Borderless Access Private Limited is a Company engaged in the business of collecting research data from consumer that it recruits and maintains across various countries in the world. Borderless Access Pvt. Ltd. - (hereinafter
referred to as the “Company” ) has created this privacy statement in order to demonstrate our firm commitment towards information privacy and privacy regulations as applicable under various local and international
MDforLives is Borderless Access proprietary website through which it conducts all of its surveys and rewards it panellists in the form of incentives.
The impending privacy statement discloses the
Company's information gathering and dissemination practices. It is important for you (for the purpose of this privacy statement, the term “you”, “your” shall construe to mean the Data subject who is voluntarily
registering himself or herself on the mdforlives website) to understand what information we collect about you during your visit to the mdforlives website and while participating in a survey. This privacy statement
would also give you a detailed understanding about the way your information is processed after we receive a consent from you to opt in for passive measurement and installing of a particular “meter” on your device
on MDforLives website and its partner in case of opt in, either through online, on device surveys or passive measurement enabled through meter in case opted in and any other information that is collected by MDforLives.
Borderless Access shall wherever applicable provides specific purpose and requests for your consent. To access the services that we offer, you are generally required to register in this mdforlives website and you
may later on choose to establish which form of services you intend to access. In these situations, if you choose to withhold any personal data requested by us, it may not be possible for you to gain access to certain
parts of the site and for us to respond to your queries in a detailed manner. However, you would be eligible to access other parts of our services apart from those that you have consented to not go ahead with.
mobile application from Borderless Access allows panellists to take surveys they are eligible for and also provides information regarding points earned and their redemption. In addition, the app, after obtaining
user opt in, in partnership with our third party, also has the capability of passively capturing mobile behavioural data through its meter installed on your device and sending it across to cloud based servers located
on the Microsoft Azure platform. The installation and collection of behavioural data through the third party meter is restricted in various jurisdictions and is applicable for information that you choose to disclose
over our android platform in a constricted manner. The capturing of behavioural data is not applicable to any data subject located outside the Indian Territory.
There may be certain aspects of this policy
which may be applicable to you only if you are residing/a part of or a citizen of the European Union and hence If you are an individual who is planning to take part in our surveys from the European Union, then you
are required to keep us informed about the same since you would be subject to additional data protection rights if you are operating from the European Union as per the GDPR. You may write to us to inform the specifics
of your association with the EU by reaching out to us at firstname.lastname@example.org.
Following paragraphs detail out the nature of the data captured and passive measurement techniques and our corresponding privacy policies related to the same.
with other information available or is likely to be available , is capable of identifying such person or such device.”
1. Personal Information Collection and Use:
We generally do not collect personally identifiable information about you in an automated manner
except when the information is collected about you through the deployment of cookies in which case , the date and time of your visit to the website; the web address, or URL, you’re on; technical information about
the IP address, browser and the operating system you use; and if you logged into mdforlives.com through your user ID would be captured by our systems , You may at any time choose to exercise an option of selecting
the information to be shared with us in an explicit manner by ticking the categories of information that you wish to share with us. For example, if you submit an inquiry to us, sign up on the website or ask for
our newsletters on www.mdforlives.com, you may be asked to provide certain information such as your contact details (name, e-mail address, company, etc.). We would only provide you with informative information and
new features about our products in future In the event of you choosing an option which would enable us to provide you with such additional features. We will not sell or rent your personally identifiable information
to third parties without your consent and such consent would be explicitly taken from you and the reason behind sharing such information would be communicated to you in a way that you would clearly understand and
comprehend. You may specifically choose to deny us from sharing the information with any third party and if requested, we would provide you with an undertaking that would suggest that your information has not been
shared with any third party.
If the Company receives information about you from other sources then such information shall be added to our website from time to time. This information may include your behaviour towards various content posted on our
website from other sources. The inclusion of the additional data shall be done so after informing you about the sources through which we have received your information and whether if you are willing to provide us
with a specific consent to utilize such information.
