Privacy Policy

  • Your privacy is important to us.

Privacy Notice

This Privacy Notice (the “Notice”) sets out how we, Qure.ai Technologies Private Limited, 101 Raheja Titanium, Goregaon, East, Mumbai 400063, India (hereafter “Qure.ai”, “we”, “us”, “our”) process the personal data of individuals (each a “User”, “you”, “your”) who contact us or who use our websites, services, programs, content and related features (collectively, the “Services”). Our services also include the scan.qure.ai portal, which is a platform for free trial of our products. You can find the link to this portal on our website.

If you have any questions about this Notice, please contact us at partner@qure.ai.

For further queries, please reach out to our Data protection officer (DPO) at dpo@fractalanalytics.com

This notice, together with our any other documents, sets out our views and practices regarding your personal data and how we will treat it. Please read these documents carefully. By visiting our website or using our Services, you acknowledge the processing described in this Notice, our Website Terms and related documents. We will let you know, by posting on our website or otherwise, if we make any changes to this Notice from time to time. Your continued use of the Services after notifying such changes will amount to your acknowledgement of the amended Notice. This version of our privacy notice was published in August 2018.

We strive to treat your personal information as safely and securely as reasonably possible. Please read the following privacy policy to better understand how your personal information may be collected and used as you access various areas of our website. As described below, your personal data may be collected and used by Qure.ai or disclosed to third parties for use on behalf of Qure.ai This Privacy Policy describes the information we collect about you and what may happen to that information.

What is personal data?

“Personal data” means any information relating to an identified or identifiable natural person, known as ‘data subject’, who can be identified directly or indirectly; it may include name, address, email address, phone number, IP address, location data, cookies, call recording and similar information. It may also include “special categories of personal data” such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a data subject, data concerning health or data concerning a natural person’s sexual orientation.

What personal data do we process?

We may process the following personal data:

a. Information provided by you. You may give us information about you by filling in forms such as the free trial form on our website or providing your email for subscribing to our updates and corresponding with us by e-mail, phone or otherwise. This information may include your name, email address, profession, country, the content of any email you send to us and other personal identifying information.

b. Information about your device. With regard to each of your visits to our website we may collect technical information about your device. This information is compiled and analyzed on both a personal and an aggregated basis. This information may include the Web site’s Uniform Resource Locator (“URL”) that you just came from, which URL you go to next, what browser you are using, and your Internet Protocol (“IP”) address. An URL is the global address of documents and other resources on the World Wide Web. An IP address is an identifier for a computer or device on a Transmission Control Protocol/Internet Protocol (“TCP/IP”) network, such as the World Wide Web. Networks like the World Wide Web use the TCP/IP protocol to route information based on the IP address of the destination. In other words, an IP address is a number that is automatically assigned to your computer whenever you are surfing the web, allowing web servers to locate and identify your computer. Computers require IP addresses in order for users to communicate on the Internet.

d. Information from third party sources. This may include information received from our service providers and other third parties providing us with your information.

Generally, you are under no obligation to provide this information, but without it, we may be unable to provide you with some of our Services. Some personal data will be mandatory in order for us to comply with mandatory client due diligence processes before we are able to provide the Services.

We do collect sensitive personal data of our free trial portal users such as medical information like their radiology scan images through Scan.qure.ai. This information is used to analyze the images and provide with the results of analysis.

Information about third parties should only be provided if you have demonstrable permission to do so or if the information is available in the public domain.

We will rely on the information provided by you as accurate, complete and up to date and you agree to ensure that this will be the case.

You must be at least 18 years old to have our permission to use this site. Our policy is that we do not knowingly collect, use or disclose Personal data about visitors that are under 18 years of age.

How do we use your personal data?

We will only process personal data, in accordance with applicable law, for the following purposes:

(a) Register to access certain parts of the site
(b) Responding to your queries, requests and other communications
(c) Providing the Services including our website and related features as well as providing other information services.
(d) Providing the free trial services related to sharing the analysis of the images uploaded by you.
(e) Register to subscribe to newsletters
(f) Diagnose problems with our servers, software, to administer our site, to gather demographic information and to track visitors to our website
(g) Tracking the session and number of hits on the website according to our Cookie Statement. Click here to access our Cookie Statement.
(h) Complying with applicable law, including in response to a lawful request from a court or regulatory body.

The legal basis for our processing of personal data for the purposes described above will typically include:

  • processing necessary for our legitimate interests, such as processing for the purposes set out in paragraphs (a), (b), (c), (d), (e), (f) and (g) which is carried out on the basis of our legitimate interests to ensure that Services are properly provided,
  • processing necessary for compliance with a legal obligation to which we are subject, such as processing for the purposes set out in paragraph (h); and
  • any other applicable legal grounds.

