Privacy Policy

This Privacy Policy governs the manner in which M/s. PRABA’S V CARE HEALTH CLINICS PRIVATE LIMITED (hereinafter referred to as “the Company”, “we”, “our” or “us”) collects, processes, stores, and utilizes data relating to employees participating in the Company’s Internal Training & System-Based Testing Program (“the Program”). Your participation constitutes express and informed consent to the terms stated herein.

1.      Scope of Data Collection:

We collect and retain the following categories of employee-specific and system-level data:

  • Employee identifiers, including full name, designation, department, and unique employee ID;
  • Login and logout timestamps;
  • Module access history, clickstream navigation behavior, and duration of engagement;
  • Test performance metrics including scores, attempt count, and error logs;
  • Device-level information such as IP address, operating system details, browser metadata, and session activity;
  • Anomalies flagged by the system for review, including unusual access timing, unauthorized script activity, and suspected impersonation.

2.      Purpose and Legal Basis of Processing:

All data is collected and processed strictly for internal operational and compliance purposes, including but not limited to:

  • Monitoring training progress and determining module completion;
  • Conducting performance evaluation and eligibility assessment for role advancement;
  • Ensuring academic integrity and detection of test manipulation or misconduct;
  • Enabling data-backed decisions for reassignment, promotion, probation extension, or termination;
  • Fulfilling audit, regulatory, or statutory compliance obligations where applicable. 

3.      Internal Data Access and Disclosure:

Access to employee data is restricted to authorized personnel operating under strict confidentiality obligations, including:

  • The Human Resources Department (for service record management and performance tracking);
  • The Learning & Development Division (for program progression and remedial support);
  • System Administrators (for integrity validation and breach detection);
  • Designated Company Directors or Investigation Officers (for escalation, inquiry, or disciplinary action).

We do not sell, transfer, lease, or share any personal or training-related data with third parties for marketing or commercial purposes. Disclosure to external agencies shall occur only where mandated by law, judicial order, or government directive.

4.      Data Security and Infrastructure Safeguards:

The Company adopts a zero-tolerance posture toward data misuse. Security measures include:

  • End-to-end encryption for all stored logs and sensitive performance data;
  • Multi-level access control systems with traceable audit trails;
  • Role-based user authentication and session locking;
  • Intrusion detection systems and behavioral anomaly triggers;
  • Scheduled vulnerability scans and compliance checks.

Any unauthorized access, including attempted manipulation or circumvention of system protocols, shall trigger immediate investigation and may result in disciplinary action and criminal prosecution.

5.      Retention and Archiving:

Employee training and test-related data shall be retained:

  • For the entire duration of employment, and
  • For a period of three (3) years thereafter, for reference, audit, or legal purposes.

Upon the lapse of the retention period, such data shall be archived securely or destroyed in compliance with internal policy and applicable law.

6.      Employee Responsibilities:

Each participant in the Program is bound by the following data conduct obligations:

  • Maintain the confidentiality of login credentials, access devices, and authentication keys;
  • Refrain from sharing program content, screenshots, code, or assessments with unauthorized individuals;
  • Immediately report any suspicious access, phishing attempt, or breach indicator to the Human Resources or IT Security team.

Negligence, willful disregard, or failure to report a breach shall be treated as complicity.

7.      Breach Consequences and Accountability:

In the event of a confirmed or traceable data breach attributable to your conduct whether through action or omission -you shall:

  • Be notified through formal company communication channels;
  • Be subject to internal inquiry under the Company's Code of Conduct and IT Usage Policy;
  • Be held liable for any reputational damage, regulatory penalty, or financial loss suffered by the Company as a result of the breach.

Where warranted, legal action shall be pursued under the Information Technology Act, 2000, and the Bharatiya Nyaya Sanhita, 2023, without prejudice to the Company’s right to initiate employment-related disciplinary measures, including suspension or termination.

8.      Consent and Acceptance:

By accessing the Program or initiating any training or test attempt, you confirm that you have read, understood, and unconditionally agreed to this Privacy Policy and the associated Terms & Conditions. Continued participation shall constitute renewed consent to any future revisions thereof.