Privacy Notice

Yantir Full Privacy Notice

Last updated: 14/09/2025 • Version: 1.0

1. Who we are

Data Controller: Yantir Ltd
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Contact email: contact@yantir.com

2. What personal data we collect

We collect the following categories of personal data:

  • • Identity information: Name, date of birth, gender
  • • Contact information: Email address, phone number, postal address
  • • Health & medical information: Chronic disease data, symptoms, medications, test results
  • • Usage data: App usage metrics, logs, device information
  • • Location data: If enabled, approximate or precise location for features like reminders/appointments
  • • Other user-provided data: Profile photos, notes, preferences

3. How & why we use your data

We process your personal data for the following purposes:

  • • To provide and maintain Yantir's services (e.g. health tracking, personalised recommendations)
  • • To communicate with you (e.g. notifications, reminders, customer support)
  • • To improve our services (analytics, app performance, feature development)
  • • To comply with legal obligations (e.g. medical data regulation, record-keeping)
  • • For research and development with your explicit consent

4. Legal basis for processing

Under UK GDPR, our lawful bases include: your consent, performance of a contract, legitimate interests, and/or compliance with a legal obligation.

Under India's DPDP Act, we rely on data principal's consent or voluntary provision of personal data, or other lawful basis permitted under the law for specific cases.

Where we process sensitive personal data / special category data (e.g. health data), we will obtain explicit consent from you, unless another specific exception / lawful basis applies.

5. When & how we collect your data

  • • Directly from you when you register, fill in your profile, use health tracking/symptom logging, upload data etc.
  • • From devices or services you connect (e.g. wearables) if you choose to integrate them
  • • From usage of the app (logs, metrics) automatically

6. Sharing / Disclosure of Personal Data

We may share your data with:

  • • Service providers / processors who assist us (e.g. cloud hosting, analytics, communication services)
  • • Healthcare professionals or partners (only if you have consented to share)
  • • Legal or regulatory authorities (as required by law)
  • • Third parties in case of business transfers (merger, acquisition etc.) — any such transfer will preserve user privacy and comply with applicable law

7. International transfers

If your data is transferred outside your home country (UK / India), we will ensure that appropriate safeguards are in place, such as: Standard contractual clauses, Adequacy decisions (if applicable), and other measures required under the relevant law.

8. Retention period

  • • For as long as your account is active and as needed to provide services
  • • For a limited period after account closure (12 months) for legal, regulatory, or audit purposes
  • • Health data / sensitive data: retained only as long as is required and as per applicable health/medical data regulations

9. Your rights

You have rights under UK GDPR and under India's DPDP Act, including:

  • • Right of access (you can ask for a copy of your personal data)
  • • Right to rectification (correction of inaccurate or incomplete data)
  • • Right to erasure (delete your personal data under certain conditions)
  • • Right to restrict processing
  • • Right to object (where lawful basis allows)
  • • Right to withdraw consent (where processing is consent based)
  • • Right to lodge a complaint with the relevant supervisory authority: in UK the Information Commissioner's Office; in India the Data Protection Board

10. How you can exercise your rights

To exercise any of the rights above, you can contact us at:
Email: contact@yantir.com
Postal Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

We aim to respond to all requests within 28 days unless an extension is justified.

11. Security & Safeguards

We implement reasonable technical and organisational measures to protect your personal data including encryption, access controls, secure storage. Only authorised personnel have access.

In case of any data breach, we will notify affected individuals where required by law, and the relevant supervisory authority (ICO in UK / Data Protection Board in India) as required by law.

12. Children's data

If you are under 18 (or the legal age in your jurisdiction), your use of Yantir must be under verifiable parental/guardian consent. We do not knowingly collect or process health data of children without such consent.

13. Changes to this notice

We may update this privacy notice from time to time. We will post the new version here and update the "Last updated" date. If changes are material, we may notify you (e.g. via email or in-app).

14. How to complain

If you believe your data protection rights have been violated, you can:

  • • Contact us at: contact@yantir.com
  • • Lodge a complaint with the Information Commissioner's Office (UK) at https://ico.org.uk, or contact them on 0303 123 1113
  • • Lodge a complaint with the Data Protection Board of India (when established under DPDP Act) once it is constituted and operational