MDforLives processes your personal data for the following purposes, however the purposes mentioned below are not exhaustive in nature and any additional way through which your information is being processed would be specifically informed to you:
- The creation of a database of individuals willing to take part in research and surveys;
- Contacting you by email to invite you to take part in surveys and when permitted by you, to send you electronic marketing communications keeping you informed about the activities of MDforLives;
- Evaluating which individuals registered with MDforLives are best suited for and therefore should be approached for specific surveys;
- Providing you with information about rewards/gifts given to you by MDforLives as a result of your responding to survey requests;
- Processing the answers to surveys and summarizing the results;
- Undertaking research surveys on behalf of third parties;
- Keeping you informed and obtain your views of MDforLives’s products, services and activities;
- The administration of your membership of MDforLives (if you have registered as a member);
- Statutory and regulatory compliance;
- Processing any enquiries raised by you and other communications initiated by you in relation to your dealings with MDforLives and any services provided by MDforLives, or its legal entity Borderless Access Pvt. Ltd.;
- We may also use the information you provide in aggregate form for internal business purposes, such as generating statistics and developing marketing plans.
- We may share or transfer such non-personally identifiable information with or to our affiliates, licensees, agents and partners by pseudonymising your data.
- In addition, we may disclose any information, including personally identifiable information, we deem necessary, in our sole discretion, to comply with any applicable law, regulation, legal proceeding or governmental
- Please be informed that for any and all Personal Information that is gets collected or captured by the meter, we shall aggregate / collate it in a non-personally identifiable manner so that the same would not remain
the Personal Information. We understand the importance of confidentiality of the Personal Information and confirm that the Personal Information will not be shared with any person in a personally identifiable
manner without your specific approval.
- We only retain the personal data collected from you as long as your account is active or otherwise for a limited period of time as long as we need to fulfil the pruposes for which we have initially collected it,
unless otherwise required by law. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
- We may, if necessary process your information on server located outside your country of residence. Currently we are using Microsoft Azure to secure and safely store your information.
- We may transfer all or part of its business or assets to a third party after receiving your consent. Your information or Personal Information may be a part of such business or assets. Such transfer of information
may be outside your country of residence also.
We store the data for as long as it is necessary to for us to receive information from your end, typically information associated with your account will be kept until your account is deleted. In terms of deletion
of your data, you would be given an option of right to erasure of your information from our database. Should you choose to exercise this option, we would take your request into account and delete your information
from our systems.
2. Monitoring of Telephone Calls and E-mails:
Your telephone calls and e-mails to us may be recorded and monitored for quality control purposes. We may also intercept communications made to individual members of staff at Borderless Access when this is required
for business purposes.
One or more "cookies" will be placed on the hard disk of the computer(s) used by site visitors, panellists and survey takers in order to allow MDforLives to recognize the participant when they connect to the website,
in order to facilitate the management of MDforLives, for statistical purposes (pages consulted, date and time of consultations etc.), and to enable us to provide the participant with surveys specifically tailored
to his / her interests. This will not affect the performance of your computer but simply provide you with additional opportunities to receive more surveys relevant to your interests.
it is available only to MDforLives.
Site users may disable the installation of “cookies” or to delete cookies installed by Borderless Access or its clients. To do so you should modify your browser settings click on the help section of your Internet browser
and follow the instructions.
4. Log Files:
www.mdforlives.com records details of individual accesses to its web pages. This information may include details of Internet
IP addresses and browser types. We use this information to provide a more relevant user experience for you. In addition, we use your IP address to help diagnose problems with our server, and to administer our Web
site. Access by third parties to full log files may be allowed under controlled circumstances for the purposes of auditing. Abstracted log information not showing individual's actual Internet addresses is provided
to third parties.
Though we make every effort to preserve your privacy, we may need to disclose your personal information when we have a good-faith belief that such action is necessary to comply with a judicial proceeding or a court
order or if we believe it is necessary in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person,
violations of MDforLives site terms, or as otherwise required by law.
We may share your personal information and/or social-demographic information, including, without limitation, a unique identification number (“UID”), zipcode/postal code, gender, marital status, education, ethnicity/race
(where permitted by applicable law, we do not provide your information to any third party MR companies if the data privacy laws of the country that you reside in restricts us from doing so), employment related information,
and non-personally identifiable information on household members, with third party sample/market research companies (individually each a “Third Party MR Company” and collectively the “Third Party MR Companies”)
for the purpose of identifying survey opportunities that you may be eligible for through the Third Party MR Companies. We may share information to protect the rights and property of the Company, our agents, customers
or any other person. We may also share your information with our qualified specialists to improve your user experience. If you are eligible for a survey opportunity, the Third Party MR Company will provide your
unique identification number and a survey link to us and we will invite you to participate in the survey. We will not share your name, email address, or phone number with the Third Party MR Companies. If you have
any questions about this data sharing or want to opt-out of the data sharing please contact us at MDforLives - Surveys .
