Terms & Conditions

A detailed description of how each category is collected is provided in Section 3 below.

You may access this Policy and any consent requests in English or Hindi, and we will make them available in other languages listed in the Eighth Schedule to the Constitution upon reasonable request, to ensure that you fully understand the information before providing consent.

2.  PURPOSE OF PROCESSING

Your Personal Data is processed for the following specific, lawful and necessary purposes:

1. Account Management: Manage user registration, create and verify your account, authenticate your identity, administer ongoing account access and profile management

2. Service Delivery: Deliver our Services including but not limited to full-body analysis, genetics, metabolism, cellular health testing, and advanced imaging, AI insights generation, and personalised care wellness.

3. Use of AI and Third-Party Models: Biopeak uses artificial intelligence systems, including third-party foundational models, to process de-identified and pseudonymised health data for the purpose of generating wellness and clinical support insights. Identifiable personal data is not shared with external AI providers. All processing is conducted in accordance with user consent and applicable data protection laws, with appropriate technical and organisational safeguards in place. AI-generated outputs remain subject to review by qualified medical professionals.

4. Teleconsultation Support: Provide tele-consultation support by  RMPs, nutrition experts and support staff, and enabling the Company’s proprietary AI agent to participate in and record video consultations with patients conducted through third party video conferencing platforms (such as Google Meet, Zoom etc,.) or the Platform, subject to prior consent; and use such recorded video consultations for the purpose of analysing the patient’s disease condition, clinical presentation, and health status, to create, build, or update the patient’s risk profile and care plan by the AI agent, treating RMPs, or both acting jointly or severally, based on existing Personal Data and data generated during the tele consultation, and use recorded consultations for internal clinical quality assurance and training of professionals and AI Agent engaged in Service delivery.

5.   AI Agent Support: Enable the AI agent to access, review, and process all Personal    Data submitted by the patient or generated in the course of treatment including          medical reports, prescriptions, biometric data, disease history, and data narrated by    patients during tele-consultations for the purpose of generating analysis reports,prepare AI summaries of medical reports, and health assessment, provide necessary clinical assistance, recommendations, and decision support to treating RMPs through the AI agent in connection with agreed services, enable the patient-facing AI agent to communicate with patients, respond to health-related queries, and generate further Personal Data from such interactions, all of which shall be processed in accordance with this Policy; and to undertake any activity that is reasonably required to deliver the agreed services between the Company and the patient.

6. Health Insights and Analysis: Generate personalized health assessments, generate reports, risk assessments, lifestyle recommendations and AI agent-powered wellness insights.

7. Diagnostic Coordination: Coordinate with laboratory partners, receive diagnostic test results, and integrate results into your health profile for analysis

8. Health Monitoring and Follow-up: Monitor your health status, track progress, provide follow-up recommendations, and alert you to significant findings or health changes

9. Medication and Supplement Guidance: Generate pharmacology profiles and provide personalized medication and supplement recommendations based on your testing data 

10. Research and Development, and Analytics: Conduct de-identified statistical analysis, conduct internal research and analytics (including on de-identified data) to evaluate program safety, effectiveness and outcomes; develop new features and services, research on health trends and wellness outcomes, development and refinement of diagnostic interpretation frameworks, enhancement of analytical models and algorithms used in multi-parameter health assessment, validation and optimisation of biomarker panels, quality improvement and performance validation of Biopeak’s diagnostic and analytical workflows; and, development of proprietary health optimisation and risk stratification models. 

11. Training of AI Agents and AI tools:  Train, fine-tune, evaluate, and improve Biopeak’s proprietary AI agents, algorithms, and analytical tools using de-identified or pseudonymised data generated through the use of Platform and in course of the Services. 

12. Payment Processing: Process subscription payments, manage renewals, handle refunds, chargebacks, and billing inquiries

13. Customer Support: Respond to your questions, feedback, grievances and support requests; improve quality and responsiveness of support

14. Communication: Send transactional communications (account confirmations, report delivery notifications, appointment reminders, security alerts)

15. Marketing: To contact you regarding new services, testing packages, wellness programs or research opportunities; you may withdraw this consent at any time without affecting Services. 

16. Legal Compliance: Comply with applicable Indian laws, regulations, professional obligations, court orders, or government authority requests

17. Fraud Prevention and Security: Detect, prevent, investigate and respond to fraud, misuse, security incidents, or violations of law; protect the rights and safety of the Company, users, and the public

18. Policy Enforcement: Enforce our terms and conditions, program rules and applicable policies; investigate potential violations and manage disputes

19. Performance Improvement: Analyze usage patterns and technical data to maintain and improve Platform security, stability, performance and user experience

We may process de-identified or anonymized data (data that cannot identify you) for research, analytics and operational improvement. Such de-identified data may be used without further notice or consent to support research, statistical modelling, and operational optimization. 

