Last updated: May 20, 2025

This Privacy Policy ("Policy") explains the manner in which Umrit Health Tech Private Limited (hereinafter "FOXO", "us", "our" and "we") processes your personal data. We respect your privacy and are committed to the protection of your personal data. This Policy outlines our practices in relation to the collection, storage, usage, processing, and disclosure of personal data that you have consented to share with us when you access, use, or interact with our platform or avail our services or products ("Services").

By using the Services offered by us, you confirm that you have read and agree to be bound by this Policy and consent to the processing activities described under this Policy.

1. BACKGROUND AND KEY INFORMATION

1. How this Policy applies:

   This Policy applies to individuals and organisations who access or use our Services ("User", "you", or "your").

2. Review and Updates:

   We periodically update our Policy and encourage you to regularly review this Policy for any changes.

2. PERSONAL DATA THAT WE COLLECT

1. We collect, use, store, disclose, transfer, retain, and otherwise process different types of personal data about you, as may be applicable, depending on the Services we provide to you. This includes, but is not limited to:
   1. Contact Data and Identity Data, such as your name, email address, mobile number, and online identifiers.
   2. Health Data, such as your health and medical conditions, DNA related data, medical history, medical records, results of medical tests, health and lifestyle choices and data generated in connection with fitness and diagnostic assessments.
   3. Communications Data, such as your residential address, mobile number, email address, information posted in service requests, offers, feedback, comments, responses to User surveys and polls, and your communication preferences.
   4. Technical Data, which may include your IP address, browser type, internet service provider, details of operating system, access time, device ID, device type, website activity, clicks, date and time stamps, location data, and other similar data.
   5. Financial Data, which may include details regarding your bank account or payment instruments, such as credit and debit cards.
   6. Usage Data, which includes information about how you use the Services, your activity on the site, User taps and clicks, User interests, time spent on the site, details about user journey, and page views.
2. We also collect, use, and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data under the law as it is not directly or indirectly linked to your identity. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data, which will be used in accordance with this Policy.
3. We are required to collect certain personal data to provide you with the Services. If you fail to provide us with that data as and when requested by us, we will not be able to perform our obligations under the arrangement we have with you or wish to enter into with you. In this case, we may have to cancel or limit your access to our Services (or part thereof).

3. HOW DO WE USE YOUR PERSONAL DATA?

1. We respect your privacy at all times. We generally use your personal data for delivering better health outcomes for a long term. We may also use your personal data in accordance with applicable law and for the following purposes:
   1. to verify your identity to register you as a User, and create your User account with us for using our Services;
   2. to provide you with our Services;
   3. to monitor trends and personalise your experience;
   4. to improve the functionality of our Services based on the information and feedback we receive from you;
   5. to improve customer service and to effectively respond to your service requests and support needs;
   6. to track transactions and process payments;
   7. to send periodic notifications to manage our relationship with you including to notify you of changes to our Services, send you information and updates pertaining to our Services that you have availed or sought to avail, and to send occasional company news and updates related to us or our Services;
   8. to respond to court orders, establish or exercise our legal rights, or defend ourselves against legal claims;
   9. to administer and protect our business and our Services, including for troubleshooting, data analysis, system testing, and performing internal operations;
   10. to improve our business and delivery models;
   11. for fraud prevention and detection;
   12. for compliance with applicable law;
   13. to perform our obligations that arise out of the arrangement we may enter or have entered with you;
   14. to improve our and our partners' artificial intelligence and machine learning tools and algorithms;
   15. to store your personal data with third party service providers; and
   16. to enforce our membership terms and conditions;
2. You agree and acknowledge that by using the Services, you authorise us and our service providers to contact you via email, phone, or otherwise. This is to provide the Services or related products or services to you and ensure that you are aware of all the features of the Services.

