Legal

Privacy Policy

Effective Date: January 2026  ยท  Last Updated: May 2026

Your privacy matters. This Privacy Policy explains what personal data NeuroNurture collects, how we use and share it, and the rights you have under the Digital Personal Data Protection Act 2023 and other applicable Indian laws.

NeuroNurture, a brand of Ananya Healthcare Solutions Pvt Ltd ("we", "our" or "us"), with its registered office at 55/A Jubilee Enclave, Hyderabad 500081, Telangana, India, values your trust and is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, store and safeguard your personal data when you visit our website, use our mobile application or otherwise interact with our services, in accordance with the Digital Personal Data Protection Act 2023 (DPDP Act), the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 (SPDI Rules) and other applicable Indian laws.

On this page
  1. Scope & Applicability
  2. Information We Collect
  3. How We Use Your Information
  4. Legal Basis for Processing
  5. Sharing & Disclosure
  6. Cross-Border Transfers
  7. Children's Data
  8. Cookies & Tracking
  9. Data Security
  10. Data Retention
  11. Your Rights as a Data Principal
  12. How to Exercise Your Rights
  13. Data Breach Notification
  14. Third-Party Links
  15. Updates to This Policy
  16. Grievance Redressal / DPO

01 Scope & Applicability

This Privacy Policy applies to all personal data collected through our website (www.neuronurtureglobal.com), mobile application, screening platform and any related communications or services. By using our services, you acknowledge that you have read and understood this Policy.

02 Information We Collect

We collect personal data that you voluntarily provide, that we generate through your use of the services, and that we receive from third parties (where lawful). This may include:

  • Identification data: name, email address, phone number, role (parent, teacher, doctor), clinic or school affiliation.
  • Screening data: questionnaire responses, screening results and report content. Where the screening relates to a child, this includes the child's age, sex, developmental indicators and any health information provided by the parent, guardian or professional.
  • Sensitive Personal Data or Information (SPDI): health-related information shared with us during screening, in accordance with the SPDI Rules 2011 and the DPDP Act 2023.
  • Account & usage data: login details, IP address, browser type, device identifier, operating system, pages visited, time spent and referring URLs.
  • Communications: any correspondence, enquiry or feedback you send to us.
  • Cookies and similar technologies: see Section 8.

03 How We Use Your Information

We use your personal data for the following purposes:

  • To provide, operate, maintain and improve our screening platform and services.
  • To generate screening reports and provide referral guidance.
  • To respond to enquiries, demo requests and support questions.
  • To personalise your experience and the content we present to you.
  • To send service-related communications, updates and notices.
  • For research, analytics and product improvement, using de-identified or aggregated data wherever possible.
  • To comply with legal, regulatory and contractual obligations.
  • To detect, prevent and address fraud, security or technical issues.

04 Legal Basis for Processing

We process personal data under the DPDP Act 2023 on the basis of:

  • Consent: free, specific, informed, unconditional and unambiguous consent that you (or, in the case of a child, a parent or lawful guardian) provide when registering or completing a screening.
  • Legitimate uses: certain limited uses recognised under the DPDP Act, such as compliance with a legal obligation, response to a medical emergency or fulfilment of a service voluntarily requested by you.

You may withdraw consent at any time, subject to applicable legal restrictions. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.

05 Sharing & Disclosure

We do not sell your personal data. We may share personal data only:

  • With trusted data processors and service providers who help us operate the platform (e.g. cloud hosting, communications, analytics), under contractual obligations to maintain confidentiality and security.
  • With healthcare or educational professionals nominated by you (e.g. the paediatrician or school administrator with whom you choose to share a screening report).
  • When required or permitted by law, including in response to a lawful request from a court, regulator or government authority.
  • To protect rights, safety or property of NeuroNurture, our users or the public.
  • In connection with a corporate transaction (e.g. merger, acquisition or sale of assets), subject to the protections of this Policy.

06 Cross-Border Transfers

Some of our service providers may be located outside India. Where personal data is transferred outside India, we will do so only in accordance with the DPDP Act 2023 and any restrictions notified by the Central Government, and we will ensure appropriate safeguards are in place to protect your data.

07 Children's Data

NeuroNurture's services involve the processing of data relating to children. In line with the DPDP Act 2023:

  • We will obtain verifiable consent from a parent or lawful guardian before processing the personal data of a child (defined as an individual below 18 years of age).
  • We will not undertake processing that is likely to cause any detrimental effect on the well-being of a child.
  • We will not carry out tracking, behavioural monitoring or targeted advertising directed at children.

08 Cookies & Tracking

We use cookies and similar technologies to operate the website, remember your preferences, analyse traffic and improve performance. You can control cookies through your browser settings. Disabling certain cookies may affect functionality.

09 Data Security

We implement reasonable and appropriate technical and organisational security practices as required under the IT Act 2000, the SPDI Rules 2011 and the DPDP Act 2023, including:

  • Encryption of data in transit and, where appropriate, at rest.
  • Access controls and role-based permissions.
  • Secure cloud hosting with reputable providers.
  • Regular security reviews, audits and staff training.

No method of transmission over the internet or method of electronic storage is fully secure. While we strive to protect your personal data, we cannot guarantee absolute security.

10 Data Retention

We retain personal data only for as long as is necessary to fulfil the purposes set out in this Policy or as required by applicable law. Where personal data is no longer required, we will erase, anonymise or otherwise dispose of it in accordance with the DPDP Act 2023 and our data retention policy.

11 Your Rights as a Data Principal

Under the DPDP Act 2023, you (as a Data Principal) have the right to:

  • Access: Obtain a summary of the personal data we hold about you and the processing activities undertaken.
  • Correction & Erasure: Request the correction of inaccurate or misleading data, and the erasure of personal data that is no longer required.
  • Withdraw consent: Withdraw any consent previously given for the processing of your personal data.
  • Nominate: Nominate another individual to exercise your rights in the event of your death or incapacity.
  • Grievance redressal: Lodge a complaint with our Grievance Officer / Data Protection Officer (see Section 16) and, if unsatisfied, with the Data Protection Board of India.

12 How to Exercise Your Rights

To exercise any of the rights above, please contact us using the details in Section 16. We may need to verify your identity before responding to your request. We will respond within the timelines prescribed under Indian law, generally within 30 days.

13 Data Breach Notification

In the event of a personal data breach that is likely to result in risk to your rights, we will notify the Data Protection Board of India and affected Data Principals as required by the DPDP Act 2023 and applicable rules, without undue delay.

14 Third-Party Links

Our website and services may contain links to third-party websites. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review the privacy policies of any third party before sharing personal data with them.

15 Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our services or applicable law. Updated versions will be posted on this page with a revised "Last Updated" date. Where changes are material, we will use reasonable efforts to notify Users in advance.

16 Grievance Redressal / Data Protection Officer

If you have any questions, concerns or grievances about your personal data or this Privacy Policy, please contact our Data Protection Officer / Grievance Officer:

  • Name: Madhavi Adimulam
  • Designation: Data Protection Officer & Grievance Officer
  • Email: Hello@neuronurtureglobal.com
  • Phone: +91 98485 13192
  • Address: NeuroNurture, a brand of Ananya Healthcare Solutions Pvt Ltd, 55/A Jubilee Enclave, Madhapur, Hyderabad 500081, Telangana, India

We will acknowledge your communication within 24 hours and respond within the timelines prescribed under Indian law. If you remain dissatisfied with our response, you may escalate the matter to the Data Protection Board of India.