formally appointed by a competent court of law, a designated statutory authority, or a local level committee under the applicable guardianship laws of India.

b. Upon successful verification, the lawful guardian shall be legally authorized to exercise all statutory rights on behalf of the Data Principal, including the Right to Access, the Right to Correction, and the Right to Withdraw Consent. HEALBOXX reserves the right to suspend Services or mandate fresh verification if the validity of the guardianship documentation is contested, revoked, or expires.

18. Communications

HEALBOXX will communicate with the Users through email, phone and notices posted on HEALBOXX or through other means available through the service, including text and other forms of messaging. The Users can change their e-mail and contact preferences at any time by logging into their "Account" at HEALBOXX and changing the Account settings.

19. Governing Law and Dispute Resolution

This Privacy Policy shall be governed and construed under the laws of India, without any reference to its conflict of law rules and the courts of Coimbatore, Tamilnadu shall have exclusive jurisdiction.

20. Nomination

You have the right to nominate any individual to exercise Your privacy rights on Your behalf in the event of Your death or "incapacity", which includes inability to manage Your data due to unsoundness of mind or physical infirmity. You may exercise this right by sending a nomination request to nancykurianpsy@gmail.com with the details of Your chosen nominee. Your nominee will be authorized to access Your records or request data erasure only under the specific circumstances of Your death or incapacity, post-verification.

21. Grievance Redressal

a. In accordance with Information Technology Act, 2000, The Digital Personal Data Protection Act, 2023, and the Digital Personal Data Protection Rules, 2025 established thereunder, the name and contact details of the Grievance Officer to address any concerns relating to your data or this Policy are as follows:

Grievance/Nodal Officer: Ms. Nancy Kurian

M/s. Wings And Dreamz Private Limited

Address: 18, Ancheril House, Central Excise Colony, P.N. Pudur, Coimbatore, Tamil Nadu- 641041, India.

Contact Number: +91-9788930303

Email ID: nancykurianpsy@gmail.com; support@healboxx.com

Lodge Your complaints at (portal address): www.healboxx.com

We will use reasonable efforts to respond promptly to any requests, questions, or concerns, which You may have regarding our use of Your information. If You have any grievance with respect to our use of Your information, You may communicate such grievance to the above-mentioned Grievance/Nodal Officer.