PRIVACY POLICY
Blood Donation & Blood Request Application
(Including BBMS Integration)
YOUR RIGHTS
This Privacy Policy explains how we collect, use, store, share, and protect your personal data. It also explains your rights under the Digital Personal Data Protection Act, 2023 (DPDP Act) and how you can exercise them. Please read this carefully.
1. Who We Are (Data Fiduciary)
Redhalo India Private Limited, a company incorporated under the Companies Act, 2013, with its registered office at Flat No. 003, Kingstone Lifestyle, Carmelram, Bangalore, Karnataka, India - 560035, India, is the Data Fiduciary for the personal data collected through the Application, as defined under the Digital Personal Data Protection Act, 2023.
The App connects voluntary blood Donors with blood banks and Requesters through technology. In doing so, we collect and process personal data including health-related Sensitive Personal Data as described in this Policy.
SENSITIVE DATA
Health and medical information, including blood group, disease history, hemoglobin levels, qualifies as Sensitive Personal Data under Indian law. We process such data only with your explicit consent and for the specific purposes described in this Policy.
2. Personal Data We Collect
We collect personal data in several categories depending on whether you use the App as a Donor, Requester, or both.
2.1 Data Collected from All Users
| Data Element | Purpose | Source |
|---|---|---|
| Full Name | Account creation and identification | You (at registration) |
| Mobile Number | OTP verification, account login, emergency alerts | You (at registration) |
| Email Address | Account communication and notifications | You (at registration) |
| Date of Birth / Age | Eligibility verification (must be 18+) | You (at registration) |
| Gender | Health and eligibility assessment | You (at registration) |
| City / District / State / PIN | Proximity matching for Donors, camps, and blood banks | You (at registration) |
| Profile Photo (optional) | User profile display | You (optional) |
| Device Information | App functionality, security, fraud prevention | Automatically (device) |
| IP Address | Security, fraud detection, approximate location | Automatically (device) |
| App Usage Logs | App improvement, debugging, analytics | Automatically (App) |
| Push Notification Token | Sending alerts for blood requests and camp updates | Automatically (device) |
2.2 Additional Data Collected from Donors
NOTICE
The following data constitutes Sensitive Personal Data under Indian law. We collect it only with your explicit, informed consent and use it solely for determining donor eligibility and matching with blood requests.
| Data Element | Purpose | Source |
|---|---|---|
| Blood Group (ABO and Rh) | Matching Donor with blood requests; blood bank routing | You (at registration) |
| Last Donation Date | Eligibility check (minimum 56-day gap) | You (at registration / update) |
| Weight | Eligibility check (minimum 45 kg) | You (health declaration) |
| Haemoglobin Level (if known) | Eligibility assessment | You (health declaration) |
| Current Medications | Eligibility assessment; certain medications disqualify donation | You (health declaration) |
| Chronic Medical Conditions | Eligibility assessment; routing appropriate requests | You (health declaration) |
| Recent Surgeries / Tattoos / Piercings | Eligibility assessment (mandatory waiting periods) | You (health declaration) |
| Travel History (malaria-endemic areas) | Eligibility assessment (mandatory waiting period) | You (health declaration) |
| History of Communicable Diseases | Eligibility assessment; safety of blood supply | You (health declaration) |
| Pregnancy / Breastfeeding Status (if applicable) | Eligibility assessment for female donors | You (health declaration) |
| Alcohol / Substance Use (recent) | Eligibility assessment (48-hour rule) | You (health declaration) |
| Donation History on App | Eligibility tracking; recognition; safety monitoring | App records |
2.3 Additional Data Collected from Requesters
| Data Element | Purpose | Source |
|---|---|---|
| Patient Name | Blood request processing and matching | You (request form) |
| Patient Blood Group Required | Matching with Donors and blood bank inventory | You / Requisition Slip OCR |
| Blood Units Required | Matching and routing to appropriate blood bank | You / Requisition Slip OCR |
| Hospital Name and Address | Routing request to nearest empanelled blood bank | You / Requisition Slip OCR |
| Ward / Bed / Admission Number | Verification and coordination with blood bank | You / Requisition Slip OCR |
| Treating Physician Name | Verification and coordination | You / Requisition Slip OCR |
| Urgency Level | Priority routing of the request | You (request form) |
| Relationship to Patient | Requester legitimacy assessment | You (request form) |
| Requisition Slip (scanned image / PDF) | Verification of genuine medical need; OCR extraction | You (upload) |
| Patient Medical Condition (if disclosed) | Contextual information for blood bank | You (optional disclosure) |
3. How We Use Your Personal Data
3.1 Lawful Bases for Processing
We process your personal data on the following lawful bases under the DPDP Act, 2023:
| Lawful Basis | When Applied | Applies To |
|---|---|---|
| Consent | All Sensitive Personal Data (health details, Donor health declarations); optional data such as profile photo | Donors and Requesters |
| Contractual Necessity | Account creation, login, core App functionality, blood request processing | All Users |
| Legitimate Interest | App security, fraud prevention, usage analytics, debugging | All Users |
| Legal Obligation | Compliance with CDSCO regulations, court orders, law enforcement requests | All Users |
| Vital Interests | In life-threatening emergencies where we need to share data to facilitate blood delivery and save a life | Emergency situations |
3.2 Specific Purposes of Processing
For Donors:
Register you as a Donor and maintain your Donor profile.
