About Products Heart Service

Privacy Policy

1. Introduction: Coway India Private Limited ("Coway India", "we", "us", or "our") is committed to protecting the privacy and personal data of our customers, employees, and partners. This Privacy Policy outlines our practices regarding the collection, processing, use, disclosure, and transfer of your personal information. This policy is designed to comply with the existing legal framework in India, including the Information Technology Act 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 ("SPDI Rules"), as well as the comprehensive requirements of the Digital Personal Data Protection Act 2023 ("DPDP Act") and its associated rules.

2. Information We Collect: We collect personal information and Sensitive Personal Data or Information (SPDI) necessary for our business operations. The itemised categories of data we may collect include:

  • Customer Information: Name, contact details, address, and product preferences collected for retail sales, installations, and inquiries.
  • Financial Information: Bank account details, credit card, debit card, or other payment instrument details required for facilitating transactions and offering financing or instalment-based sale plans.
  • Other SPDI: Passwords, and in specific operational contexts, physiological data, medical records, or biometric information.

3. Purpose of Collection and Processing: We will only collect your personal data for lawful purposes connected to our business functions and activities where the collection is considered necessary. Your data will be processed for the following specified purposes:

  • Providing retail sales, home-visit maintenance, and repair services for water purifiers (Heart Service).
  • Processing your payments, financing options, and rental agreements.
  • Communicating with you regarding your inquiries, service schedules, and grievance redressal.
  • Ensuring the completeness, accuracy, and consistency of the personal data being processed.
  • Complying with judgments, orders, or legal obligations under any law in force in India.

4. Consent and Withdrawal Your personal data is processed based on your free, specific, informed, unconditional, and unambiguous consent, obtained through clear affirmative action. You have the right to withdraw your consent at any time in writing or through electronic means. The process to withdraw consent is designed to be as easy as the process used to obtain it. Upon withdrawal of your consent, Coway India and our data processors will cease processing your personal data within a reasonable time, unless processing is otherwise authorized under applicable law.

5. Disclosure and Data Sharing: We may disclose your personal data to third-party data processors, service providers, affiliates, vendors, and distributors to effectively provide our services to you. We ensure that any third-party data processors are engaged under valid contracts that incorporate strict data protection obligations to safeguard your information. We do not disclose your SPDI to any third party without your prior consent, except when sought by governmental agencies or where necessary for compliance with a legal obligation.

6. Cross-Border Data Transfers: If your personal data needs to be transferred to any other entity within or outside India, we ensure that the transferee entity maintains the same level of data protection as mandated under Indian law. Such transfers will only occur if necessary for the performance of a lawful contract with you, or if you have explicitly consented to the transfer, and subject to any future restrictions notified by the Government of India.

7. Data Security Safeguards: We implement appropriate technical, organizational, and reasonable security safeguards to protect your personal data and prevent personal data breaches. Our comprehensive information security programme includes managerial, technical, operational, and physical security control measures that are proportionate to the information assets we protect, aligning with standards such as the IS/ISO/IEC 27001. In the event of a data breach, we are mandated to report the incident to the Data Protection Board of India and the affected data principals without delay.

8. Data Retention: We do not retain your personal data or SPDI for a period longer than is reasonably necessary to fulfil the purposes for which it was collected, or as required by any applicable laws. Once the specified purpose is no longer being served or upon your withdrawal of consent, we will securely erase your personal data and direct our data processors to do the same.

9. Rights of Data Principals: Under the DPDP Act and the SPDI Rules, you hold several rights regarding your personal data:

  • Right to Access: You may request a summary of the personal data being processed, the processing activities undertaken, and the identities of other data fiduciaries or processors with whom your data has been shared.
  • Right to Correction and Erasure: You have the option to review, correct, complete, update, or request the erasure of your personal data.
  • Right to Nominate: You have the right to nominate another individual to exercise your rights on your behalf in the event of your death or incapacity.

10. Grievance Redressal If you have any questions, discrepancies, or grievances regarding the processing of your personal data, you may contact our appointed Grievance Officer / Data Protection Officer. We are committed to resolving your grievances expeditiously, and our grievance redressal timeframe will not exceed one (1) month from the date of receipt.

  • Name of Grievance Officer: COO of Coway India Pvt. Ltd.
  • Contact Information / Email: +91-92201-65938 / dannyjeong@coway.com.in
  • Address: A 704, Kanakia Wall Street, Chakala, Andheri East, Mumbai 400093, Maharashtra, India.