Wearable Privacy Policy

Wearable Privacy Policy

Sonata (also referred here as 'We', 'Us', 'Our') has created this Privacy Notice in order to demonstrate our privacy commitment to our users. Except for specific Sonata products or services providing independent privacy policy/notice, this privacy notice is intended to inform you of our privacy practices for our devices, applications and websites and how we process (gather, define, and use) personal data that you provide to us when you register on our smart wearables or the mobile application and leverage the services provided by us. This Privacy Notice will primarily help you understand:

  • The nature of data we collect from you
  • The sources from where your data is collected (including the cases where personal data is not directly collected from you)
  • The purpose of collecting your data
  • The manner in which your data is collected, stored, used and processed
  • The rights that can be exercised by you
  • The measures we take to keep the data safe.

We do not sell or trade your personal data or personally identifiable information. However, we may share the same with third parties who assist us in conducting our business, operating our Website/Application, or servicing you, so long as those parties agree to implement the necessary measures to keep this data secure.

Personal Data Collected Directly From You:

  • Account Information When you register at our smart wearables application or use the device, we may collect the following information about you, including but not limited to, Name, Contact, Date of Birth, Gender, Height, Weight, Sleep Goal, Step Goal, etc. The account information captured remains the same in case a minor registers at our mobile application or uses the device.
  • Additional Information To improve your experience of our services, you may choose to share additional personal information like activities performed by you like steps taken, sleep duration, activity log, food log, weight, sleep, alarm, etc. We may also collect and process your personal information like name, contact number, age, gender or fitness goal in case you choose to participate in any contest or competition.
  • Interaction With Our Partners You may choose to book timeslots with various health, fitness, wellness or swimming coaches through our mobile application. We may collect logs of such appointments to improve our services and provide an improved customer experience. Your personal data may also be captured if you book services with any of our other partners.
  • Payment And Card Information We may collect your credit card or debit card number, CVV code and expiration date to process a purchase made by you. This information is securely sent to your card network for the transaction approval which upon confirmation is sent back to complete the purchase order. We do not store any of your financial data.

Personal Data That Is Automatically Collected When You Use The Wearable Device/ Application:

When you use the smart wearable device or the mobile application, certain personal data may be collected automatically, which may include but is not limited to:

  • Data from sensors on the wearable device like heart rate, steps taken, sleep duration, etc. However, we do not take any accountability about the quality and accuracy of the data collected from these sensors on the wearables.
  • Activity log like steps taken, sleep time, etc.
  • Schedule or appointments with health, fitness, wellness or swimming coaches.
  • Your geographical location including GPS signals, cell tower IDs and Wi-Fi access points
  • Your usage information like IP address, bandwidth speed, browser type, language, operating system, cookie information, device or application identifier and information about the about the software programs that are installed on your system.
  • Standard server log information

Personal Data That We Collect From Other Sources:

We may receive information about you from publicly and commercially available sources (as permitted by law), which we may combine with other information we receive from or about you. We also may receive information about you from third-party social networking services when you choose to connect with those services or through any third party which may be integrated with Sonata to provide services

Non Personal Data Collected

We may also collect non personal data such as statistical data like daily usage events, page access events, page access time events, generated when you use a specific service and network monitoring data like request time, number of request or error request, application crash events etc.

We recognise the need to provide additional privacy protections with respect to personal information we may collect from children. A child is defined as someone under 18 years of age. When we collect personal information from children, we let parents set up the wearable devices for children and take additional steps to protect children’s privacy, including:

  • Notifying parents about our information practices regarding personal data about children, including the types of personal information we will collect, the uses to which we may put that information, and whether and with whom we may share that information.
  • In accordance with applicable law, obtaining consent from parents for the collection of personal information from their children
  • Limiting our collection of personal information from children to no more than is reasonably necessary for provision of services
  • Giving parents the ability to request access to personal information we have collected from their children and the ability to request that the personal information be changed or deleted.

PROVISION AND MAINTENANCE OF OUR SERVICES

Sonata may use the information collected from you to register you or your device for a Service, to provide a service or feature you request, to provide customized content and make recommendations based on your past activities on our Website/Application. We may also use your personal details for order processing, delivery of products, to send statements, invoices and payment reminders and to collect payments.

