AYKA Logo
Privacy Policy

AYKA Privacy Policy

Effective Date: 8 May 2026
Last Updated: 8 May 2026
Version: 1.0
AYKA CLYVORA PRIVATE LIMITED • CIN: U62099UP2025PTC223390 • DIPP206218
01

1. INTRODUCTION AND IDENTITY OF THE DATA FIDUCIARY

AYKA Clyvora Private Limited, a company incorporated under the Companies Act, 2013, bearing Corporate Identification Number U62099UP2025PTC223390 and registered under the Startup India initiative vide certificate DIPP206218, having its registered office at 5/1115, Khalapar Mohalla, Memaran, Saharanpur, Uttar Pradesh — 247001, India (hereinafter referred to as "AYKA", "the Company", "we", "our", or "us") is committed to protecting the privacy and personal data of all persons who access or use its digital platforms and services.

This Privacy Policy ("Policy") constitutes a legally binding document between the Company, acting as the Data Fiduciary, and you, the Data Principal, governing the collection, storage, use, processing, disclosure, and protection of your Personal Data in connection with your use of the following platforms operated by AYKA Clyvora Private Limited:

  • AYKA Life — a cloud-based clinic management Software-as-a-Service platform designed for clinics, hospitals, and healthcare institutions, offering appointment scheduling, electronic medical records (EMR), billing, patient communication, and franchise operations management;
  • AYKA Expert — a telemedicine Software-as-a-Service subscription platform for registered medical practitioners to conduct online consultations, manage patient records, and issue digital prescriptions;
  • AYKA Care — a patient-facing teleconsultation platform enabling individuals to book medical appointments, consult registered doctors through digital channels, access personal health records, and manage their healthcare journey; and
  • AYKA Alliance — a three-tier franchise network (City, District, and State levels) enabling business partners to distribute, market, and support AYKA products within their respective geographies.

(Each of the above, individually and collectively, referred to as the "Platform(s)" or "Services".)

This Policy is published in compliance with the Digital Personal Data Protection Act, 2023 ("DPDP Act"), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), the Information Technology Act, 2000 ("IT Act"), and all other applicable laws and regulations of India.

⚠️

BY ACCESSING OR USING ANY OF OUR PLATFORMS, YOU CONFIRM THAT YOU HAVE READ, UNDERSTOOD, AND CONSENT TO THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DISCONTINUE USE OF OUR PLATFORMS IMMEDIATELY.

02

2. SCOPE AND APPLICATION

This Policy applies to:

  • all users of the AYKA Life, AYKA Expert, AYKA Care, and AYKA Alliance platforms, including but not limited to registered medical practitioners, clinics, hospitals, patients, franchise partners, and visitors to our websites;
  • all Personal Data and Sensitive Personal Data collected through our websites, mobile applications, application programming interfaces (APIs), and any other digital touchpoints operated by the Company;
  • all processing activities carried out by AYKA Clyvora Private Limited whether as a Data Fiduciary (when processing data for its own purposes) or as a Data Processor (when processing data on behalf of its business clients such as clinics and hospitals); and
  • data collected from third-party integrations including payment gateways, the Ayushman Bharat Digital Mission (ABDM) ecosystem, DigiLocker, MeriPehchaan, and third-party analytics and communication service providers.

This Policy does not apply to the practices of third-party websites, applications, or services that may be linked to or from our Platforms. We encourage you to review the privacy policies of any third-party services you access through our Platforms.

03

3. DEFINITIONS

In this Policy, unless the context otherwise requires, the following terms shall have the meanings ascribed to them below, which are aligned with the definitions provided under the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000:

3.1 "Personal Data"

means any data about an individual who is identifiable by or in relation to such data, including but not limited to name, email address, phone number, date of birth, gender, postal address, financial information, device identifiers, and any other information that directly or indirectly identifies a natural person.

