Privacy Policy – India, Sri Lanka, Bangladesh

For the purposes of this Privacy Policy, Company” (referred to as either “the Company”, “We”, “Us” or “Our” in this Privacy Policy) refers to ComPsych via its Global Partner, Santulan.

This Privacy Policy contains details on issues related to your privacy when using our Employee Assistance Program (“EAP”) services. It is intended to inform you of our policies, procedures, and practices regarding the collection, use and disclosure of any information that you provide to us.

When you use our EAP services, you accept and agree to this Privacy Policy. By accessing and using our EAP services you affirm that you have read the Privacy Policy and that you understand, agree to and acknowledge all the terms contained herein.

In the course of your use of our EAP services you may share and we may collect information related to you, including Personal Data, directly or indirectly, provided that, such information does not constitute information shared during counseling services, including but not limited to counselor notes, suggested treatments, sessions and other information that is deemed as personal and confidential. “Personal Data” relates to information that identifies an individual, or makes an individual identifiable.

1.
Information Collection, Use, and Disclosure

1.1 Categories of Information Collected

To let us effectively provide EAP services, we may collect, use, and store the information described below. We also disclose certain information to third parties, as described further below. The information we collect is received directly or indirectly from you and generated in the course of your use of EAP services. The data we collect is not used for marketing or any other purposes except as specified in this Policy.

i.
Personal Data: We collect, use and store certain information from clients that have signed up for EAP services such as name, address, date of birth, telephone number or email address.
ii.
EAP Data: We collect, use, and store certain emotional health information and general data regarding user EAP sessions such as whether a session has been scheduled by the user, whether a counselor or user joins a scheduled session, when a counselling session began and ended, and whether a counselling session was cancelled or re-scheduled.

Protecting this information is important to us. Other than in the ways detailed in this Privacy Policy, we will never use or disclose any information unless requested by you or you approved us to do so.

1.2 Purposes for Which Information Is Used

We may use the information we collect for one or more of the following purposes:

1.2.1 Communication with you

i.
To provide EAP services, provide you with customer support, and ensure you are receiving quality service;
ii.
To match clients with counselors and facilitate the counselling services;

1.2.2 Administration and improvement of services

i.
To supervise, administer and monitor the EAP services;
ii.
To measure and improve the quality, effectiveness, and delivery of our services.

1.2.3 Compliance with law

i.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
ii.
To comply with applicable laws, including, but not limited to laws related to protecting client and public health and safety;

1.2.4 Other uses with consent

i.
Any other purpose with your consent.

1.3 Purposes for Which Information Is Disclosed to Third Parties

Information about you may be disclosed to third parties for one or more of the following purposes:

i.
For business purposes: We may share a client’s information with counselors for referral purposes, vendors and service providers, including our data hosting and data storage partners, analytics and vendors providing technology services and support, and data security. We also may share information with professional advisers, such as auditors, law firms, and accounting firms. We do not share information related to your ongoing counseling services with us, including but not limited to counselor notes, sessions etc. unless required by applicable law.
ii.
With your direction or consent: We may share your information with third parties if you request or direct us to do so after signing an authorization form in that regard.
iii.
Compliance with law: We may share your information with a court, a regulatory entity, law enforcement personnel, or pursuant to a court order, to comply with applicable laws or any obligations thereunder.
iv.
In the context of a transaction: We may share your information in connection with an asset sale, merger, bankruptcy, or other business transaction.
v.
For other business reasons: We may share your information to enforce any applicable terms and conditions and to ensure the safety and security of our EAP services.
2.
Security of Information

Our systems, infrastructure, encryption technology, operation and processes are all designed, built, and maintained with your security and privacy in mind. We apply industry standards and best practices to prevent any unauthorized access, use, and disclosure. We comply with all applicable laws and regulations regarding data privacy.

3.
Service Providers

We may employ third-party companies and individuals to facilitate our EAP services, to perform certain tasks which are related to the EAP services, or to provide audit, legal, operational, or other services for us. These tasks include, but are not limited to, customer service, technical maintenance, monitoring, email management and communication, database management, reporting and analytics. We will share with them only the minimum necessary information to perform their task for us and only after entering into appropriate confidentiality agreements.

4.
Children's Privacy

We do not knowingly collect or solicit any information from anyone under the age of 18 or knowingly allow such persons to become our client without the written consent of their parent or legal guardian.

5.
Compliance with Laws and Law Enforcement

We cooperate with government and law enforcement officials to enforce and comply with the law. We may disclose information necessary or appropriate to protect the safety of the public or any person, to respond to claims and legal processes (including but not limited to court orders), and to prevent or stop activity that may be illegal or dangerous. Counselors may be obliged to disclose information to law enforcement or other authorities to conform to their professional and legal responsibilities. Specifically, and without limitation, the law requires mental health professionals to disclose information and/or take action in the following cases: (a) reported or suspected abuse of a child or vulnerable adult; (b) serious suicidal potential; (c) threatened harm to another person; (d) court-ordered presentation of treatment.

6.
Changes to the Privacy Policy

We may update this privacy statement at our sole discretion. We encourage you to periodically review this page for the latest information on our Privacy Policy and practices. Regardless of changes to our Privacy Policy, we will never use the information you submit under our current privacy notice in a new way without first notifying you and giving you the option to stop using the EAP services.

7.
Retention of Personal Data

Personal Data is maintained only for as long as is necessary to fulfil the purposes we have outlined in this Privacy Policy, and to comply with legal obligations.

8.
Requesting, Reviewing and Changing Personal Data

You may request to review, change or update your information at any time. To do so or if you have any questions or concerns about this Privacy Policy or our privacy-related practices, please contact us at: connect@santulan.co.in