Privacy Policy

Last updated: March 11, 2026

Introduction

This Privacy Policy ("Policy"), read with the Terms of Use, govern the manner in which Goodness Factory Living Essentials Private Limited, a private limited company registered under the Indian Companies Act, 2013, and having its registered office at 506/507, 1st Main Road, KR Garden, Murugeshpallya, Bengaluru, India (“Company”, “Beyond”, "we," "our," or "us") collects, uses, maintains, stores, processes, and discloses any information collected from users ("User" or "you") of our website www.getbeyondhealth.com and all of its subdomains and aliases (the “Site”), the Beyond mobile application (the “App”), the artificial intelligence-based health information and analytical platform and services currently named as August.ai (the “Platform”) (collectively, the “Services”).

We aim to protect your personal information and respect your privacy. By accessing or using any of our Services, you confirm that you have read and agree to be bound by this Policy and consent to the collection, storing, processing, of your Personal Information (defined hereunder), as described under this Policy. If you do not agree with the terms of this Policy, including in relation to the manner of collection or use of your information, please do not use or access our Services.

General Approach

For the purpose of this Policy:

“Data Protection Law” means any data protection, data security or privacy law, including, without limitation, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (RSP Rules), Digital Personal Data Protection Act, 2023 (DPDA) and any laws governing Personal Information, Sensitive Personal Information (defined hereunder) or information outbound telephone calls, transmission of electronic mail, transmission of facsimile messages and any other communication-related and applicable data protection, data security or privacy laws.

“Personal Information” means any personally identifiable information relating to an identified or identifiable individual or User, including data that identifies an individual or User or that could be directly, and without being combined or used with any other data, used to, contact an individual or User. Personal Information includes both directly identifiable information, such as a name, identification number, phone number or unique job title, and indirectly identifiable information such as date of birth, unique mobile or wearable device identifier, information that could be used to identify a household, telephone number, key-coded data or online identifiers, such as IP addresses, and includes any data that constitutes “personal data” under the RSP Rules, the DPDA or similar terms under other Data Protection Law.

“Sensitive Personal Data or Information” with respect to a person means such personal information which consists of information relating to:

  1. password;
  2. financial information such as bank account or credit card or debit card or other payment instrument details;
  3. physical, physiological and mental health condition;
  4. sexual orientation;
  5. medical records and history;
  6. biometric information;
  7. any detail relating to the above sections as provided to body corporate for providing services; and
  8. any of the information received under above provisions by body corporate for processing, storing or transmitting under lawful contract or otherwise.

The Company is at the forefront of conversational artificial intelligence (“AI”) technology, which we believe will revolutionize human-computer interactions. Our mission is to create AI that is safe, intelligent, empathetic, and engaging. Achieving this requires a thorough understanding of how users interact with AI. We assure you that we never sell your Personal Information or Sensitive Personal Information to any third parties or use it for targeted advertising.

Transparency about data collection, usage, and security is paramount. This Policy outlines the types of data/information we collect, how we protect it, and how it is used to enhance our Services. Key points include:

  • Beyond is an informational platform, not a substitute for professional medical advice. Always consult a healthcare professional for medical advice.
  • We collect data such as your name, phone number, and Internet Protocol (“IP”) address to operate and improve our platform, ensure user safety, and comply with our legal obligations.
  • Protecting the privacy and security of your interactions with Beyond is our top priority. We do not sell or share your data for advertising or marketing purposes.
  • Users must adhere to our Acceptable Use Policy (as set forth in our Terms of Use) and refrain from engaging in harmful, abusive, or illegal activities. Violations may result in suspension.
  • The Services are intended for users aged 18 (eighteen) years and above.
  • Content provided by Beyond should be independently verified before being relied upon.

Information We Collect

Information Provided by You

  • Contact and Account Information: First and last name, email address, phone number.
  • Content and Metadata: Messages sent using the Services.
  • Communications: Responses to surveys, questions, feedback.
  • Health Information: Information about your health, including health records retrieved from healthcare providers via FHIR APIs and health information exchanges, with your authorization; health and fitness data from Apple HealthKit and/or fitness trackers and wearables, if you choose to connect them. PDFs and images containing health-related data.
  • Other Information: As disclosed at the time of collection.

Automatic Data Collection

We and our service providers may automatically collect information about your device and interaction with our Services:

  • Device Data: Operating system, manufacturer, model, browser type, screen resolution, IP address, unique identifiers, language settings, and general location.
  • Online Activity Data: Pages viewed, time spent on pages, referral websites, navigation paths, activity on pages, access times, and engagement with communications.

We may combine this automatically collected information with other information we collect about you. This information helps us to prevent fraud and keep the Services secure, analyze and understand how the Services work for Users, and provide a more personalized experience for Users.