Assess your eligibility to donate blood based on your health declaration.
Match you with blood requests in your geographic proximity.
Send you Request Alerts for matching blood types near your location.
Track your donation history for eligibility monitoring and recognition.
Display your first name and blood group to Requesters and blood banks when you respond to a request.
Notify you of nearby blood donation camps.
For Requesters:
Process your blood request and route it to empaneled blood banks via BBMS.
Notify nearby registered Donors with a matching blood group.
Extract structured information from uploaded Requisition Slips using OCR.
Track the status of your blood request.
Communicate request outcomes to you.
For All Users:
Operate, maintain, and improve the App.
Authenticate your identity and secure your account.
Send service communications (account updates, policy changes, security alerts).
Generate anonymised, aggregated statistics about blood availability and demand (no individual identification).
Comply with applicable laws and regulatory requirements.
Detect, investigate, and prevent fraud, security incidents, and violations of our Terms and Conditions.
4. Sensitive Personal Data — Special Protections
Health and medical information, including blood group, disease history, medication details, and hemoglobin levels, constitutes Sensitive Personal Data. We apply the following additional protections to such data:
Explicit Consent: We collect Sensitive Personal Data only after obtaining your clear, specific, and informed consent through a dedicated consent screen. You will be told exactly what data is collected, why it is collected, and who it may be shared with before you are asked to consent.
Purpose Limitation: Sensitive Personal Data is used exclusively for the purposes for which consent was given — specifically, donor eligibility assessment and blood request matching. It will not be used for commercial profiling, advertising, or any purpose not stated in this Policy.
Access Restriction: Within Our organisation, access to Sensitive Personal Data is restricted on a strict need-to-know basis. Only technical staff responsible for operating the matching system, and safety personnel responsible for compliance, have access.
Encryption: All Sensitive Personal Data is encrypted at rest (AES-256) and in transit (TLS 1.3).
Consent Withdrawal: You may withdraw consent for processing your Sensitive Personal Data at any time. Withdrawal will result in your Donor profile being deactivated, but will not affect the lawfulness of processing prior to withdrawal.
5. How We Share Your Personal Data
PRINCIPLE
We do not sell your personal data. We do not share your data for advertising or commercial profiling purposes. Sharing occurs only as described below.
5.1 With Blood Banks (via BBMS)
When a blood request is raised, we share the following Requester data with the relevant blood bank(s) via the BBMS:
Blood group required, quantity required, urgency level and requisition slip.
Hospital name and location.
Requester contact details (limited to what is necessary for the blood bank to respond).
When a Donor responds to a request, we share the following Donor data with the relevant blood bank:
Name, blood group, and contact number (so the blood bank or requestor can coordinate the donation appointment).
Relevant health declaration summary (to allow the blood bank to conduct final eligibility screening).
5.2 With Other Donors (Request Alerts)
When a blood request is raised, nearby registered Donors with matching blood groups receive an alert containing:
The blood group and units required.
