Borderless Access Private Limited is a Company engaged in the business of collecting research data from consumer that it recruits and maintains across various countries in the world. Borderless Access Pvt. Ltd. - (hereinafter referred to as the “Company” ) has created this privacy statement in order to demonstrate our firm commitment towards information privacy and privacy regulations as applicable under various local and international laws.

MDforLives is Borderless Access proprietary website through which it conducts all of its surveys and rewards it panellists in the form of incentives.

The impending privacy statement discloses the Company's information gathering and dissemination practices. It is important for you (for the purpose of this privacy statement, the term “you”, “your” shall construe to mean the Data subject who is voluntarily registering himself or herself on the mdforlives website) to understand what information we collect about you during your visit to the mdforlives website and while participating in a survey. This privacy statement would also give you a detailed understanding about the way your information is processed after we receive a consent from you to opt in for passive measurement and installing of a particular “meter” on your device by our third party vendor (please refer the “security of personal information” clause to know more about the way Borderless Access treats the security of your data) This Privacy Policy applies to information collected on MDforLives website and its partner in case of opt in, either through online, on device surveys or passive measurement enabled through meter in case opted in and any other information that is collected by MDforLives. Borderless Access shall wherever applicable provides specific purpose and requests for your consent. To access the services that we offer, you are generally required to register in this mdforlives website and you may later on choose to establish which form of services you intend to access. In these situations, if you choose to withhold any personal data requested by us, it may not be possible for you to gain access to certain parts of the site and for us to respond to your queries in a detailed manner. However, you would be eligible to access other parts of our services apart from those that you have consented to not go ahead with.

MDforLives mobile application from Borderless Access allows panellists to take surveys they are eligible for and also provides information regarding points earned and their redemption. In addition, the app, after obtaining user opt in, in partnership with our third party, also has the capability of passively capturing mobile behavioural data through its meter installed on your device and sending it across to cloud based servers located on the Microsoft Azure platform. The installation and collection of behavioural data through the third party meter is restricted in various jurisdictions and is applicable for information that you choose to disclose over our android platform in a constricted manner. The capturing of behavioural data is not applicable to any data subject located outside the Indian Territory.

There may be certain aspects of this policy which may be applicable to you only if you are residing/a part of or a citizen of the European Union and hence If you are an individual who is planning to take part in our surveys from the European Union, then you are required to keep us informed about the same since you would be subject to additional data protection rights if you are operating from the European Union as per the GDPR. You may write to us to inform the specifics of your association with the EU by reaching out to us at dataprotectionofficer01@borderlessaccess.com.

For the purpose of this Privacy Policy the term “Personal Information shall mean any information that relates to a natural person, or related to the metered device which either directly or indirectly, in combination with other information available or is likely to be available , is capable of identifying such person or such device.”

1. Personal Information Collection and Use: 

We generally do not collect personally identifiable information about you in an automated manner except when the information is collected about you through the deployment of cookies in which case , the date and time of your visit to the website; the web address, or URL, you’re on; technical information about the IP address, browser and the operating system you use; and if you logged into mdforlives.com through your user ID would be captured by our systems , You may at any time choose to exercise an option of selecting the information to be shared with us in an explicit manner by ticking the categories of information that you wish to share with us. For example, if you submit an inquiry to us, sign up on the website or ask for our newsletters on www.mdforlives.com, you may be asked to provide certain information such as your contact details (name, e-mail address, company, etc.). We would only provide you with informative information and new features about our products in future In the event of you choosing an option which would enable us to provide you with such additional features. We will not sell or rent your personally identifiable information to third parties without your consent and such consent would be explicitly taken from you and the reason behind sharing such information would be communicated to you in a way that you would clearly understand and comprehend. You may specifically choose to deny us from sharing the information with any third party and if requested, we would provide you with an undertaking that would suggest that your information has not been shared with any third party.