3.2 "Sensitive Personal Data or Information" (SPDI)

means personal information consisting of passwords; financial information such as bank accounts, credit/debit card details; physical, physiological, and mental health conditions; sexual orientation; medical records and history; biometric information; and any other information received by the Company under lawful contract or otherwise, as specified under Rule 3 of the SPDI Rules, 2011.

3.3 "Health Data"

means any Sensitive Personal Data or Information relating to an individual's physical or mental health, medical history, diagnosis, prescriptions, treatment records, investigation reports, or other clinical information collected through or stored on the Platforms.

3.4 "Data Principal"

means the natural person to whom the Personal Data relates. In the context of children, Data Principal includes the parent or lawful guardian of such child.

3.5 "Data Fiduciary"

means any person who alone or in conjunction with other persons determines the purpose and means of processing Personal Data. AYKA Clyvora Private Limited acts as a Data Fiduciary in relation to the Personal Data it collects and processes for its own purposes.

3.6 "Data Processor"

means any person who processes Personal Data on behalf of a Data Fiduciary. AYKA Clyvora Private Limited may act as a Data Processor in respect of patient data collected and managed by clinics and hospitals using the AYKA Life platform.

3.7 "Consent"

means a free, specific, informed, unconditional, and unambiguous indication of the Data Principal's wishes by a clear affirmative action, signifying agreement to the processing of Personal Data for a specified purpose.

3.8 "Processing"

means a wholly or partly automated operation or set of operations performed on Personal Data or sets of Personal Data, including collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, use, disclosure, restriction, erasure, or destruction.

3.9 "Purpose"

means the specific, clear, and lawful reason for which Personal Data is collected and processed, as communicated to the Data Principal at the time of or prior to collection.

3.10 "Personal Data Breach"

means any unauthorised processing of Personal Data or accidental disclosure, acquisition, sharing, use, alteration, destruction, or loss of access to Personal Data that compromises the confidentiality, integrity, or availability of Personal Data.

3.11 "Child"

means a person who has not completed eighteen years of age.

3.12 "Grievance Officer / Data Protection Officer"

means the individual designated by the Company to receive, acknowledge, and resolve grievances related to the processing of Personal Data, as required under the DPDP Act, 2023 and the SPDI Rules, 2011.

04

4. PERSONAL DATA WE COLLECT

We collect the following categories of Personal Data, depending on the Platform you access and your role as a user:

4.1 Information You Provide Directly

When you register for or use our Platforms, you may provide us with:

  • Identity Information: full name, date of birth, gender, profile photograph;
  • Contact Information: email address, mobile number, postal address, city, state, PIN code;
  • Professional Information (for doctors and clinic administrators): medical registration number, registration council (State Medical Council / NMC), specialisation, years of experience, clinic name and address, GST Identification Number;
  • Authentication Credentials: username, password, one-time passwords (OTPs), security questions;
  • Financial Information: bank account details, UPI IDs, credit or debit card details (processed through our third-party payment gateway; the Company does not store full card numbers), billing address;
  • Health Information (for patients): chief complaints, medical history, current medications, known allergies, family medical history, investigation reports, diagnosis, prescriptions, and other clinical information you share during consultations; and
  • Franchise and Business Information (for AYKA Alliance partners): business entity details, PAN, GSTIN, territory coverage details, bank account information for payout purposes.

4.2 Health Data and Medical Records

In connection with the telemedicine and clinical services facilitated through AYKA Expert and AYKA Care, we collect and store Health Data, which constitutes Sensitive Personal Data or Information under the SPDI Rules, 2011. This includes:

  • consultation notes and summaries generated by consulting doctors;
  • digital prescriptions issued through the Platform;
  • diagnostic and investigation reports uploaded by you or your treating doctor;
  • symptom information and health queries submitted through our platforms or AI-assisted features;
  • ABHA (Ayushman Bharat Health Account) identification number and linked health records (where ABDM integration is enabled by the user); and
  • vitals, measurements, and other physiological data provided during consultations.