The name of the hospital and its general area (not full address in the alert).
The urgency level.
No patient name, Requester identity, or other personal details of the Requester are included in the Donor alert.
5.3 With Blood Camp Organisers
If you register to attend a blood donation camp, we share your name, blood group, and contact number with the camp organiser solely for the purpose of camp coordination.
5.4 With Service Providers (Data Processors)
We engage the following categories of third-party service providers who process personal data on Our behalf, under strict contractual obligations:
| Category | Purpose | Examples |
|---|---|---|
| Cloud Hosting Provider | Stores app data and user records on secure servers | AWS / Azure / GCP (Indian region preferred) |
| OCR Service Provider | Extracts structured data from uploaded Requisition Slips | Google Vision API / AWS Textract |
| SMS / OTP Gateway | Delivers OTP for user authentication | TRAI-registered SMS provider |
| Push Notification Service | Delivers blood request alerts and app notifications | Firebase Cloud Messaging |
| Analytics Provider | Anonymised app usage analytics for improvement | Privacy-compliant analytics tool |
| Email Service Provider | Transactional emails (account alerts, policy updates) | Transactional email provider |
All data processors are contractually bound to process data only on Our instructions, to maintain appropriate security, and to not use the data for their own purposes.
All data processors are contractually bound to process data only on Our instructions, to maintain appropriate security, and to not use the data for their own purposes.
5.5 With Law Enforcement and Regulatory Authorities
We may disclose personal data to government authorities, law enforcement, courts, or regulators when:
Required by applicable law, court order, or legal process.
Necessary to protect the rights, property, or safety of Our Users, the public, or Us.
Required by CDSCO, Ministry of Health, or State Blood Transfusion Councils in connection with blood safety compliance.
5.6 In a Business Transfer
If We merge with, are acquired by, or transfer Our business to another entity, personal data may be transferred as part of that transaction. We will notify Users before such a transfer and ensure the acquiring entity agrees to be bound by equivalent data protection standards.
6. Data Retention
We retain personal data only for as long as necessary for the purposes described in this Policy, or as required by applicable law.
| Data Category | Retention Period | Justification |
|---|---|---|
| Active User Account Data | Duration of account + 3 years after account deletion | DPDP Act retention requirements; legal dispute resolution |
| Donor Health Declarations | Duration of active Donor status + 5 years after deactivation | Blood safety traceability; CDSCO compliance |
| Blood Request Records | 7 years from date of request | CDSCO/Drugs & Cosmetics Act record-keeping requirements |
| Requisition Slip Images | 7 years from date of upload | Regulatory compliance; audit trail |
| Donation History Logs | 7 years from date of donation event | Blood safety; hemovigilance requirements |
| App Usage Logs | 2 years from creation | Security and fraud detection |
| OCR-extracted Data | As per underlying request data (7 years) | Part of blood request record |
| Inactive Account Data | 3 years from last login, then deleted or anonymised | DPDP Act; legitimate interest |
| Legal Hold Data | For duration of legal proceedings + statutory period | Court orders; legal obligation |
After the retention period expires, personal data is securely deleted or irreversibly anonymised so that it can no longer be linked to any individual.
After the retention period expires, personal data is securely deleted or irreversibly anonymised so that it can no longer be linked to any individual.
7. Your Rights Under the DPDP Act, 2023
As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the following rights in respect of your personal data processed by Us:
| Right | Description | Response Timeframe |
|---|---|---|
| Right to Access | Request a summary of the personal data We hold about you and the purposes for which it is processed. | Within 30 days of request |
| Right to Correction | Request correction of inaccurate or outdated personal data. | Within 30 days of request |
| Right to Erasure | Request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, subject to legal retention obligations. | Within 30 days of request |
| Right to Withdraw Consent | Withdraw consent for processing of Sensitive Personal Data at any time. Withdrawal does not affect prior lawful processing. | Immediately effective; account deactivated |
| Right to Grievance Redressal | Lodge a complaint with Our Grievance Officer regarding processing of your personal data. | Acknowledged within 48 hours; resolved within 15 days |
| Right to Nominate | Nominate another individual to exercise your rights in the event of your incapacity or death, to the extent provided under the DPDP Act. | At time of account creation or update |
To exercise any of the above rights, please submit a request through the "Privacy Settings" section of the App or email infor@redhalolife.com. We may require you to verify your identity before processing your request.