If the Company receives information about you from other sources then such information shall be added to our website from time to time. This information may include your behaviour towards various content posted on our website from other sources. The inclusion of the additional data shall be done so after informing you about the sources through which we have received your information and whether if you are willing to provide us with a specific consent to utilize such information.

 MDforLives processes your personal data for the following purposes, however the purposes mentioned below are not exhaustive in nature and any additional way through which your information is being processed would be specifically informed to you: 

• The creation of a database of individuals willing to take part in research and surveys;
• Contacting you by email to invite you to take part in surveys and when permitted by you, to send you electronic marketing communications keeping you informed about the activities of MDforLives;
• Evaluating which individuals registered with MDforLives are best suited for and therefore should be approached for specific surveys;
• Providing you with information about rewards/gifts given to you by MDforLives as a result of your responding to survey requests;
• Processing the answers to surveys and summarizing the results;
• Undertaking research surveys on behalf of third parties;
• Keeping you informed and obtain your views of MDforLives’s products, services and activities;
• The administration of your membership of MDforLives (if you have registered as a member);
• Statutory and regulatory compliance;
• Processing any enquiries raised by you and other communications initiated by you in relation to your dealings with MDforLives and any services provided by MDforLives, or its legal entity Borderless Access Pvt. Ltd.;
• We may also use the information you provide in aggregate form for internal business purposes, such as generating statistics and developing marketing plans.
• We may share or transfer such non-personally identifiable information with or to our affiliates, licensees, agents and partners by pseudonymising your data.
• In addition, we may disclose any information, including personally identifiable information, we deem necessary, in our sole discretion, to comply with any applicable law, regulation, legal proceeding or governmental request.
• Please be informed that for any and all Personal Information that is gets collected or captured by the meter, we shall aggregate / collate it in a non-personally identifiable manner so that the same would not remain the Personal Information. We understand the importance of confidentiality of the Personal Information and confirm that the Personal Information will not be shared with any person in a personally identifiable manner without your specific approval.
• We only retain the personal data collected from you as long as your account is active or otherwise for a limited period of time as long as we need to fulfil the pruposes for which we have initially collected it, unless otherwise required by law. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
• We may, if necessary process your information on server located outside your country of residence. Currently we are using Microsoft Azure to secure and safely store your information.
• We may transfer all or part of its business or assets to a third party after receiving your consent. Your information or Personal Information may be a part of such business or assets. Such transfer of information may be outside your country of residence also.

 We store the data for as long as it is necessary to for us to receive information from your end, typically information associated with your account will be kept until your account is deleted. In terms of deletion of your data, you would be given an option of right to erasure of your information from our database. Should you choose to exercise this option, we would take your request into account and delete your information from our systems.

 2. Monitoring of Telephone Calls and E-mails: 

Your telephone calls and e-mails to us may be recorded and monitored for quality control purposes. We may also intercept communications made to individual members of staff at Borderless Access when this is required for business purposes.

3. Cookies:

One or more "cookies" will be placed on the hard disk of the computer(s) used by site visitors, panellists and survey takers in order to allow MDforLives to recognize the participant when they connect to the website, in order to facilitate the management of MDforLives, for statistical purposes (pages consulted, date and time of consultations etc.), and to enable us to provide the participant with surveys specifically tailored to his / her interests. This will not affect the performance of your computer but simply provide you with additional opportunities to receive more surveys relevant to your interests.

Only information collected by cookies as specified in this section of our privacy policy is automatically collected from users of the site. In the event that we do collect any personal data about visitors to the site it is available only to MDforLives.

Site users may disable the installation of “cookies” or to delete cookies installed by Borderless Access or its clients. To do so you should modify your browser settings click on the help section of your Internet browser and follow the instructions.