Disclosure of personal data

There are circumstances where we may wish to disclose or are compelled to disclose your personal data to third parties. These scenarios include disclosure to:

  • our affiliates and sister companies;
  • our service providers who capture and store data collected through the forms that are filled by visitors to our website;
  • subject to appropriate legal basis such as consent, our advertising and marketing teams who enable us, for example, to deliver personalized ads to your devices or who may contact you by email, telephone, SMS or by other means;
  • public authorities where we are required by law to do so; and
  • other third parties where you have provided your consent.
The service providers are contractually bound not to share Personal data collected from visitors to our website with anyone else.

Cookie Statement

What Exactly are Cookies?

In order to collect the information including personal data as described in this Notice, we may use cookies and similar technology on our website. A cookie is a small piece of information which is sent to your browser and stored on your computer’s hard drive, mobile phone or other device. Cookies can be first party, i.e. cookies that the website you are visiting places on your device, or third party cookies, i.e. cookies placed on your device through the website but by third parties, such as, Google. Cookies are used for the following purposes:

  • Necessary cookies – Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Preference cookies – Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
  • Statistics cookies – Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Marketing cookies – Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers. These cookies are also known as Advertising cookies.
Qure.ai and Scan.qure.ai do not use any advertising cookies on the website and only use the cookies for the sole purpose of making it possible to browse the Website and let you use its functionalities. We use third party cookies like Google Analytics to collect statistical information in an aggregated form on the number of users accessing the Website and generate statistical data on how the visitor uses the website. You can refer to the list of cookies used by us along with their purpose below.

Qure.ai main website

Cookie name Purpose Duration Domain Category
_ga Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 years qure.ai Statistics
_gat Used by Google Analytics to throttle request rate Session qure.ai Statistics
_gid Registers a unique ID that is used to generate statistical data on how the visitor uses the website. Session qure.ai Statistics

Scan.qure.ai portal

Cookie name Purpose Duration Domain Category
csrftoken Helps prevent Cross-Site Request Forgery (CSRF) attacks. 1 year scan.qure.ai Necessary
collect Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. Session google-analytics.com Statistics
_ga Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 years qure.ai Statistics
_gat Used by Google Analytics to throttle request rate Session qure.ai Statistics
_gid Registers a unique ID that is used to generate statistical data on how the visitor uses the website. Session qure.ai Statistics

Security Practices

At our site you can be assured that your Personal data is secure and consistent with current industry standards. The importance of security for all Personal data associated with our user is of utmost concern to us. We do not do any transmission of the Personal data collected through our website. Our service partners, who assist us in capturing and storing Personal data, are contractually bound not to share that information with any other party. Our company has a requisite information security policy in place with appropriate managerial, technical, operational and physical security control measures to protect the personal and non-personal information that is collected from website users. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal data, you acknowledge that:
(a) there are security and privacy limitations of the Internet which are beyond our control;
(b) the security, integrity and privacy of any and all information and data exchanged between you and us through this site cannot be guaranteed; and
(c) any such information and data may be viewed or tampered with in transit by a third party.

Retention of Personal Data

We retain personal data for as long as is necessary for the purposes listed above or longer as may be required by the law or as per the client requirement. Please contact us for further details of applicable retention periods.

Data Subject Rights

Data subjects may have numerous rights in relation to their personal data.

  • Right to make a subject access request (SAR): Data subjects may request in writing copies of their personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and any payment permitted by law, where applicable.
  • Right to rectification: Data subjects may request that we rectify any inaccurate or incomplete personal data.
  • Right to withdraw consent: Data subjects may at any time withdraw their consent to the processing of their personal data carried out by us on the basis of their previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.
  • Right to object to processing including automated processing and profiling: We do not make automated decisions about data subjects. However, we may rely on information provided by third parties such as credit reference agencies which may score data subjects on the basis of automated decisions. Profiling may be carried out for business administration purposes, such as monitoring trends in User visits of our website. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will comply with each valid opt-out request in relation to marketing communications.
  • Right to erasure: Data subjects may request that we erase their personal data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the personal data, such as, our business record retention obligations that we have to comply with.
  • Restriction: Data subjects may request that we restrict our processing of their personal data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your personal data in a certain way.
  • Right to data portability: In certain circumstances, data subjects may request the controller to provide a copy of their personal data in a structured, commonly used and machine-readable format and have it transferred to another provider of the same or similar services. We do not consider that this right applies to our Services. However, to the extent it does, we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of the data subject’s personal data which may still be retained for legitimate and lawful purposes.
  • Right to lodge a complaint with the supervisory authority: We suggest that data subjects contact us about any questions or complaints in relation to how we process their personal data. However, each data subject has the right to contact the relevant supervisory authority directly.