Tools for Automatic Data Collection

  • Cookies: Text files stored on your device to uniquely identify your browser and store information for efficient navigation and user preferences.
  • Local Storage Technologies: HTML5-based storage for larger data amounts outside the browser.
  • Web Beacons: Pixel tags or clear GIFs used to confirm access to webpages or emails.

Information from Other Sources

If you interact with our Services via third-party platforms (such as Facebook Messenger, Whatsapp), we collect your profile identifier from these platforms.

Sensitive Data

You may provide Sensitive Personal Information in your interactions with the Services. By doing so, you consent to our use of these data as outlined in this Policy. By using the Services, you are authorizing us to gather, resolve, and retain data related to the provision of the Services.

Use of Personal Information

We use Personal Information for the following purposes:

  • Service Provision: Operate, maintain, and provide our Services as per our Terms of Use, including for personalization of our Services.
  • Communication: Respond to requests, provide customer support, and send announcements, surveys, updates, and security alerts.
  • Service Improvement: Understand user needs, personalize user experiences, troubleshoot, and secure the Services.
  • Research and Development: Analyze and improve the services and our business, using anonymized or aggregated data when possible.
  • Compliance and Protection: Comply with legal obligations, protect rights and safety, enforce terms and conditions, and prevent unauthorized activities.

Your Affirmation in Relation to Your Personal Information

You hereby represent and declare that all personal information you supply to us is true, accurate, and current. We try our best to give you access to and control over any incomplete or inaccurate data, subject to any applicable legal obligations.

If you are in the European Economic Area and you believe that someone has entrusted your information to us for processing (for instance, your employer or a company whose services you use), you can request certain actions from us regarding your data. To exercise those data rights, please contact the person or company that entrusted the data to us and we will work with them on your request.

Sharing and Transfer of Personal Information

We and our Services are based in India. As a result, Personal Information that we collect in and through the Services may be transferred to our India offices. Additionally, we may work with third-party service providers to support our business activities. Thus, Personal Information may be transferred to, stored on servers in, and accessed from India. In all such instances, we may use, transfer, and disclose Personal Information solely for the purposes described in this Policy and in compliance with Data Protection Laws.

Furthermore, we do not sell or share Personal Information for advertising purposes. We may disclose Personal Information to:

  • Service Providers: Third-party providers supporting our Services (such as hosting, cloud storage, security, customer support, AI model providers).
  • Business Transferees: In the event of bankruptcy, change of control, or business sale/merger.
  • Authorities and Others: Regulatory agencies, law enforcement, courts, and other government authorities for legal compliance and protection.

Artificial Intelligence Data Uses and Disclosures

In addition to the descriptions of how data is collected, used, and disclosed above, we may also collect, use, and disclose data for purposes involving our use of artificial intelligence (“Al”), such as:

  1. Types of Personal Data AI May Process. In addition to the data types listed in Section 3 and depending on how you use our Services and the features you enable, we may also process the following Personal Data related to AI products and services:
    • Messages and other inputs you submit, and files or images you upload;
    • Audio you choose to submit (for example, voice notes) and transcripts, where available;
    • Health records, medical documents, and other health information you choose to upload, input, or connect; and
    • Health and fitness information from third-party sources you choose to connect (for example, Apple HealthKit or other integrations), subject to your settings and permissions.
  2. How We Use Personal Data Related to AI Services. We may also use your Personal Data to develop, train, or provide AI models, products, or services. Beyond personnel, including clinicians and support staff, may access or review Personal Data to provide the services, respond to requests, ensure safety, comply with law, and improve service quality.
  3. How We Disclose Personal Data Related to AI Services. We may disclose your Personal Data to the following parties in relation to AI products and services:
    • Service Providers, such as those that help us provide AI functionality and related services (e.g., cloud hosting, AI model providers, and safety, security, and monitoring tools).
    • Third-party AI providers, such as those that provide an AI-assisted feature. Where required by law, we obtain your explicit permission before sharing Personal Data with third parties, including third-party AI providers.
  4. Your choices and controls. You may choose what Personal Data to submit through our Services and which integrations to connect. You may revoke permissions or disable certain features through your device settings or within our Digital Properties, as applicable. If an AI-assisted feature requires consent, you may decline consent.

Data Collection and Security

We prioritize the integrity and security of your data. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your Personal Information which we may have access to. We take steps to ensure that your information is treated securely and in accordance with this Policy. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any information while you are providing the same to us. We do not accept liability for unintentional disclosure of such information. By using the Service or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services or sending an email to you. We may release information when its release is appropriate to comply with any applicable law, enforce our policies, or protect ours or others’ rights, property or safety. The Services may enable you to access several other third-party websites plug-ins and applications (including cookies, tracking technologies and widgets by third party advertisers) on which we have no control. It is important that you understand that by clicking on those links or enabling those connections, you may allow third parties to collect or share data about you. We do not have oversight of these third-party websites, plug-ins and applications and we are not responsible for their processing or using of your information. Any information collected by a third party in this manner is subject to that third party’s own data collection, use and disclosure policies and you must make yourselves conversant with those. We encourage you to read such third parties’ privacy statements to learn more on how they process your Personal Information. We do not assume any liability to any user for their access and use of such third-party websites and its content thereof.