Improvement Of Product Or Service

When you allow us to collect precise information about you, we may use that information to improve and enhance existing Sonata products, services websites and applications, develop new offerings, recommendations, advertisements and other communications, and learn more about customers’ preferences in general. Further, we may use information provided by you to deal with enquiries and complaints made; to keep our website and other systems secure and to prevent fraud.

Statistics And Research

Sonata may use your information to create user group profiles or segment data and to otherwise create anonymous, aggregated statistics about the use of our products, services and loyalty programs, which we may share with third parties and/or make available to the public.

Communicating With You

We believe in being open, honest and transparent with our clients and suppliers and want you to feel comfortable about your decision to give us your personal information and how we use it. Sonata may use your information to provide you with product and service updates, newsletters and other advertisement and direct marketing communications about existing and/or new products and services by post, email, telephone, in-device messaging and/or text message (SMS), if you have provided your prior consent or we are otherwise permitted to do so under applicable law. In case of a financial transaction we may also communicate with you to authenticate your identity and confirm the transaction. We may also contact you if we need your support during audits, legal requests, claims or fraud investigation or to communicate regarding any query or complaints made by you. You can change your mind at any time and it is quick and easy to let us know that you no longer want to hear from us by contacting us at [email protected]

Publish Your Reviews, Comments And Content

Where you have uploaded product reviews, comments or content to our websites or Application and made them publicly visible, Sonata may link to, publish or publicize these materials elsewhere including in our own advertisements. Other Purposes: Sonata may use your personal data, as we believe to be necessary or appropriate:

  • under applicable law, including laws outside your state or country of residence;
  • to comply with legal process and to prevent, detect, or suppress abuse, fraud, or criminal activity;
  • to respond to requests from public and government authorities and self-regulatory organizations, including public and government authorities and self-regulatory organizations outside your state or country of residence;
  • to enforce our terms and conditions;
  • to protect our operations, assets, or interests or those of any of our affiliates;
  • to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and
  • To allow us to pursue available remedies or limit the damages that we may sustain

We will only use your data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you, explain the legal basis which allows Sonata to do so and obtain your consent for the same. Please note that in certain circumstances, we may process your personal data without knowledge or consent, in compliance with the applicable legal and regulatory requirements. Please note that if you wish to opt-out of any such processing activities for purposes other than the original purpose, you can reach out to us by writing to us at [email protected]

Our Grounds Of Processing Your Personal Information Are

Where you have given consent for the processing of data for a specific purpose

  • Processing is necessary to meet contractual obligations entered by you
  • Processing is required for performance of any function of the State as authorised by the law.
  • Processing is necessary for a legal obligation that the Company is subjected to or for compliance with any judgement made by Court or Tribunal.
  • Purposes related to employment; or in response to your application for a job that we have advertised about.
  • Processing is necessary to respond to any medical emergencies or to provide medical services to any individual at the time of an epidemic, outbreak or any threat to public health or to undertake any measure to ensure safety of individuals during any disaster or breakdown of public order.
  • Processing is necessary for other reasonable purposes pursued by our company which may include Reasonable purposes may include activities, such as fraud prevention, information security, mergers and acquisitions, recovering debt and processing publicly available personal data (among others, as specified by the Data Protection Authority (DPA/ Supervisory Authority)

We may disclose, share or transfer your personal data:

  • To any of our employees, officers, insurers, professional advisers, agents, partners, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy and for the purpose of providing services to you.
  • To any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
  • To our third party service providers who provide services such as website hosting and webinars. The information we provide to third parties service providers is subject to confidentiality obligations and is intended to be used solely for the purpose(s) permitted thereby.
  • We may employ third party entities, business partners and individuals to facilitate our Services (e.g. maintenance, analysis, audit, marketing and development). These third parties have limited access to your information only to perform these tasks on our behalf and are obligated to Sonata, not to disclose or use it for other purposes. All of our approved third party providers go through an extensive data protection compliance vetting process before being selected as a third party provider and are bound by all relevant data privacy laws, terms of confidentiality, and this Privacy Policy.
  • To a third party, in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings.
  • If you choose to use the Website/Application, you will be asked to confirm acceptance of the third party developer user agreement and Sonata’s privacy policy.
  • There may be instances when we disclose your information to other parties to comply with the law or respond to compulsory legal process or to verify or enforce compliance with the policies governing our Services or to protect the rights, property, or safety of Sonata, or any of our respective affiliates, business partners, or customers.

