PRIVACY POLICY
Your Privacy, Our Promise
We believe your health data is sacred. This policy explains exactly what we collect, how we use it, and how you stay in control at all times.
KEY TAKEAWAYS
- We never sell your personal or health data to third parties.
- Health calculator results are processed locally on your device whenever possible.
- You can download, modify, or delete all your data at any time.
- End-to-end encryption protects your data in transit and at rest.
- We comply with India's DPDP Act 2023 and international healthcare data protection standards.
Information We Collect
In plain English
We only collect what is necessary to provide you with personalised health insights. You choose what to share, and we are transparent about what we gather automatically.
Information You Provide Directly
When you create an account or use our health tools, you may choose to provide the following information:
- Account details: name, email address, date of birth
- Health calculator inputs: body measurements, cycle data, dietary information
- Profile preferences: language, notification settings, display preferences
- Communications: messages to our support team, feedback submissions
Information Collected Automatically
When you use SHELY, we automatically collect certain technical information to improve your experience:
- Device and browser information (type, version, operating system)
- Usage patterns and feature interactions
- General location data (city or country level only)
- Performance metrics and error reports
Your health calculator results are processed locally on your device whenever possible and are never stored permanently without your explicit consent.
How We Use Your Information
In plain English
We use your information solely to provide and improve our health services. We never sell or share your data for advertising purposes.
Core Health Services
Your information helps us deliver personalised health insights and tools:
- Generate personalised health recommendations based on your inputs
- Connect you with appropriate healthcare professionals
- Send relevant health reminders and educational content
- Provide customer support and assistance
Platform Improvement
We use aggregated, anonymised data to improve SHELY for all users:
- Improve health calculator accuracy and reliability
- Develop new features for women's health and wellness.
- Conduct anonymised research to advance healthcare
- Personalise content based on your interests and needs
Legal Compliance
We may process your information to comply with legal obligations:
- Respond to lawful requests from regulatory authorities
- Fulfil tax and financial reporting requirements
- Investigate and prevent fraud or security incidents
- Enforce our Terms of Use and other policies
We never sell, rent, or trade your personal or health data. Not to advertisers, not to data brokers, not to anyone.
Health Data Protection
In plain English
Your health data receives the highest level of protection. We use military-grade encryption and strict access controls to keep it safe.
Encryption Standards
All health data is protected with enterprise-grade encryption:
- AES-256 encryption at rest for all stored health data
- TLS 1.3 encryption in transit for all data transfers
- End-to-end encryption for sensitive health communications
- Hardware security modules (HSMs) for encryption key management
Access Controls
Strict access controls ensure only authorised personnel can access your data:
- Role-based access control with principle of least privilege
- Multi-factor authentication required for all data access
- Comprehensive audit logs for every data access event
- Regular access reviews and automatic deprovisioning
Local Processing
We prioritise processing your health data locally on your device:
- Health calculator results computed in your browser
- Temporary data cleared when you close the tool
- Optional save with explicit consent only
- No server-side storage unless you choose to save
Even our own engineers cannot access your health data without your authorisation and a documented, audited business reason.
Your Rights & Choices
In plain English
You are in full control of your data. You can access, download, correct, or delete your information at any time.
Data Access & Portability
You have the right to access and receive a copy of all your personal data:
- View all personal information we hold about you
- Download your data in standard formats (JSON, CSV, PDF)
- Transfer your data to another service provider
- Access a detailed log of how your data has been used
Correction & Objection
You have the right to correct inaccurate data and object to certain processing:
- Request correction of any inaccurate personal information
- Object to processing based on legitimate interests
- Restrict processing while a complaint is being resolved
Consent Management
You can manage your consent preferences at any time:
- Withdraw consent for any non-essential data processing
- Opt out of marketing and promotional communications
- Manage cookie and tracking preferences
- Adjust data sharing settings for third-party services
Exercising your privacy rights will never affect the quality of service you receive from SHELY.
Data Retention & Deletion
In plain English
We keep your data only as long as necessary. You can request deletion at any time, and we honour that request promptly.
Retention Periods
Different types of data are retained for different periods:
- Account data: retained while your account is active, plus 2 years after deletion
- Health calculator results: deleted immediately unless you choose to save them
- Communication records: retained for 3 years for support purposes
- Usage analytics: retained for 2 years in anonymised form
Automatic Deletion
We proactively delete data that is no longer needed:
- Inactive accounts (3+ years) are automatically archived and then deleted
- Temporary calculator data is purged within 24 hours
- Unsubscribed email addresses are removed immediately
- Session data is cleared when you log out
Your Deletion Rights
You can request data deletion at any time through your Privacy Portal:
- Full account deletion processed within 30 days
- Selective data deletion (e.g., only health calculator history)
- Confirmation email sent upon completion of deletion
- Anonymised research data may be retained (no personal identifiers)
When you delete your data, we delete it permanently from all active systems. Encrypted backups are purged within 90 days.
Children's Privacy
In plain English
SHELY is designed for adults. We have strict policies to protect minors and comply with child safety regulations.
SHELY services are intended for users aged 18 and above. Users aged 13 to 17 may access limited features with verified parental or guardian consent.
We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided personal information, we will delete it immediately.
Parents or guardians who believe their child has provided personal information to SHELY should contact us at privacy@shely.health for immediate removal.
International Transfers
In plain English
Your data is primarily stored in India. When international transfer is necessary, we apply the same level of protection.
SHELY primarily stores and processes your data in secure data centres located in India, in compliance with the Digital Personal Data Protection Act, 2023.
In limited cases, your data may be transferred internationally for the following purposes:
- Cloud infrastructure services (with equivalent encryption standards)
- Email delivery services (marketing and transactional)
- Content delivery networks for faster page loading
All international transfers are subject to contractual data protection agreements that ensure the same level of security as applied in India.
Contact & DPO
In plain English
Have questions? Our privacy team is here to help. Contact our Data Protection Officer for any privacy-related concerns.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our dedicated privacy team.
Privacy Team Contact
For general privacy inquiries and data requests:
- Email: privacy@shely.health
- Response Time: Within 48 hours on business days
Data Protection Officer
Our Data Protection Officer oversees all privacy and data protection matters. You may contact the DPO for formal complaints, escalations, or questions about our compliance with applicable data protection laws.
Regulatory Authority
If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.
Grievance Officer
In accordance with India's data protection and information technology laws, we have appointed a Grievance Officer to address your concerns about how we handle your personal data. You may reach out to the Grievance Officer using the details below.
- Name: Grievance Officer, SHELY Health Private Limited
- Email: grievance@shely.health
- Postal address: SHELY Health Private Limited, 52, Rajivgandhi Street, Maduravoyal, Chennai 600095, Tamil Nadu, India
We aim to acknowledge every grievance within 24 hours and resolve it within the timelines required by applicable law. If you are not satisfied with the Grievance Officer's response, you may escalate the matter to the Data Protection Officer or to the relevant data protection authority.
Operating Entity
This website and the SHELY platform are operated by SHELY Health Private Limited (CIN U86909TN2025PTC186774), a company incorporated in India and registered at 52, Rajivgandhi Street, Maduravoyal, Chennai 600095, Tamil Nadu, India. SHELY Health Private Limited is the data fiduciary responsible for your personal data under this Privacy Policy.