Privacy Policy

PRIVACY POLICY

 

Entity: 1HAT TECHNOLOGY INDIA PRIVATE LIMITED

Registered Address: Old No. 11B, New No. 20, Pavadai Street, Erode – 638001, Tamil Nadu, India

Email: support@1hat.in

 

1. GENERAL

 

1.1 Who we are. 1HAT TECHNOLOGY INDIA PRIVATE LIMITED (“1hat”, “we”, “us”, “our”) manages and operates (i) the website https://onehat.in and (ii) two mobile applications under the brand name “1hat”: the patient app (“Patient App”) and the doctor app (“Doctor App”). Together, these are referred to as the “Website” for the purposes of this Privacy Policy. The Patient App enables users to view and manage health records and order products/services; the Doctor App provides professional tools for authorised doctors.

 

1.2 What this policy covers. This Privacy Policy, read with our Terms & Conditions (available at https://onehat.in/terms), explains how we collect, use, disclose, process, transfer, and store information when you use the Website, Patient App, or Doctor App. By using these services, you consent to the practices described here.

 

1.3 Legal basis & record form. This electronic record is governed by the Information Technology Act, 2000 and applicable rules (including the SPDI Rules, 2011), as amended. It does not require physical or digital signatures.

 

1.4 Your choice. You may withdraw consent at any time for specific processing activities by writing to support@1hat.in. Withdrawal may limit or disable some features. Processing already performed under prior consent remains lawful.

 

1.5 If you don’t agree. If any part of this Privacy Policy or our Terms is unacceptable to you, please discontinue use of the Website, Patient App, and Doctor App.

 

1.6 Third-party analytics (website). We partner with Microsoft Clarity and Microsoft Advertising to capture behavioural metrics, heatmaps, and session replay to improve and market our products/services. Data is captured using first- and third-party cookies and other tracking technologies for optimisation, fraud/security, and advertising. See the Microsoft Privacy Statement for details.

 

 

2. INFORMATION WE COLLECT

 

2.1 General personal information (“Personal Information”). Name, gender, date of birth, email, phone, address, account preferences, and usage/interaction data.

 

2.2 Sensitive Personal Data or Information (“SPDI”). Where applicable:

Passwords;

Financial data (bank/card/payment instrument details) when you transact;

Physical, physiological, or mental health condition and health records;

Biometric identifiers (if ever enabled with explicit consent);

Any detail relating to the foregoing provided for services; and data received/processed under lawful contract.

 

2.3 Doctor App – professional data.

Doctor identity & credentials (registration number, specialty, clinic/hospital affiliation);

Manually provisioned login credentials (accounts are created by 1hat after verification);

Patient details entered by the doctor (e.g., name, phone, gender, DOB, visit info);

Consultation recordings, transcripts, and AI-generated summaries (created only when the doctor confirms patient consent has been obtained);

Sharing metadata (time, channel—WhatsApp/Patient App—authorised by doctor).

 

2.4 Patient App – medical and order data.

Prescriptions and health records shared by your doctor;

Orders, delivery, invoice and payment details;

Support communications and preferences.

 

2.5 Children / Minors (under 18).

Our services are not directed to minors independently. However, health records for a person under 18 may be created/processed when the treating doctor confirms that a parent or legal guardian has consented.

Where applicable, access to a minor’s records on the Patient App must be operated by the parent/guardian (or by the minor only through a parent/guardian-managed account). We rely on the doctor’s representation and/or reasonable verification steps that such consent has been obtained.

Parents/guardians may exercise data rights on behalf of the minor (see Section 8).

 

 

3. HOW WE USE INFORMATION

 

3.1 Provide and improve services.

Create and manage accounts;

Record, transcribe, and AI-summarise consultations (Doctor App) for clinical documentation;

Generate structured health records and share with the patient via WhatsApp or Patient App at the doctor’s instruction;

Fulfil orders, payments, delivery, and customer support;

Send confirmations, invoices, security alerts, and service updates.

 

3.2 Safety, research, and compliance.

Fraud, security, and abuse monitoring;

Internal analytics/audits and product improvement (using anonymised/aggregated data where possible to improve transcription/summarisation quality and safety);

Legal/regulatory compliance and responding to lawful requests.