4. Log Files: 

www.mdforlives.com records details of individual accesses to its web pages. This information may include details of Internet IP addresses and browser types. We use this information to provide a more relevant user experience for you. In addition, we use your IP address to help diagnose problems with our server, and to administer our Web site. Access by third parties to full log files may be allowed under controlled circumstances for the purposes of auditing. Abstracted log information not showing individual's actual Internet addresses is provided to third parties. 

5. Sharing:

Though we make every effort to preserve your privacy, we may need to disclose your personal information when we have a good-faith belief that such action is necessary to comply with a judicial proceeding or a court order or if we believe it is necessary in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of MDforLives site terms, or as otherwise required by law.

We may share your personal information and/or social-demographic information, including, without limitation, a unique identification number (“UID”), zipcode/postal code, gender, marital status, education, ethnicity/race (where permitted by applicable law, we do not provide your information to any third party MR companies if the data privacy laws of the country that you reside in restricts us from doing so), employment related information, and non-personally identifiable information on household members, with third party sample/market research companies (individually each a “Third Party MR Company” and collectively the “Third Party MR Companies”) for the purpose of identifying survey opportunities that you may be eligible for through the Third Party MR Companies. We may share information to protect the rights and property of the Company, our agents, customers and other, this includes enforcing our agreements, policies and terms of use. Also, the information may be shared by us in an emergency. This includes protecting the safety of our employees and agents, our customers or any other person. We may also share your information with our qualified specialists to improve your user experience. If you are eligible for a survey opportunity, the Third Party MR Company will provide your unique identification number and a survey link to us and we will invite you to participate in the survey. We will not share your name, email address, or phone number with the Third Party MR Companies. If you have any questions about this data sharing or want to opt-out of the data sharing please contact us at MDforLives - Surveys .

6. Delete/Unsubscribe policy

If you choose to end your membership with MDforLives or to require us to cease processing your personal data, you may automatically discontinue your membership by clicking on Unsubscribe after logging-in to MDforLives. By following the appropriate directions, your record will be marked as “do not contact”, and you will no longer receive communications from MDforLives. In addition, you will forfeit any incentive balance that has not been requested as of the time you opt out. Please allow two to three business days for processing of this change. As an alternative, you may send an Email directly to MDforLives - Surveys  requesting to be removed [for our panellists located in the EU region, please refer to the e-mail ID provided at the end of this policy]. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

7. Security of personal information:

Borderless Access is an ISO:270001 certified company and we take adequate steps to help protect your personal information, however you acknowledge that no company can fully prevent security risks and we do not under any circumstances represent that the website is free from any harmful elements including but not limited to viruses, spywares, cancel bots, Trojans and such application which may be placed on the website without the knowledge of the Company, however the Company shall take all necessary and reasonable steps mentioned below to ensure that the website is free from the above mentioned programs.

In pursuance to the GDPR regulations, we would be taking the below steps to ensure that your data is safe and secure while it is with us:

• We pseudonymise and encrypt sensitive & special category of personal data.
• We maintain ongoing confidentiality, integrity, availability and resilience of processing systems and services.
• We have the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
• We have a dedicated process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing your data.
• We have contracts with third parties to ensure that the same level of protection is accorded to the data transferred to third countries or international organisations.
• In case if your data is being shared with any third party then you would specifically be made aware of the names of such third party to whom your data is being shared after receiving an explicit consent from you.

Where we have given you (or where you have chosen) as password that enables you to access all or certain parts of our website, you are responsible for keeping this password confidential. We require you not to share passwords with anyone.

8. Notification of Changes: 

We may revise this Privacy Policy from time to time. If we decide to change our Privacy Policy, we will post the revised policy here and notify you of the same. We suggest that you periodically consult this Privacy Policy to see the relevant changes made to this statement. Please note that our rights to use your personally identifiable information will be based on the privacy policy in effect at the time the information is used. 

9. Children's privacy:

Borderless Access does not collect any information from any child without permission from his/her parents or legal guardian. If Borderless Access learns that a child under the age of 16 has submitted personally identifiable information online, in contravention of these measures, Borderless Access will take all reasonable measures to delete such information from its databases and to not use such information for any purpose.