Collection and processing of Health Data is undertaken only with your explicit, informed, and written consent. You have the right to withdraw consent at any time, subject to the provisions of applicable law and any overriding legal obligation.

4.3 Automatically Collected Information

When you access our Platforms, our systems automatically collect certain technical and usage data, including:

  • Device Information: device type, model, operating system, unique device identifier (UDID), mobile network information;
  • Log Data: IP address, browser type and version, pages accessed, referring URL, date and time of access, time spent on pages;
  • Location Data: general geographic location inferred from IP address; precise location only if explicitly permitted by you through device settings;
  • Cookies and Tracking Technologies: session identifiers, preference cookies, analytics cookies (see Section 14 and our Cookie Policy for details); and
  • Usage Patterns: features accessed, frequency of use, search queries within the Platform, interaction data.

4.4 Information from Third Parties

We may receive Personal Data about you from the following third-party sources:

  • Payment Gateways: transaction confirmation, payment status, and fraud prevention signals from our authorised payment gateway partners;
  • ABDM Ecosystem: health records linked to your ABHA ID, shared with your explicit consent through the ABDM consent manager framework;
  • DigiLocker / MeriPehchaan: identity verification data where you use these government-authorised services for KYC or document verification;
  • Referral Partners: basic contact details from authorised AYKA Alliance partners who refer new users to the Platform; and
  • Social Login Providers: if you choose to register or log in through third-party social authentication services, we receive the profile information authorised by you on that platform.
05

5. PURPOSE OF PROCESSING PERSONAL DATA

We collect and process your Personal Data solely for the following specified, clear, and lawful purposes:

  • Account Registration and Authentication: to create, verify, and maintain your user account on the Platform, including identity verification and credential management;
  • Provision of Services: to deliver the healthcare, telemedicine, clinic management, or franchise services you have subscribed to or requested, including facilitating online consultations, generating prescriptions, managing appointments, and processing transactions;
  • Health Record Management: to create, store, retrieve, and share your health records and consultation history in accordance with your instructions and applicable telemedicine regulations;
  • Payment Processing and Financial Administration: to process subscription fees, consultation charges, franchise commissions, and payouts, and to generate GST-compliant invoices;
  • Communication and Notifications: to send you appointment reminders, prescription confirmations, service updates, billing notifications, and other transactional communications essential to your use of the Platform;
  • Customer Support and Grievance Redressal: to respond to your queries, complaints, and grievances in accordance with applicable law;
  • Platform Improvement and Research: to analyse aggregated and anonymised usage data for the purpose of improving our Platforms, features, and user experience;
  • Safety, Security, and Fraud Prevention: to detect, investigate, and prevent fraudulent transactions, unauthorised access, and other illegal or prohibited activities;
  • Legal and Regulatory Compliance: to comply with applicable laws, court orders, regulatory directions, or enforceable governmental requests including under the IT Act, DPDP Act, and healthcare regulations;
  • ABDM Compliance: to enable sharing of health records through the ABDM ecosystem with your explicit consent, in accordance with the Health Data Management Policy of the National Health Authority;
  • Marketing and Promotional Communications: to send you information about new features, products, or offers where you have provided consent or where such communication is permitted under applicable law. You may opt out at any time; and
  • AI and Algorithm Improvement: to use anonymised and pseudonymised data for training, testing, and improving our artificial intelligence and machine learning features, subject to your consent and the provisions of our AI Usage and Disclaimer Policy.
07

7. HEALTH DATA AND SENSITIVE PERSONAL INFORMATION

Health Data and other Sensitive Personal Data or Information collected through our Platforms receive the highest level of protection under this Policy and applicable law.