We will only retain your data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Your data will be transferred to India and stored on our secure servers in India. You may be able to delete some of the data stored through the mobile application or may write to us in case you want to exercise any of your data subject or data principal rights.We will destroy the personal data in a secure manner post retention period as per our internal data retention and destruction policy.

We offer a variety of choices about how we use your information. You can make choices about whether to receive promotional communications from us by following the unsubscribe instructions included in the communication. In addition, you can also generally make choices in your settings, or by visiting relevant links. In line with the applicable relevant privacy laws, you have the following rights with respect to the personal data that we hold and process about you:

  • Right to Be Informed
  • Right to Confirmation
  • Right to Access
  • Right to Correction (“Rectification”)
  • Right to Erasure (Right to Be Forgotten)
  • Right to Restriction of Processing
  • Right to Data Portability
  • Right to Object to Processing
  • Right to Not Be Subject to Automated Decision Making You can make a request by directly writing to us at [email protected] or through a Consent Manager. For your protection, we may only implement requests with respect to the Personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. The Company will act on all data subject requests received are processed without undue delay and respond within 30 Calendar working days as per timelines prescribed by Regulations, post completion of necessary verification checks)

Any grievances or complaints will be addressed in a timely manner and expeditiously within 30 days from the date of receipt of the grievance by Sonata. If you have any such grievances, please write to us at [email protected] and we will attempt to resolve your issues in a timely manner.

If at any time you require us to cease processing your additional personal data ( Your personal data collected for purposes other than providing basic services of our wearables technology), you may write to us (contact details at the bottom of the page). By following the appropriate directions, your record will be marked as “do not contact”, and you will no longer receive communications from Sonata except the ones which are required for us to provide you the service. Please note that we may need to retain certain personal data for as long as your account is active or as needed to provide you services, for record keeping purposes and/or to complete any undertaking that you began prior to requesting a change or deletion. There may also be residual information, which may be subject to a legal hold or subject to certain sectoral or regulatory retention requirements that will remain within our databases and other records, which will not be removed.

The security of your personal data is of great importance to us. We have put in place reasonable physical and technical measures to safeguard the information we collect in connection with the Services to ensure the protection of your personal data processed by us, which include but are not limited to the following:

  • Comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with the information assets being protected with the nature of business are available
  • Security measures deployed to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. These include secure socket layers, firewalls and encryption, internal reviews of our data collection, storage and processing practices, as well as physical security measures to guard against unauthorized access to systems
  • If we retain personal data on our systems, we restrict access to personal data to employees, contractors, and agents who need to know that information in order to operate, develop, or improve our Website and Services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination, if they fail to meet these obligations
  • Purposes related to employment; or in response to your application for a job that we have advertised about.
  • In the event of an information security/privacy breach, Sonata or a competent and duly authorized person having knowledge of and in possession of information relating to such security breach shall be prepared to demonstrate, as and when called upon to do so by the regulatory agency created under the applicable law, that the Company has taken all bonafide measures and have implemented security control measures in accordance with the Sonata documented information security programme and information security policies together with standards and codes of best practices in letter and spirit.
  • Such policies, standard or the codes of best practices have been certified or audited on a regular basis by entities by an independent auditor
  • However, please note that although we take reasonable steps to protect your personal data, no Application/website, Internet transmission, computer system or wireless connection is completely secure. Where we have given you (or where you have chosen) a password that enables you to access all or certain parts of our website, you are responsible for keeping this password confidential. We strongly suggest that you do not share your passwords with anyone.
  • If you have any issues or feedback related to security, please write to us at [email protected].

We may update this Privacy notice at any time to reflect changes in our practices and service offerings. If we modify this Privacy Policy, we will update the date on which the new Privacy Policy will be effective. We will notify you of any material changes in the way we treat your information by placing a prominent notice on our website/application.