6. Delete/Unsubscribe policy
If you choose to end your membership with MDforLives or to require us to cease processing your personal data, you may automatically discontinue your membership by clicking on Unsubscribe after logging-in to MDforLives.
By following the appropriate directions, your record will be marked as “do not contact”, and you will no longer receive communications from MDforLives. In addition, you will forfeit any incentive balance that has
not been requested as of the time you opt out. Please allow two to three business days for processing of this change. As an alternative, you may send an Email directly to MDforLives - Surveys requesting
to be removed [for our panellists located in the EU region, please refer to the e-mail ID provided at the end of this policy]. We will retain your information for as long as your account is active or as needed to
provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
7. Security of personal information:
Borderless Access is an ISO:270001 certified company and we take adequate steps to help protect your personal information, however you acknowledge that no company can fully prevent security risks and we do not under
any circumstances represent that the website is free from any harmful elements including but not limited to viruses, spywares, cancel bots, Trojans and such application which may be placed on the website without
the knowledge of the Company, however the Company shall take all necessary and reasonable steps mentioned below to ensure that the website is free from the above mentioned programs.
In pursuance to the GDPR regulations, we would be taking the below steps to ensure that your data is safe and secure while it is with us:
- We pseudonymise and encrypt sensitive & special category of personal data.
- We maintain ongoing confidentiality, integrity, availability and resilience of processing systems and services.
- We have the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
- We have a dedicated process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing your data.
- We have contracts with third parties to ensure that the same level of protection is accorded to the data transferred to third countries or international organisations.
- In case if your data is being shared with any third party then you would specifically be made aware of the names of such third party to whom your data is being shared after receiving an explicit consent from you.
Where we have given you (or where you have chosen) as password that enables you to access all or certain parts of our website, you are responsible for keeping this password confidential. We require you not to share
passwords with anyone.
8. Notification of Changes:
9. Children's privacy:
Borderless Access does not collect any information from any child without permission from his/her parents or legal guardian. If Borderless Access learns that a child under the age of 16 has submitted personally identifiable
information online, in contravention of these measures, Borderless Access will take all reasonable measures to delete such information from its databases and to not use such information for any purpose.
10. Privacy Principles:
Borderless access complies with the privacy requirements as set forth by the European Union's data protection regulation
GDPR (General data protection regulation) regarding the collection, use and retention of personal information. Borderless access ensures adherence to principle listed below.
- Personal information is processed lawfully, fairly and in a transparent manner in relation to the data subjects (“Lawfulness, fairness and transparency”)
- Personal Information is collected for specified, explicit and legitimate purpose and not further processed in a manner that is incompatible with those purpose (“Purpose limitation”)
- Personal information is adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed (“data minimization”)
- Information is accurate and where necessary, kept up to date; every reasonable step is taken to provide that personal which is inaccurate, having regard to the purpose for which it is processed, is erased or rectified
without delay (“ccuracy”)
- Information is kept in a form which permits identification of data subjects for no longer that is necessary for the purpose for which personal data is processed (“storage limitation”)
- Information is processed in a manner that ensures appropriate security of the personal data, including protection against the unauthorized or unlawful processing and against accidental loss, destruction or damage,
using appropriate technical or organization measures (“Integrity and confidentiality”)
11. Individual Rights:
As per the GDPR regulations, you will have the below rights for being a data subject (for the purpose of this clause
you will be defined as an “Individual”)
- An individual has the rights to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have rights to transmit
to another controller without hindrance from the controller to which personal data have been provided.
- An individual has the rights to object, on ground relating to his or her particular situation, at any time, to the processing of personal data concerning him or her including profiling based on those provisions.
The controller shall no longer process personal data unless the controller demonstrates controlling legitimate grounds for the processing which override the interests, rights and freedoms of the individual or
for the establishment, exercise or defence of legal claims.