 

3.3 Marketing (website, permitted channels).

With your consent/legitimate interest, send product or feature updates, offers, service announcements, and surveys. You can opt out anytime (Section 7).

 

 

4. DISCLOSURE & TRANSFERS

 

4.1 Service providers (processors). We may share data with vetted vendors that host, process, or support our services (e.g., cloud infrastructure, speech-to-text, AI summarisation, messaging/WhatsApp APIs, payments). They are bound by confidentiality and security obligations and may process data in India or other jurisdictions with appropriate protections.

 

4.2 Legal. When required by law, regulation, legal process, or government request; or to protect rights, safety, or property of users and 1hat.

 

4.3 Business changes. In connection with mergers, acquisitions, financing, or sale of assets, your data may be transferred subject to safeguards at least as protective as this Policy. You may opt out if the new entity’s processing materially differs.

 

4.4 Payments. Payment gateways collect/process your Financial Information for billing. Authentication is performed by you with the payment provider; 1hat does not store full card data. We are not responsible for third-party gateway actions or disputes (see T&Cs).

 

4.5 Cross-border transfers. Your information may be transferred and stored outside India to enable service delivery. By using our services, you consent to such transfers, subject to contractual and technical safeguards.

 

 

5. SECURITY

 

5.1 Measures. We use industry-standard controls including encryption at rest (e.g., AES-256), TLS in transit, firewalls, access controls, audit logs, and least-privilege role-based access.

 

5.2 Doctor App specifics. Consultation recordings/transcripts/summaries are encrypted; access is limited to the treating doctor and authorised clinic personnel. Access and major actions may be logged.

 

5.3 No absolute guarantees. While we take reasonable measures, no system is completely secure. You agree not to hold us responsible for breaches beyond our reasonable control.

 

 

6. COOKIES & TRACKING (WEBSITE)

 

6.1–6.6 We collect IP address, device/browser details, referring/exit URLs, and usage patterns to improve services. We use cookies and similar technologies (including permitted third-party ad/analytics cookies). You may disable cookies, but some features may not function properly.

 

 

7. CHOICES & OPT-OUT

 

7.1 You may opt out of non-essential marketing emails/SMS/notifications via the unsubscribe link or by emailing support@1hat.in.

 

7.2 Transactional/critical communications (security alerts, order/record notices) will still be sent.

 

 

8. YOUR RIGHTS

 

8.1 Access, correction, deletion, portability (where feasible)—email support@1hat.in.

 

8.2 Minors’ rights. Parents/guardians may exercise rights for the minor’s data. Deleting core medical records may be restricted where retention is required by professional or legal norms.

 

8.3 Withdrawal of consent may limit features (e.g., recording/transcription/sharing).

 

 

9. RETENTION

 

9.1 We retain data as long as necessary for service delivery, legitimate interests, and legal/professional obligations (including medical record-keeping norms). Upon valid deletion requests, we will remove data from active systems and, within a reasonable time, from backups.

 

 

10. CHANGES

 

10.1 We may update this Policy. Significant changes will be notified in-app/email. Continued use after the effective date constitutes acceptance.

 

 

11. GRIEVANCE REDRESSAL / CONTACT

 

Email: support@1hat.in

Address: Old No. 11B, New No. 20, Pavadai Street, Erode – 638001, Tamil Nadu, India

 

 

12. GOVERNING LAW & JURISDICTION

 

12.1 This Policy is governed by the laws of India. Courts at Chennai, Tamil Nadu shall have exclusive jurisdiction.

PRIVACY POLICY

GENERAL

1.1 1HAT TECHNOLOGY INDIA PRIVATE LIMITED, a company incorporated under the laws of India, having its registered address at Old No. 11B, New No. 20, Pavadai street, Erode – 638001, Tamil Nadu, India (“1hat”, “we”, “us” or “our”) manages and operates a website located at the URL https://onehat.in and a mobile application under the brand name ‘1hat’ (collectively referred to as the “Website”) where you can place orders to purchase the Products and/or Services offered by us to the users of the Website (“User” or “Users” or “you” or “your”).

1.2 This privacy policy (“Privacy Policy”), together with the Terms and Conditions (available at https://onehat.in/terms)governs your use of the ” Website” and describes our policies and procedures on the collection, use, disclosure, processing, transfer, and storage of the information provided to us by you.