We undertake the following obligations in relation to Health Data:

  • Explicit Consent: We collect Health Data only with your explicit, informed, and written consent, obtained through a clear and specific consent mechanism at the time of or prior to collection. Consent for Health Data is separate from general registration consent.
  • Purpose Limitation: Health Data is used exclusively for the purpose for which consent was obtained — primarily, to facilitate your telemedicine consultation, enable access to your health records, and support the clinical functions of the AYKA Expert and AYKA Care platforms. Health Data will not be used for commercial purposes, advertising, or profiling without your explicit additional consent.
  • Restricted Disclosure: We will not transfer or disclose your Health Data to any third party except: (a) to the consulting doctor with whom you have scheduled a consultation; (b) to our authorised data processors (such as cloud infrastructure providers) who are contractually obligated to maintain equivalent standards of data protection; (c) to government authorities or healthcare regulators where required by law; or (d) in a genuine medical emergency where disclosure is necessary to protect your life or health.
  • ABDM Integration: If you choose to link your ABHA ID and participate in the ABDM health records ecosystem, your health records will be shared only in accordance with your consent artefact issued through the ABDM consent manager. You may modify or revoke such consent through the ABDM consent manager at any time.
  • Security Measures: We implement technical and organisational security measures appropriate to the sensitivity of Health Data, including encryption at rest and in transit, role-based access controls, and audit logging. See Section 15 for details.
  • Retention: Health Data is retained for the period specified in Section 10 of this Policy, consistent with the record-keeping requirements of the Telemedicine Practice Guidelines, 2020.
08

8. HOW WE SHARE YOUR PERSONAL DATA

We do not sell, rent, or trade your Personal Data to any third party. We share Personal Data only in the following circumstances and with the following categories of recipients:

8.1 Healthcare Professionals

Where you have scheduled a consultation through AYKA Care or AYKA Expert, we share your relevant health information, consultation history, and contact details with the consulting registered medical practitioner, to the extent necessary to enable the provision of medical services.

8.2 Authorised Service Providers and Data Processors

We engage third-party service providers who process Personal Data on our behalf under contractual obligations that require them to maintain standards of data protection equivalent to those set out in this Policy. These include:

  • cloud infrastructure and hosting providers (data centres located within India);
  • payment gateway operators for processing financial transactions;
  • SMS, email, and push notification service providers for transactional communications;
  • customer relationship management (CRM) and helpdesk software providers; and
  • analytics and performance monitoring tools operating on anonymised or pseudonymised data.

8.3 ABDM and Government Health Ecosystem

With your explicit consent, we share relevant health data with the Ayushman Bharat Digital Mission (ABDM) ecosystem operated by the National Health Authority, enabling interoperability with other ABDM-registered health entities. Such sharing is governed by the ABDM Health Data Management Policy and subject to your ABDM consent artefact.

8.4 Legal and Regulatory Authorities

We may disclose Personal Data to courts, law enforcement agencies, regulatory bodies, or government authorities where required by law, by court order, or where we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect the rights, property, or safety of the Company, our users, or the public; or (c) detect, prevent, or address fraud, security, or technical issues.

8.5 Business Transfers

In the event of a merger, acquisition, restructuring, or sale of all or part of our business assets, your Personal Data may be transferred to the acquiring entity, subject to the acquirer being bound by equivalent data protection obligations. We will provide notice of any such transfer through our Platforms.

8.6 Aggregate and Anonymised Data

We may share aggregated, anonymised, or pseudonymised data that does not identify any individual for purposes of research, analytics, industry benchmarking, or public health reporting. Such data is not Personal Data and is not subject to the restrictions of this Policy.

09

9. INTERNATIONAL TRANSFERS OF PERSONAL DATA

AYKA Clyvora Private Limited stores and processes all Personal Data, and in particular all Health Data and Sensitive Personal Data, on servers and infrastructure located within the territory of India, in compliance with applicable data localisation requirements.

To the extent that any cross-border transfer of Personal Data becomes necessary for operational reasons (such as the use of a foreign-headquartered cloud service provider or analytics tool), such transfer shall be undertaken only to countries notified by the Central Government of India as permissible destinations for the transfer of Personal Data under the DPDP Act, 2023, and subject to appropriate contractual safeguards including standard contractual clauses or equivalent data protection agreements.