- An individual has the rights not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or
- An individual has rights to obtain from the controller confirmation as to whether or not personal data concerning him or her is being processed and where that is the case, access to the personal data and the following
information is provided.
- The purpose of the processing.
- The categories of personal data concerned.
- The recipient or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organization.
- Where possible, the envisaged period for which the personal data will be stored or if not possible, the criteria used to determine the period.
- The existence of the rights to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing.
- The rights to lodge a complaint with a supervisory authority.
- Where person data is not collected from the data source, any available information as to their source.
- An individual has the rights to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her.
- An individual has the rights to obtain from the controller the erasure or forgotten of personal data concerning him or her without undue delay.
- An individual has the right to obtain from the controller restriction of processing in a situation where accuracy of the personal data is contested by the data subject, the processing is unlawful and data subject
opposes the erasure of the personal data and requests the restriction of their use instead.
- The notification of the personal data breaches with serious impact on the individual privacy will be reported to supervisory authority and the communication of personal data breach of data subject.
12. Security of personal data:
Compliance and cooperation with regulatory authority:
We regularly review our compliance with our privacy notice. We also adhere to regulatory framework including GDPR (General data protection regulation) and other applicable regulation around private data protection.
When we receive formal written complaints, we will contact the person who made the complaint to follow-up. We will work with the appropriate regulatory authorities, including local data protection authorities to resolve
any complaint the personal data that we cannot resolve with data subject directly. Also, by accessing this Website and its contents, you understand that data privacy laws may vary across various jurisdictions and
you would be subjected to the laws of the country under which you reside.
13. PRIVACY NOTICE AND DISCLOSURES FOR CALIFORNIA RESIDENTS
This Privacy notice is applicable in-conjunction with above policy clauses.
The California Consumer Privacy Act provides consumers with specific rights regarding their personal information. This section describes your rights and explains how to exercise those rights.
You have the right to request that Borderless Access disclose certain information to you about personal data collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable request, we will disclose to you:
- the categories of personal information we collected about you;
- the categories of sources for the personal information we collected about you;
- our business or commercial purpose for collecting or selling that personal information;
- the categories of third parties with whom we share that personal information,
California Consumer Privacy Act rights.
- The right to object/opt-out / Sell
- The right to know/access your personal information
- The right to request for portability/transfer of personal information
- The right to request to have your personal information deleted
- The right equal survives and price
- The individual right of action.
- The right to disclosure of Personal Information.
SALE OF PERSONAL INFORAMATION
Borderless Access is not engaged in selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, any personal information to any third party for monetary or other valuable consideration.
REQUEST TO DELETE:
You may submit a request to delete your personal data under CCPA by logging into your MDforLives account, then clicking on “Unsubscribe” in the Account Settings and choosing “Unsubscribe & Delete" option OR by contacting us at: email@example.com
HOW DO WE EVALUATE AUTHENTICITY OF REQUEST?
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
RESPONSE TO CUSTOMER REQUEST
We strive to respond to a verifiable consumer request within 45 days of its receipt of your request. If we require more time, we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month look-back period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We will not discriminate against you for exercising any of your rights, unless permitted by the California Consumer Privacy Act.
We will not:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including
- through granting discounts or other benefits, or imposing penalties;
- Provide you a different level or quality of goods or services;
This policy and the terms herein shall be applicable to you in the event of borderless access undergoes any functional changes in the way it operates. Such changes may include the Company being re-branded or undergoing the process of a merger or demerger etc. On the occurrence of any of these events, your rights as data subjects would remain intact without any changes.
We have taken great measures to ensure that your visit to www.mdforlives.com is an excellent one and that your privacy is respected.
If you have any questions, comments or concerns about our privacy practices, please contact us by email on MDforLives - Surveys or
write to the following address:
Borderless Access Pvt. Ltd.
Building 2B, Tower 3, 7th Floor,
Embassy Tech Village (Formerly
Vrindavan Tech Village),
Marathalli – Sarjapur Outer Ring Road,
Devarabeesanahalli, Bangalore-560 103.
Borderless Access has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:
Attn: firstname.lastname@example.org [For
our panellists from the EU Region only]