By using, browsing, accessing, or purchasing from the ”Website” you agree to be bound by the terms of this Privacy Policy and consent to the collection, storage, possession, dealing, handling, sharing, disclosure or transfer of your information in accordance with the terms of the Privacy Policy. We shall not use the User’s information in any manner except as provided under this Privacy Policy. Capitalised terms used herein if not defined shall have the same meaning as ascribed to them under the Terms.

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

1.3 This document is an electronic record and is governed by the provisions under the Information Technology Act, 2000 and rules made thereunder as may be applicable, and the amended provisions pertaining to electronic records in various statutes as amended by the Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures.

1.4 This Privacy Policy sets out the type of information collected from the Users, including the nature of the Sensitive Personal Data or Information (defined hereinafter), the purpose, means and modes of usage of such information and how and to whom such information shall be transferred or disclosed by us. You may, at any time withdraw your consent for collection and use of your information including Personal Information (defined hereinafter) or Sensitive Personal Data or Information. However, please note that if you withdraw your consent, we may no longer be able to provide you with the corresponding service for which you have withdrawn your consent. It is hereby clarified that your decision to withdraw your consent will not affect the processing of Personal Information based on your previous consent prior to the withdrawal.

1.5 Please take a moment to familiarize yourself with our Privacy Policy. If you do not agree with any provisions of the Terms or this Privacy Policy, we advise you to not use or access the “Website”.

TYPE OF INFORMATION COLLECTED

2.1 You may be asked to provide your information anytime you visit, access, use or browse the “Website”. We may share information and use it consistent with the provisions of this Privacy Policy. We may also combine it with other information to provide and improve our Products, services, content and advertising.

2.2 You agree to provide information, which shall be true, correct, up to date and accurate. You may access, amend, alter or require deletion of your information partially or fully by contacting us at 1hat.nalam@gmail.com

2.3 The Website is not directed towards minors. We do not knowingly collect Personal Information from any User who is under 18 (Eighteen) years. If we are made aware that we have collected the Personal Information of a person below the age of 18 (Eighteen) years, we will take steps to delete the information within a reasonable time. If a parent or guardian becomes aware that his or her child has provided his/ her information on the Website without their consent, he or she shall contact us for the deletion of such information. In the event of a person below the age of 18 (Eighteen) uses the services in contravention to the Privacy Policy and Terms, we shall not be held liable or responsible for any damage or injury suffered by such person.

2.4 We may collect a variety of information from you, including your name, password, mailing address, phone number, email address and contact preferences, including any other usage and interaction details with us or our affiliates. We may collect such information which when combined with other pieces of information available with us could reasonably allow you to be identified (“Personal Information”). Personal Information shall include but is not limited to your full name, personal contact numbers, residential address, email address, gender or date of birth.

2.5 We may also collect, receive, process or store certain sensitive personal data or information consisting of, but not limited to:

2.5.1 Password;

2.5.2. Financial information such as bank account or credit card or debit card or other payment instrument details;

2.5.3 Physical, physiological and mental health conditi on;

2.5.4 Any detail relating to the above Personal Information categories as provided to us for providing service;

2.5.5 Any of the information received under above Personal Information categories by us for processing, stored or processed under lawful contract or otherwise;

2.5.6 Biometric information;

2.5.7 Any detail relating to the above Personal Information categories as provided to us for providing service; and Any of the information received under the above Personal Information categories by us for processing, storing, under lawful contract, or otherwise.

2.5.8 (Collectively, referred to as “Sensitive Personal Data or Information”).

USE OF INFORMATION COLLECTED

3.1 We may collect, use or process your information including Personal Information and Sensitive Personal Data or Information for the following purposes:

3.2 For creating and giving you access to your registered account on the Website.

3.3 To develop, deliver, process and improve our Products, services, content in order to personalize and improve your experience.

3.4 To inform you about our Products, services, offers, updates, upcoming events, including providing you information in relation to order confirmations, invoices, technical notices, security alerts.

3.5 For internal analytical and research purposes such as auditing, data analysis and research to improve Our Products, services and customer communications.