The Company may also contact you separately to seek fresh consent for participation in future studies and research projects, additional testing, or new uses of your Personal Data. You are under no obligation to participate in such future activities or provide additional consent, and refusal will not affect your access to existing Services.

You may opt out of any of the above listed purposes at any time by contacting us, in accordance with the procedure described in Section 6 of this Policy. 

3. COLLECTION & GENERATION OF PERSONAL DATA

1. When do we collect Personal Data  Directly from You

We collect Personal Data directly from you when you:

1.  Request an invite for our team-members to reach out to you 

2. Complete health questionnaires, risk assessments or onboarding forms

3. Create an account or profile on the Platform

4. Purchase a testing package or service subscription

5. Upload or provide medical documents, family health history or personal health information

6. Communicate with our team via email, WhatsApp, chat, phone or video consultation

7. Contact customer support or provide feedback

During onboarding and service setup, you may provide: name, sex, gender, date of birth, medical history, family health history, current medications, allergies, lifestyle information, dietary habits, exercise patterns, sleep quality, stress levels, health goals, and any other health-related information relevant to assessment.

As you use the Platform, you may provide: progress updates, changes to health status, responses to follow-up assessments, wellness tracking inputs, updates to personal profile, and any additional health information you wish to share.

2. Personal Data Collected from Analysis and Laboratory Testing

If you enrol in our diagnostic testing services:

• We collect biological and other samples (saliva or blood, hair strand etc) for undertaking Multiomics testing (genetic/organic acids/cortisol/microbiome);

• Laboratory partners analyse samples and receive diagnostic findings, test reports, and clinical interpretations from accredited laboratories;

You authorize these collections through explicit consent when enrolling in our diagnostic testing services.

3. Personal Data Collected from Biometric Assessments and Devices

We collect biometric data through:

• Direct measurements during assessments (blood pressure, heart rate, body composition, metabolic rate);

• Authorized integrations with wearable devices and AI agent-linked health platforms (Apple HealthKit, Google Health Connect, Fitbit, Apple Watch, Whoop, smart scales);

• Smart health devices you authorize to connect to the Platform.

Such data may include: vital signs, body composition metrics, activity levels, sleep patterns, heart rate variability, blood glucose readings, and fitness metrics. These integrations occur only with your explicit authorization and may be discontinued at any time by revoking access through the Platform or device settings.

4. Personal Data Generated During Service Provision

Our health and wellness professionals may generate Personal Data including:

• Health assessment reports and diagnostic conclusions;

• AI-generated risk assessments and wellness insights;

• Personalized recommendations for diet, lifestyle, supplements or further testing;

• Clinical notes, observations and follow-up plans;

• Interpretation reports and profiles.

This data is created to ensure accuracy, clinical quality and personalized service delivery.

5.  Personal Data Collected Through Cookies, Analytics and Similar Technologies

We automatically collect when you access the Platform:

• Device identifiers, operating system, browser details;

• IP address, system logs, crash reports, timestamps;

• Navigation patterns, usage analytics, performance metrics;

• Cookies and similar tracking technologies for essential functions, preferences, experience enhancement and behaviour analysis;

You may adjust browser or device settings to restrict cookies; however, this may impact Platform functionality.

Analytics and performance monitoring tools may receive pseudonymized or aggregated information to analyze usage trends and improve Platform functionality, subject to appropriate contractual safeguards.

6.  Recorded Video or Audio Consultations (With Explicit Consent)

Tele-consultation Consent for RMP-Initiated Calls: Where a video consultation is initiated by an RMP, a separate tele-consultation consent shall be obtained from the patient before each such session. Further, video or audio consultations may be recorded using our proprietary AI agent, only with your explicit prior consent obtained before the consultation begins. You will be informed at the consultation start if recording is proposed, and participation is entirely voluntary.

Recordings may capture: your voice, face, surroundings, or (where medically relevant) images of body parts for demonstration purposes (e.g., showing injection techniques or physical assessments).

Recordings are collected solely for: accuracy and continuity of care, safety supervision, clinical quality assurance, internal training, and legal/regulatory compliance.

If you decline recording, we will provide alternative consultation methods where feasible. All recordings are:

• Encrypted and securely stored

• Accessible only to authorized personnel on strict need-to-know basis

• Retained only as long as necessary or as required by law

• Never used for promotional purposes

7. Voluntary Non-Participation and Consequences

You may decline to provide certain Personal Data categories; however, this may affect our ability to deliver relevant Services. Where refusal prevents fulfilment of any specific  Services, we may be unable to provide the said Service. .