To exercise any of the above rights, please submit a request through the "Privacy Settings" section of the App or email infor@redhalolife.com. We may require you to verify your identity before processing your request.
NOTE
Certain rights may be limited where data retention is required by law (e.g. 7-year blood safety records required under the Drugs and Cosmetics Act) or where erasure would conflict with ongoing legal proceedings.
8. Consent Management
8.1 How We Obtain Consent
General Account Data: Your acceptance of this Privacy Policy at registration constitutes consent for processing standard account data.
Sensitive Personal Data (Donor Health Information): We display a specific, granular consent screen before collecting any health-related information. This screen specifies exactly what data is collected, why, who it is shared with, and how long it is retained. You must actively tick each consent item.
OCR Processing of Requisition Slips: Before uploading a Requisition Slip, you will be shown a consent notice explaining that the document will be processed by an OCR system to extract structured data, and that the image will be retained for the regulatory retention period.
Push Notifications / Alerts: Your consent to receive push notifications is requested separately through your device OS permission prompt. You may revoke this at any time in device settings.
8.2 Consent for Minors
The App is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a person under 18, we will delete it promptly. Under the DPDP Act, 2023, processing of personal data of children requires verifiable parental or guardian consent. If a Requester is raising a request on behalf of a minor patient, the Requester (adult) is submitting data on behalf of the patient; patient data is not separately profiled.
8.3 Withdrawing Consent
You may withdraw any previously given consent at any time through "Privacy Settings" in the App. Please note:
Withdrawal of consent for health declaration data will deactivate your Donor profile.
Withdrawal of consent for request data will archive your open requests.
Withdrawal does not erase data that We are legally required to retain.
9. Data Security
We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.
9.1 Technical Measures
All data in transit is encrypted using TLS 1.3 or higher.
All data at rest is encrypted using AES-256 encryption.
Sensitive Personal Data (health information) is stored in isolated, access-controlled database partitions.
Multi-factor authentication (OTP) is required for account login.
API access is secured with token-based authentication and rate limiting.
Penetration testing and vulnerability assessments are conducted periodically.
9.2 Organisational Measures
Access to personal data within Our organisation is restricted to authorised personnel on a strict need-to-know basis.
All staff with access to personal data are trained on data protection obligations and confidentiality.
Data processing agreements are in place with all third-party processors.
We maintain a data breach response procedure and will notify affected Users and the Data Protection Board of India (when established and operational) in accordance with the DPDP Act in the event of a breach likely to cause harm.
9.3 User Responsibilities
Users are responsible for keeping their account credentials confidential and for ensuring that their device is secured (e.g. using device PIN/biometric locks). We are not responsible for security breaches arising from a User's failure to protect their login credentials.
10. Cross-Border Data Transfers
We store data primarily on servers located in India. To the extent that any of Our service providers (such as cloud platforms or OCR services) process data outside India, we ensure that:
Such transfers are made only to countries or entities notified as permissible under the DPDP Act, 2023, or are covered by adequate contractual safeguards (Standard Contractual Clauses or equivalent).
Our agreements with such processors include data protection obligations equivalent to those applicable in India.
You will be informed of any material cross-border transfer arrangements that affect your Sensitive Personal Data.
11. OCR Processing and Automated Decision-Making
11.1 Requisition Slip OCR
When you upload a Requisition Slip, the document is processed by an automated OCR (Optical Character Recognition) system that extracts structured data fields (blood group, units, hospital, physician name, etc.). You are presented with the extracted data for your review and correction before the request is submitted. The OCR system does not make any decisions autonomously — it is a data extraction tool subject to your review and confirmation.
11.2 Donor Eligibility Screening
The App uses automated checks to flag potential eligibility issues based on the health declaration you submit (e.g. flagging a last donation date within 56 days, or a declared condition that disqualifies donation). These automated checks are informational. The final eligibility determination is made by qualified medical staff at the blood bank or donation camp, not by Our App.