3.6 To meet any legal or regulatory requirement or comply with a request from any governmental or judicial authority.

3.7 To resolve any request, dispute, grievance or complaint raised by you in relation to your use of the Website.

3.8 To detect or monitor any fraudulent or illegal activity on the Platform.

DISCLOSURE OF INFORMATION COLLECTED

4.1 We may from time to time be required to disclose the information collected from you to our trusted third party service providers who assist us in order to facilitate the provision of services and purchase of Products on the Website. For instance, we may share your information with third party payment gateway providers to process transactions on the Website. By using the Website, you consent to any such disclosure of your information with third party service providers. We ensure that such third party service providers are bound by reasonable confidentiality obligations and/or use, maintain and follow generally accepted industry and security standards with respect to such information.

4.2 We may also disclose your information when such disclosure is requisitioned under any law or judicial decree or when we, in our sole discretion, deem it necessary in order to protect our rights or the rights of other Users, to prevent harm to persons or property, to fight fraud and credit risk.

4.3 We may also disclose or transfer your information to any third party as a part of reorganization or a sale of the assets, division or transfer of a part or whole of us. We shall ensure that third party to which we transfer or sell our assets will have appropriate confidentiality and security measures, at least as protective as those described in this Privacy Policy, to handle your Personal Information. You will have the opportunity to opt out of any such transfer if the new entity’s planned processing of your information differs materially from that set forth in this Privacy Policy.

4.4 A third party payment gateway provider may be required to collect certain financial information from you including, but not restricted to, your credit/debit card number or your bank account details (collectively referred to as “Financial Information”). All Financial Information collected from you by such third party payment gateway providers will be used only for billing and payment processes. The Financial Information collected from you is transacted through secure digital platforms of approved payment gateways, which are under encryption, thereby complying with reasonably expected technology standards. The verification of the Financial Information shall be accomplished only by you through a process of authentication in which we shall have no role to play and hence, we shall bear no liability in relation to the same. We shall neither be liable nor responsible for any actions or inactions of the third party payment gateway providers or any breach of conditions, representations and warranties given by them. We shall also not be obligated to mediate or resolve any dispute or disagreement between you and such third party payment service providers.

4.5 While we make best efforts to ensure that your information including Personal Information, Financial Information and Sensitive Personal Information or Data is duly protected by undertaking security measures prescribed under applicable laws, you are strongly advised to exercise reasonable discretion while providing Personal Information or Financial Information while using the services given that the Internet is susceptible to security breaches.

4.6 Your information may also be transferred, stored or processed in any country other than the country in which you access the Website. For purposes of sharing or disclosing data in accordance with the Privacy Policy, we reserve the right to transfer your information outside of your country. By using the (Website, you consent to such transfer of your information outside of your country and also within our affiliates, subsidiaries and partners whose personnel and subcontractors, provided they have agreed to ensure the same level of data protection as prescribed under this Privacy Policy and the data protection laws of India. The information may be transferred in the event it is necessary for the performance of the services, operation of the Website and provision of Products as agreed upon between us and the third party .

SECURITY

5.1 The security of your Personal Information is important to us. We have implemented security policies, rules and technical measures, as required under applicable law including firewalls, transport layer security and other physical and electronic security measures to protect the Personal Information that it has under its control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss. When you submit your information on the Website, your information is protected through our security systems. Please note that we use international and industry-recognized standards as per applicable laws, rules and regulations.

5.2 Your information is contained within secured networks and is only accessible by a limited number of authorized persons who have access rights to such systems or otherwise require such information for the purposes provided in this Privacy Policy. These authorized persons are also under an obligation to keep such information confidential.

5.3 Although we make best possible efforts to transmit and store all the information provided by you in a secure operating environment that is not open to public, you understand and acknowledge that there is no such thing as complete security and we do not guarantee that there will be no unintended disclosures of any information and potential security breaches. You agree not to hold us responsible for any breach of security or for any action of any third parties that receive your Personal Information or events that are beyond our reasonable control including, acts of government, computer hacking, unauthorized access to computer data and storage device, computer crashes, breach of security and encryption, etc.