8. Collection and Retention Agency

Biopeak Wellness Private Limited is the agency collecting and retaining your Personal Data for the purposes stated in this Policy.

4.  SAMPLES, RESULTS AND ASSOCIATED HEALTH DATA 

1. When you enrol in our Services, you will be required to provide your informed, voluntary and explicit consent for the collection of your samples and for the generation of diagnostic reports and test results. The resulting reports, findings and associated Personal Data shall be processed strictly for the purposes described in this Policy and shall be protected through appropriate technical, organisational and administrative safeguards in accordance with applicable law.

2. The Company shall ensure that samples are either: (a) destroyed or securely disposed of once the purpose for which they were collected has been fulfilled; or (b) retained only in a de-identified or irreversibly anonymised form that is not capable of identifying you or being linked back to your identity.

3. Where the Company proposes any additional use of your identifiable samples or Personal Data beyond the purposes originally consented to, we shall obtain your separate and specific consent. You are under no obligation to provide such additional consent, and refusal shall not affect your access to existing Services.

4. You acknowledge that de-identified or irreversibly anonymised data may be used for lawful scientific and research purposes, including but not limited to quality improvement, validation, enhancement of medical accuracy, development of new knowledge, and improvement of the safety and efficacy of our medical tests/examination//diagnosis/analysis studies and Services. 

5. Such de-identified or anonymised data may also be shared with accredited laboratories, research institutions, affiliated entities or scientific partners strictly for lawful research and development purposes, subject to appropriate contractual, confidentiality and security safeguards consistent with this Policy and applicable law. Where external Contract Research Organisations (“CROs”) or specialist laboratories are engaged to support Biopeak’s internal R&D activities, such engagement shall be strictly for specific technical or analytical services that Biopeak does not perform in-house. Any such CRO or laboratory shall be bound by appropriate contractual obligations of confidentiality and data protection and shall not use the data for any independent research or disclose it to any further party. R&D findings shall not be published or shared externally without further notice to you where required under applicable law.

5. CONSENT MECHANISMS

Your consent is obtained through clear and affirmative actions, including:

• Checkboxes (ticked to consent)

• Toggles (switched to “on” to consent)

• Confirmation buttons or statements

• Presented during onboarding or at the point of data collection

Separate, unbundled consent is obtained for specific processing activities requiring explicit authorization:

1. Diagnostic testing and analysis

2. Recording of video or audio consultations

3. Health data integration from third-party devices or applications

4. Use of data for research and analytics

5. Use of data for internal R&D, as described in a separate consent form and Section 2(xii) of this Policy)

6. Training of AI agents and AI tools

Languages: In accordance with the DPDP Act, consent requests are available in English and Hindi and may be provided in additional Eighth Schedule languages upon reasonable request.

Consent text is presented in clear, understandable language in your chosen language, enabling you to make an informed choice before providing consent.

6.  WITHDRAWAL OF CONSENT

You may withdraw your consent at any time by emailing us on compliance@biopeak.health. Withdrawal may limit or prevent our ability to provide some or all Services but will not affect the lawfulness of processing undertaken prior to withdrawal.

Following withdrawal, we will:

1. Cease processing your Personal Data for the withdrawn purpose

2. Ensure any Data Processors (third parties processing on our behalf) also discontinue processing

3. Retain data only where retention is legally required

Withdrawal requests are processed within 72 hours. Withdrawal does not affect the lawfulness of processing already completed prior to withdrawal.

Where you withdraw consent specifically for the use of your data for internal R&D purposes and or for training of AI agents and AI tools, such withdrawal shall operate prospectively only from the date of receipt of your written withdrawal notice. You acknowledge that AI models which have already been trained using your data in de-identified or pseudonymised form, and any research activity already conducted using such data, cannot be individually retrained, reversed, or modified to remove the contribution of your data, as model weights are an aggregated mathematical output that cannot be attributed to or extracted for any individual data contributor. Upon receipt of a valid withdrawal notice, Biopeak will ensure that your Personal Data is excluded from all future AI training activities and any new R&D activity. 

7. . SHARING AND DISCLOSURE OF PERSONAL DATA

We do not sell, rent, or commercially exploit your Personal Data.

We disclose Personal Data only where necessary for Service provision or where required under applicable law. All disclosures are subject to appropriate contractual and organizational safeguards, including Data Processing Agreements requiring processors to maintain confidentiality, security and purpose limitation. Following table describes the particulars of the data to be disclosed, the recipients and the purpose.