10. Privacy Principles: 

Borderless access complies with the privacy requirements as set forth by the European Union's data protection regulation GDPR (General data protection regulation) regarding the collection, use and retention of personal information. Borderless access ensures adherence to principle listed below.

• Personal information is processed lawfully, fairly and in a transparent manner in relation to the data subjects (“Lawfulness, fairness and transparency”)
• Personal Information is collected for specified, explicit and legitimate purpose and not further processed in a manner that is incompatible with those purpose (“Purpose limitation”)
• Personal information is adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed (“data minimization”)
• Information is accurate and where necessary, kept up to date; every reasonable step is taken to provide that personal which is inaccurate, having regard to the purpose for which it is processed, is erased or rectified without delay (“ccuracy”)
• Information is kept in a form which permits identification of data subjects for no longer that is necessary for the purpose for which personal data is processed (“storage limitation”)
• Information is processed in a manner that ensures appropriate security of the personal data, including protection against the unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organization measures (“Integrity and confidentiality”)

11. Individual Rights: 

As per the GDPR regulations, you will have the below rights for being a data subject (for the purpose of this clause you will be defined as an “Individual”)

• An individual has the rights to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have rights to transmit to another controller without hindrance from the controller to which personal data have been provided.
• An individual has the rights to object, on ground relating to his or her particular situation, at any time, to the processing of personal data concerning him or her including profiling based on those provisions. The controller shall no longer process personal data unless the controller demonstrates controlling legitimate grounds for the processing which override the interests, rights and freedoms of the individual or for the establishment, exercise or defence of legal claims.
• An individual has the rights not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
• An individual has rights to obtain from the controller confirmation as to whether or not personal data concerning him or her is being processed and where that is the case, access to the personal data and the following information is provided.
  • The purpose of the processing.
  • The categories of personal data concerned.
  • The recipient or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organization.
  • Where possible, the envisaged period for which the personal data will be stored or if not possible, the criteria used to determine the period.
  • The existence of the rights to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing.
  • The rights to lodge a complaint with a supervisory authority.
  • Where person data is not collected from the data source, any available information as to their source.
• An individual has the rights to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
• An individual has the rights to obtain from the controller the erasure or forgotten of personal data concerning him or her without undue delay.
• An individual has the right to obtain from the controller restriction of processing in a situation where accuracy of the personal data is contested by the data subject, the processing is unlawful and data subject opposes the erasure of the personal data and requests the restriction of their use instead.
• The notification of the personal data breaches with serious impact on the individual privacy will be reported to supervisory authority and the communication of personal data breach of data subject.

12. Security of personal data: 

Compliance and cooperation with regulatory authority:

We regularly review our compliance with our privacy notice. We also adhere to regulatory framework including GDPR (General data protection regulation) and other applicable regulation around private data protection.

When we receive formal written complaints, we will contact the person who made the complaint to follow-up. We will work with the appropriate regulatory authorities, including local data protection authorities to resolve any complaint the personal data that we cannot resolve with data subject directly. Also, by accessing this Website and its contents, you understand that data privacy laws may vary across various jurisdictions and you would be subjected to the laws of the country under which you reside.

Comments: 
We have taken great measures to ensure that your visit to www.mdforlives.com is an excellent one and that your privacy is respected. If you have any questions, comments or concerns about our privacy practices, please contact us by email on  MDforLives - Surveys   or write to the following address: 

Borderless Access Pvt. Ltd. 
Building 2B, Tower 3, 7th Floor,
Embassy Tech Village (Formerly Vrindavan Tech Village), 
Marathalli – Sarjapur Outer Ring Road,
Devarabeesanahalli, Bangalore-560 103.

Borderless Access has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:

Attn: dataprotectionofficer01@borderlessaccess.com [For our panellists from the EU Region only]