4. DISCLOSURE OF INFORMATION

1. You agree and acknowledge that any and all information pertaining to you, whether or not you directly provide it to us, including but not limited to personal correspondence such as emails, instructions from you, information collected through our website, and any information you post online about our Services, may be collected, compiled, and disclosed by us in certain circumstances in order to render the Services to you or improve the Services, pursuant to our arrangement with you or your consent. This may include but not be limited to third party service providers, diagnostic test partners, consultants, lawyers, and auditors. We will disclose your personal data to our personnel and partners only when required and on a "need to know" basis, and subject to appropriate confidentiality obligations.
2. You agree and acknowledge that we may share your personal data without your consent, when required by law or by any court or government or regulatory authority.

5. COOKIES

1. Cookies are small files that a site or its service provider transfers to your device's hard drive through your web browser (where applicable) that enables the sites or service providers' systems to recognise your browser, and capture and remember certain information.
2. We use cookies to help us distinguish you from other Users of our Services, understand and save your preferences for future visits, keep track of advertisements, and compile aggregate data about site traffic and site interaction so that we can offer you a seamless user experience. We may contact third party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf, except to help us conduct and improve our business.
3. Additionally, you may encounter cookies or other similar devices that are placed by third parties. We do not control the use of cookies by third parties.

6. YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA

1. Accessing and Updating your Personal Data: When you use our Services, we make best efforts to provide you with the ability to access and correct inaccurate or deficient data, subject to any legal requirements.
2. Right to Withdraw Consent: Where you have provided us your consent to process your personal data or information, you have the option to withdraw such consent at any time by writing to us at rights@foxo.club.
3. Right to Request the Erasure of your Personal Data: You have the right to request us to delete your personal data when there is no practical reason for us to process it. We may not always be able to comply with your request for specific legal and commercial reasons. If applicable, these reasons will be notified to you, at the time of your request.

7. TRANSFER OF PERSONAL DATA

1. We comply with applicable laws in respect of storage and transfer of personal data. As a part of your use of our Services, the information and personal data you provide to us may be transferred to and stored in countries other than the country you are based in. This may happen if any of our servers are from time to time located in a country other than the one you are based in, or one of our service providers is located in a country other than the one you are based in.
2. In the event we go through a business transition, including but not limited to a merger, acquisition by another organisation, or sale of all or a portion of our assets, your personal data might be among the assets transferred.
3. By submitting your information and personal data to us, you agree to the transfer, storage, and processing of such information and personal data in the manner described above.

8. DATA RETENTION

1. You agree and acknowledge that your personal data will continue to be stored and retained by us for as long as necessary to fulfil our stated purpose(s) and for a reasonable period after the termination of your account or your relationship with us, to comply with our legal rights and obligations. Upon completion of the retention period for each category of personal data, we shall delete or destroy your personal data to the extent technically possible, or render the personal data into anonymised data so that it no longer constitutes personal data.
2. In some circumstances, we may aggregate your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. DATA SECURITY

1. We implement reasonable security procedures to protect your personal data from unauthorised access and disclosure, including managerial, technical, operational, and physical security control measures that are commensurate with the information assets being protected. In case of a data breach, we will promptly inform you and undertake all necessary measures to mitigate the effects of the breach.
2. Where you have chosen a log in id or password that enables you to access our Services ("Credentials"), or certain parts thereof, you are responsible for keeping these Credentials secure and confidential. We will not be responsible for any unauthorised use of your information, or for any lost, stolen, or compromised Credentials, or for any activity on your User account due to such unauthorised disclosure of the Credentials. In the event your User account or Credentials have been compromised in any manner whatsoever, you should promptly notify us to enable us to initiate a change of Credentials or otherwise secure your User account.

10. GRIEVANCE OFFICER

If you have any questions about this Policy, how we process or handle your personal data, or otherwise, you may reach out to us with your queries, grievances, feedback, and comments by contacting our grievance officer whose details are provided below:

Name: Akash Gehani
Address: No. 235, 2nd & 3rd Floor, 13th Cross Road 2nd Stage Indiranagar, Bangalore Karnataka India 560038
Email Address: rights@foxo.club