Data Retention & Protection

We retain Personal Information as required by applicable Data Protection Laws and for the purposes it was collected, or until you withdraw your consent. Retention periods are determined based on the data's nature, sensitivity, risk of harm, purposes of use, and legal requirements.We maintain your records and information in a safe and secure manner as per this Policy and in compliance with the statutory provisions and directions.

By using our Services, directly or indirectly, you expressly consent to our use and disclosure of your Personal Information submitted to us in accordance with this Policy. Personal Information, if captured, is securely stored and archived. We do not allow any unauthorized access to the information stored by us in any form whatsoever. The information is securely stored and access is restricted to authorized personnel only. We take necessary physical, technical, managerial, and operational measures that are designed to improve the integrity and security of information that we collect and maintain as required by applicable Data Protection Laws. Company also regularly reviews its policies regarding the collection, storage, using and processing of your Personal Information, including physical security measures, preventing alteration, loss, query, use or fraudulent or unauthorized access of your Personal Information.

We use of firewalls, encryption and data leakage prevention technologies to protect your information and we undertake regular audit of vendors and service providers, and execution of non-disclosure agreements before availing their services.

Cookies

We use cookies to track website usage. Cookies are small data files stored on your device by your browser. These cookies enhance website performance and functionality but are non-essential. Disabling cookies may result in limited functionality, such as unavailable videos or the need to re-enter login details. We do not store personally identifiable information in cookies.

You may configure your browser to block cookies and similar technologies. Blocking essential cookies may impair website functionality and limit access to features and services. Blocking cookies may also result in the loss of saved information, such as login details and site preferences. For instructions on deleting cookies, refer to your browser's help menu.

Your Rights

In accordance with applicable Data Protection Laws, we facilitate the exercise of your rights regarding Personal Information. Contact us if you wish to access, review, erase, withdraw consent, object to, or restrict the processing of your Personal Data. We will review such requests promptly and in compliance with applicable Data Protection Laws.

We encourage you to first contact us allowing us the opportunity to address your concerns directly should you believe your rights concerning Personal Information have been violated.

Arbitration and Dispute Resolution

Governing Law

Use of Services or any issues arising out of such use of Services and any conflict with regard to these Terms and the Privacy Policy shall be governed and construed in accordance with the laws of India without regard to the conflict of laws provisions thereof. Any arbitration conducted pursuant to these Terms and/or the Privacy Policy and/or the use of Services shall be governed by the Arbitration and Conciliation Act, 2015. Subject to the Arbitration provision mentioned hereunder, all disputes arising under these Terms and/or the Privacy Policy and/or use of Services shall be subject to the exclusive jurisdiction of courts in Bangalore, Karnataka, India.

Arbitration

For any dispute with Beyond, kindly first contact us and attempt to resolve the dispute amicably. In the unlikely event that any dispute subsists after such an attempt in connection with the validity, interpretation, implementation or alleged breach of any provision of these Terms and/or the Privacy Policy or the documents they incorporate by reference, the dispute shall be referred to a sole arbitrator who shall be an independent and neutral third party identified by Beyond. The arbitration proceedings shall take place in English and shall be governed by the Arbitration and Conciliation Act, 2015. Nothing in this provision shall be deemed as preventing the Company from seeking injunctive or other equitable relief from the Courts as necessary to prevent the actual or threatened infringement, misappropriation, or violation of our data security, intellectual property rights or other proprietary rights.

Changes To Our Policy

We may change our Service and policies, and we may need to make changes to this Policy so that they accurately reflect our Service and policies. Unless otherwise required by law, we will notify you (for example, through our Service) before we make changes to this Policy and give you an opportunity to review them before they go into effect. Then, if you continue to use the Service, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any updated Privacy Policy, you must discontinue use or access to our Services.

Grievance Redressal Mechanism

Any discrepancies or grievances with regard to content and or comment or breach of this Agreement shall be taken up with the designated Grievance Officer as mentioned below via in writing or through email signed with the electronic signature to Chaithali Pisupati (“Grievance Officer”).

Chaithali Pisupati Grievance Officer 506/507, 1st Main Road, Murugeshpalya · K R Garden · Bengaluru, Karnataka - 560017

Contact Information

If you have any questions, please contact us:

  • Email: [email protected]
  • Phone: +91 74831 27040
  • Address: 506/507, 1st Main Road, Murugeshpalya · K R Garden · Bengaluru, Karnataka - 560017