11.3 No Profiling for Commercial Purposes
We do not use automated decision-making to profile Users for commercial purposes, credit scoring, or any purpose other than the delivery of the blood donation and request services described in this Policy.
12. Cookies and Tracking Technologies
If you access the App through a web browser, we may use cookies and similar tracking technologies. The App itself (mobile application) uses equivalent persistent identifiers (such as device identifiers and push notification tokens).
| Cookie / Tracker Type | Purpose | User Control |
|---|---|---|
| Essential / Functional | Required for the App to function; enables login session, OTP validation, and basic features | Cannot be disabled without breaking core functionality |
| Analytics | Anonymised usage data to improve App performance and user experience | Opt-out available in Privacy Settings |
| Security | Fraud detection, bot prevention, security monitoring | Cannot be disabled — necessary for security |
We do not use advertising cookies or share tracking data with advertising networks.
We do not use advertising cookies or share tracking data with advertising networks.
13. Children's Privacy
The App is intended for adults aged 18 and above. We do not knowingly collect personal data from children under the age of 18. If you are a parent or guardian and believe that a child under 18 has provided personal data through the App, please contact us immediately at info@redhalolife.com and we will delete the data promptly. Under the DPDP Act, 2023, processing of children's personal data requires verifiable parental consent, and we do not permit children to create accounts.
14. Third-Party Links and Services
The App may contain links to third-party websites (such as blood bank websites, NACO resources, or government health portals). We are not responsible for the privacy practices of such third parties. We encourage you to review the privacy policies of any third-party website you visit.
Blood banks empanelled on the App are independent entities. While we enter into data processing agreements with them, their handling of data you submit directly to them (outside the App) is governed by their own privacy policies.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the App's features, or applicable law. When we make material changes, we will:
Post the updated Policy on the App with the revised effective date.
Notify you via in-app notification or email at least 14 days before the changes take effect (for material changes).
Where changes involve new or expanded processing of Sensitive Personal Data, seek fresh consent from you.
Your continued use of the App after the effective date of changes constitutes acceptance of the updated Policy. If you do not agree, you may delete your account.
16. Data Protection / Grievance Officer
In accordance with the DPDP Act, 2023, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, We have designated a Data Protection / Grievance Officer. For any privacy-related complaints, requests, or queries, please contact:
Data Protection Officer
Kaushik Kumar
Company
Redhalo India Private Limited
Address
Flat No. 003, Kingstone Lifestyle, Carmelram, Bangalore, Karnataka, India - 560035
info@redhalolife.com
Response – Acknowledgement
Within 48 hours
Response – Resolution
Within 15 days (DPDP Act compliant)
Escalation
Data Protection Board of India (when operational under DPDP Act, 2023)
17. Privacy at a Glance — Summary
The following is a plain-language summary of this Privacy Policy. The full Policy above governs in all cases.
| Your Question | Our Answer |
|---|---|
| Do you sell my data? | No. We never sell your personal data to any third party. |
| Who sees my health information? | Only the blood bank(s) you are matched with, and Our authorised technical staff. Not other App users. |
| Who sees my blood request? | Nearby Donors receive a minimal alert (blood group, urgency, hospital area). Blood banks via BBMS receive full request details. |
| Can I delete my data? | Yes. You can delete your account and request erasure of your data, subject to legal retention requirements. |
| Is my data secure? | Yes. All data is encrypted in transit and at rest. Health data has additional access controls. |
| Do you use my data for ads? | No. We do not use your data for advertising or commercial profiling. |
| Can I withdraw consent? | Yes, at any time via Privacy Settings. Withdrawal deactivates your Donor profile but does not erase legally retained records. |
| How long do you keep my data? | Account data: 3 years post-deletion. Blood safety records: 7 years as required by law. |
| What law covers this? | The Digital Personal Data Protection Act, 2023 (India), and applicable IT and health regulations. |
| Who do I contact for privacy issues? | privacy@[appname].in — response within 48 hours. |
By using the Application, you confirm that you have read and understood this Privacy Policy and consent to the collection and use of your data as described herein.
By using the Application, you confirm that you have read and understood this Privacy Policy and consent to the collection and use of your data as described herein.