⚠️

[CLIENT TO CONFIRM: Please verify current data residency arrangements with your cloud infrastructure provider and confirm whether any data is currently processed outside India. Update this section accordingly before publication.]

10

10. DATA RETENTION

We retain Personal Data only for as long as necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable law, whichever is longer. The following retention periods apply:

  • Account and Registration Data: retained for the duration of your active account and for a period of three (3) years following account deletion or deactivation, to address any post-termination queries, disputes, or legal claims;
  • Health Data and Consultation Records: retained for a minimum period of seven (7) years from the date of the consultation or last interaction, consistent with the record-keeping obligations under the Telemedicine Practice Guidelines, 2020 and applicable medical records law;
  • Financial Transaction Data: retained for a period of eight (8) years from the date of transaction, in compliance with the requirements of the Income Tax Act, 1961 and GST law;
  • Communication Logs and Customer Support Records: retained for a period of two (2) years from the date of the communication or resolution of the support ticket;
  • Usage and Analytics Data: retained in anonymised form for a period of up to five (5) years for platform improvement and statistical purposes; and
  • Legal Hold: where Personal Data is subject to an ongoing legal proceeding, regulatory investigation, or dispute, we may retain relevant data beyond the above periods until the matter is resolved.

Upon expiry of the applicable retention period, Personal Data is securely deleted or anonymised in a manner that prevents reconstruction. You may request deletion of your Personal Data at any time in accordance with Section 12.3 (Right to Erasure), subject to any overriding legal retention obligations.

11

11. CHILDREN'S PRIVACY

Our Platforms are designed for use by adults. We do not knowingly collect Personal Data from children (individuals below the age of eighteen (18) years) without verifiable parental or guardian consent.

Where a parent or legal guardian seeks to register a child as a patient on AYKA Care or to obtain teleconsultation services on behalf of a child, the following requirements apply:

  • The parent or guardian must create and maintain the account; the child may not independently create or hold an account;
  • The parent or guardian must provide verifiable consent for the collection and processing of the child's Personal Data and Health Data at the time of registration;
  • Health Data relating to the child will be associated with the parent or guardian's account and will not be processed for any purpose beyond provision of the requested healthcare services; and
  • The parent or guardian may, at any time, withdraw consent for the processing of the child's data, access the child's records, or request deletion of the child's data, by contacting our Grievance Officer.

We have implemented age verification measures at the time of registration. If we discover that we have inadvertently collected Personal Data from a child without verifiable parental consent, we will take immediate steps to delete such data. If you believe we may have collected data from a child without appropriate consent, please contact us immediately at the details provided in Section 19.

12

12. YOUR RIGHTS AS A DATA PRINCIPAL

Under the Digital Personal Data Protection Act, 2023, you, as a Data Principal, have the following rights in relation to your Personal Data processed by us:

12.1 Right to Access Information About Processing (Section 11, DPDP Act)

You have the right to obtain confirmation as to whether we are processing your Personal Data, and to access a summary of the Personal Data being processed, the processing activities undertaken with respect to your data, and the identities of other Data Fiduciaries and Data Processors with whom your data has been shared.

12.2 Right to Correction and Updation (Section 12, DPDP Act)

You have the right to request correction of inaccurate or misleading Personal Data, completion of incomplete Personal Data, and updation of Personal Data that is no longer current. We will process such requests within a reasonable time and will notify any Data Processor or recipient with whom the corrected data must be updated.

12.3 Right to Erasure (Section 12, DPDP Act)

You have the right to request the erasure of your Personal Data where the purpose for which it was collected is no longer being served, or where you withdraw consent and no other legal basis for processing exists. Please note that we may be required to retain certain data beyond your erasure request to comply with legal obligations, including the Health Data retention requirements specified in Section 10.