COOKIES POLICY

6.1 Due to the communications standards on the Internet, when you visit, access or browse the Website, we automatically receive the uniform resource locator of the site from which you visit, access or browse the Website, details of the sites you visit on leaving the Website, the internet protocol (“IP”) address of each User’s computer operating system, type of web browser the User is using, email patterns, and the name of the User’s internet service provider. This information is used solely to analyse overall User trends and to help us improve our services. Please note that the link between the User’s IP address and the User’s personally identifiable information is not shared with third parties without User’s permission or except when required by law or to provide or facilitate the User with the services. Notwithstanding the above, the User acknowledges that we reserve the right to share some of the aggregate findings, including the personal information provided by the Users in an unidentifiable, aggregate form, and not the specific data with advertisers, sponsors, investors, strategic partners, and others in order to help grow the business. The amount of information sent to us depends on the settings of the web browser used by the User to access the Website. The User may refer to the browser used, if the User wishes to learn what information is provided to us.

6.2 The Website uses temporary cookies to store certain data. We do not store Personal Information in the cookies. Information collected by us, by any means whatsoever, that does not personally identify the User as an individual (such as patterns of utilization described above) is exclusively owned by us and may be used by us and third party service providers for technical administration of the Website, user administration, research, development, and other purposes.

6.3 You understand that you may set or amend your web browsers to delete or disable cookies. If you choose to disable cookies on your computer or mobile telecommunication device, it may impair, degrade or restrict access to certain areas of the Website.

6.4 We may allow other companies or entities to serve advertisements to you. These companies or entities include third party advertisement servers, advertisement agencies, and advertisement technology vendors. We may target some advertisements to you that fit a certain general profile. We do not use Personal Information to target advertisements to you. In the course of serving advertisements or optimizing the services to its Users, we may allow authorised third parties to place or recognize a unique cookie on the User’s browser.

6.5 We may keep records of all communications, both voice telephone calls and non-voice digital chats and emails received from and made to Users for the purpose of administration of services, research and development, training, business intelligence, business development, or for User administration. We may share such telephone records with third parties when required by law or when required to provide or facilitate the User with the services.

6.6 You consent to our reproduction/publishing of all testimonials and reviews given by you on the Website in relation to the services or the Products. You agree that we may edit the testimonials and reviews provided by you and reproduce/publish such edited or paraphrased versions of the testimonials and reviews on the Website. If the User has any concerns with the reproduction/publication of any testimonial or review provided by you, the User may contact us at 1hat.nalam@gmail.com

OPT-OUT POLICY

7.1 The third party service providers with whom we may share information provided by you are not permitted to market their own services or send promotional e-mails or engage in promotional communication with you. We provide you with the opportunity to opt-out of receiving non-essential, promotional, or marketing-related communication from itself or its partners.

7.2 If you wish to remove your contact information from all our mailing lists and newsletters, you can click on the “unsubscribe” link or follow the instructions in each e-mail message. Alternatively, you can contact us at 1hat.nalam@gmail.com We reserve the right to limit membership based on availability of contact information. All Users will be notified by email prior to any actions taken.

Retention of information

8.1 We will retain your information and any data for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted under the applicable law.

MODIFICATION

9.1 We reserve the right to amend this Privacy Policy at any time. The Privacy Policy, as and when modified, shall be updated on the Website. We encourage you to review this Privacy Policy whenever you visit our Website to understand how your Personal Information is used.

GRIEVANCE REDRESSAL

10.1 In case, you have any questions, grievance or complaints about this Privacy Policy, or about the Platform, you may contact our grievance officer.

GOVERNING LAW

11.1 The terms of this Privacy Policy shall be governed and construed in accordance with the laws of India. Any dispute regarding or arising out of this Privacy Policy shall be subject to the exclusive jurisdiction of the courts in Chennai, Tamil Nadu.

SEVERABILITY

12.1 Whenever possible, each section of this Privacy Policy shall be interpreted in a manner so as to be valid under applicable law. However, in the event of any provision is held to be prohibited or invalid, such provision shall be ineffective only to the extent of such prohibition or invalidity, without invalidating the remainder of such provision or other remaining provisions of this Privacy Policy.

CONTACT:
1HAT TECHNOLOGY INDIA PRIVATE LIMITED,
20, Pavadai street, Erode – 638001
Tamil Nadu, INDIA

1hat.nalam@gmail.com