12.4 Right to Nominate (Section 14, DPDP Act)

You have the right to nominate any other individual to exercise your rights under the DPDP Act in the event of your death or incapacity. You may register or update your nominee through your account settings or by contacting our Grievance Officer.

12.5 Right to Grieve (Section 13, DPDP Act)

You have the right to have your grievances regarding the processing of your Personal Data addressed by our Grievance Officer within the timelines specified in Section 17 of this Policy. If you are dissatisfied with our response, you have the right to escalate your complaint to the Data Protection Board of India.

13

13. HOW TO EXERCISE YOUR RIGHTS

To exercise any of the rights set out in Section 12, or to ask questions or raise concerns about our data processing practices, you may contact our Grievance Officer using the details provided in Section 17. Your request should include:

  • your full name and registered email address or mobile number;
  • the specific right you wish to exercise and the Personal Data to which your request relates; and
  • any supporting information or documentation relevant to your request.

We will acknowledge your request within forty-eight (48) hours and will endeavour to respond substantively within thirty (30) days of receipt. Where additional time is required due to the complexity of the request, we will notify you of the reason for delay and the expected resolution timeline.

We may request additional information to verify your identity before processing requests relating to Personal Data, to ensure the security and privacy of our users.

14

14. COOKIES AND TRACKING TECHNOLOGIES

Our websites and Platforms use cookies, web beacons, pixel tags, and similar tracking technologies to enhance user experience, analyse platform usage, and deliver relevant communications.

We use the following categories of cookies:

  • Strictly Necessary Cookies: essential for the basic functioning of our Platforms, including authentication, session management, and security. These cannot be disabled without affecting your ability to use core features.
  • Functional / Preference Cookies: used to remember your preferences, language settings, and personalisation choices to improve your experience.
  • Analytics and Performance Cookies: used to collect anonymised information about how users interact with our Platforms, enabling us to improve performance and user experience. These include tools such as Google Analytics operating under data processing agreements.
  • Marketing and Targeting Cookies: used only with your explicit consent to deliver targeted communications and measure the effectiveness of our marketing campaigns. These include third-party tools such as the Meta Pixel and Google Ads tags.

You can manage your cookie preferences through your browser settings or through the cookie consent banner displayed on our websites. Please refer to our Cookie Policy for a complete list of cookies used, their duration, and instructions for managing preferences.

15

15. SECURITY MEASURES

We implement robust technical and organisational security measures to protect your Personal Data from unauthorised access, accidental loss, alteration, or destruction. Our security framework includes:

15.1 Technical Measures

  • Encryption: all Personal Data, and in particular Health Data and financial information, is encrypted at rest using AES-256 encryption and in transit using TLS 1.2 or higher;
  • Access Controls: role-based access control (RBAC) ensures that only authorised personnel can access Personal Data, strictly limited to the extent necessary for their designated functions;
  • Authentication: multi-factor authentication (MFA) is enforced for administrative access to systems containing Personal Data;
  • Audit Logging: comprehensive audit logs are maintained for all access to, and operations performed on, Personal Data, and are reviewed periodically; and
  • Vulnerability Management: regular security assessments, penetration testing, and vulnerability scans are conducted to identify and remediate security weaknesses.

15.2 Organisational Measures

  • Data Protection Training: all employees and contractors with access to Personal Data are required to undergo data protection and security training;
  • Confidentiality Obligations: all personnel processing Personal Data are bound by confidentiality obligations and non-disclosure agreements;
  • Third-Party Assessments: all Data Processors and service providers are required to demonstrate equivalent security standards as a condition of engagement; and
  • Business Continuity: we maintain business continuity and disaster recovery plans to minimise disruption and data loss in the event of a system failure or security incident.

Notwithstanding the foregoing, no method of electronic transmission or storage is one hundred percent secure. We cannot guarantee the absolute security of your Personal Data and encourage you to exercise caution when transmitting sensitive information online. You are responsible for maintaining the confidentiality of your account credentials.

16

16. PERSONAL DATA BREACH RESPONSE

In the event of a Personal Data Breach, we will follow the procedure set out below in compliance with Section 8(6) of the DPDP Act, 2023 and the directions of the Data Protection Board:

  • Detection and Containment: upon detection of a breach, our security team will immediately initiate containment measures to limit the scope and impact of the breach;
  • Assessment: we will assess the nature, scope, and likely consequences of the breach, including the categories and approximate number of Data Principals affected;
  • Notification to Data Protection Board: we will notify the Data Protection Board of India of the breach in the form, manner, and within the timeframe prescribed by the Board, providing details of the nature of the breach, the Personal Data affected, and the remedial measures taken or proposed;
  • Notification to Affected Data Principals: we will notify each affected Data Principal of the breach in clear and plain language, including the nature of the data compromised, the likely impact, and the steps we are taking to address the breach and protect affected individuals; and
  • Remediation: we will implement remedial measures to address the vulnerabilities that gave rise to the breach and to prevent recurrence.

We maintain an incident response plan and conduct regular breach simulation exercises to ensure preparedness. All breach notifications to Data Principals will be delivered through the contact details registered with the Platform.

17

17. GRIEVANCE REDRESSAL

In accordance with Section 13 of the Digital Personal Data Protection Act, 2023, Rule 5(9) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and Rule 5 of the SPDI Rules, 2011, we have designated a Grievance Officer to receive and resolve grievances from Data Principals regarding the processing of their Personal Data.

Grievance Officer / Data Protection Officer

Name
Aakash Yadav
Designation
Grievance Officer & Data Protection Officer
Company
AYKA Clyvora Private Limited
Email
support@aykacare.in
Postal Address
AYKA Clyvora Private Limited, 5/1115, Khalapar Mohalla, Memaran, Saharanpur, Uttar Pradesh — 247001
Phone
+91 92207 82066
Working Hours
Monday to Saturday, 10:00 AM to 6:00 PM IST (except public holidays)

We will acknowledge your grievance within forty-eight (48) hours of receipt and will aim to resolve it within thirty (30) days. If your grievance is not resolved to your satisfaction, you may escalate it to the Data Protection Board of India at www.dpb.gov.in.

18

18. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update or amend this Privacy Policy from time to time to reflect changes in our business practices, technology, legal requirements, or regulatory developments.

In the event of a material change to this Policy — including any change that affects the purposes for which Personal Data is processed, the categories of data collected, or the rights of Data Principals — we will provide you with at least thirty (30) days' prior notice through one or more of the following channels:

  • a prominent notice on our Platform or website;
  • an email notification to the address registered with your account; or
  • an in-app notification.

Your continued use of our Platforms following the effective date of the revised Policy shall constitute your acceptance of the updated terms. If you do not agree to the revised Policy, you must discontinue use of our Platforms and may request deletion of your account and Personal Data.

We recommend that you review this Policy periodically to stay informed of how we protect your information. The version history and effective date of each version are maintained at the footer of this Policy.

19

19. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your Personal Data, please contact us at:

AYKA Clyvora Private Limited

CIN
U62099UP2025PTC223390
Registered Office
5/1115, Khalapar Mohalla, Memaran, Saharanpur, Uttar Pradesh — 247001, India
General Inquiries
+91 92207 82066 | info@aykacare.in
Privacy / Data Inquiries
support@aykacare.in
Grievance Officer
support@aykacare.in | Aakash Yadav
Customer Support
support@aykacare.in
Websites
www.aykacare.in, www.aykaexpert.in
20

20. EFFECTIVE DATE AND VERSION HISTORY

VersionEffective DateNature of Change
1.08 May 2026Initial publication

This Privacy Policy is published by AYKA Clyvora Private Limited in compliance with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and all other applicable laws of India.