Privacy Policy

Takalam L.T.D. (“Takalam”), a limited liability company established in the United Arab Emirates, owns and maintains (a) www.TakalamHere.com, a wellness counseling website, as well as a mobile application (the “App”), and collectively (the "Platform").

Takalam is dedicated to maintaining privacy protections that provide users with confidence and clarity whenever using the Platform. Respecting users' privacy is one of the most important pillars of Takalam’s operations. No other counseling platform is more committed to protecting privacy interests and personal data.

This Privacy Policy describes the basis upon which any personal data Takalam collects from you or that you provide in using the Platform (collectively, “Personal Data”, further defined below) will be processed in connection with your use of the Platform and the Services (defined below).

Please read this Privacy Policy carefully before using the Platform to understand our views, policies, and practices regarding your Personal Data and how we will treat it.

All credit/debit card details and personally identifiable information will NOT be stored, sold, shared, rented, or leased to any third parties. Takalam will not pass any debit/credit card details to third parties.

Privacy Policy and the User Agreement

The User Agreement, which all users voluntarily and knowingly agree to enter into by accessing the Platform, and this Privacy Policy constitute all terms and conditions for the use of the Platform. By your use of the Platform to obtain counseling services, you agree to the handling of your Personal Data in accordance with this Privacy Policy. If you do not understand any aspect of the Privacy Policy or have any queries in relation to it, please contact us at info@Takalam.ae.

The Platform may include links to third-party websites, plug-ins, and applications, including those of Counselors whose services are offered through the use of the Platform. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. Takalam does not control these third-party websites and applications and is not responsible for their privacy policies or their use of your personal data. When you leave the Platform, you are encouraged to read the privacy policy of every website and application you visit.

Restricted Use of the Platform By Minors - Parent/Guardian Consent

The Platform is not for use by persons under 18 years of age, and parents or guardians shall restrict minors' access to the Platform. Takalam does not knowingly collect Personal Data from persons under 18. If you are under 18, you are not authorized to use the Platform, and you shall not provide any information about yourself to us. By accessing, using, and/or submitting information to or through the Platform, you represent that you are not under 18 years of age. If we learn we have collected or received Personal Data from a person under 18, we will use that information only to respond directly to that child (or his/her parent or legal guardian) to inform the child that he/she cannot use the Platform, and we will subsequently delete that information. If you believe we might have any information from or about a person under 18 for which there is no legal parental or guardian consent, please contact us at info@Takalam.ae.

We employ robust mechanisms to verify parental consent for users under 18. If you believe we have collected data from a minor without proper consent, please contact us immediately.

Personal Information

Personal Data or personal information means any information about an individual from which that person can be identified. We may collect, use, store, and transfer different kinds of Personal Data about you, which includes but is not limited to:

• Identity and Contact Data: Billing address, delivery address, location, email address, telephone numbers, and subscription details.
• Communications Data: Your interactions with Takalam via social media platforms, email, electronic messages, and other electronic and non-electronic communication.
• Counselors’ Data: Title and full name; clinic locations; relevant expertise, symptoms, and procedures; languages spoken; and education and qualifications.
• Financial Transaction Data: Bank account and payment card details, history of payments to and from you, and other details of online consultations with Counselors you have booked through the Platform.
• Technical Data: Internet protocol (IP) address, your login data, browser type and version, make and model (mobile phones only), operating system, hardware version, Platform, device settings, and other technology identification on the devices used to access the Platform, file and software names and types, device identifiers, time zone setting and location, device locations such as through GPS, Bluetooth, or Wi-Fi signals, browser plug-in types and versions, operating system and Platform, connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number, and IP address.
• Profile Data: Your username and password, transactions or bookings made by you, your interests, preferences, feedback, and survey responses.
• Usage Data: Information about how you use the Platform, how you use your devices to access the Platform, including the screens you visit and searches you make.
• Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties and your communication preferences.
• Subscription Data: Details related to your subscription, including payment details, subscription preferences, and duration of the subscription.

Aggregated Data

We collect, use, and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your Personal Data but is not considered Personal Data as this data does not directly or indirectly reveal your identity. We may aggregate your usage data to calculate the percentage of users accessing a specific feature. However, if we combine or connect aggregated data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Policy.

How is your Personal Data collected?

We use different methods to collect data from and about you including through:

• Information you give us through Direct interactions: You may give us your Identity and Contact Data, Profile Data, Financial Transaction Data, Marketing and Communications Data by using the Platform, filling in forms, or by corresponding with us by phone, email, in person, or otherwise. This includes Personal Data provided when you:
• Apply for or purchase our services;
• Fill in forms or create an account on the Platform;
• Subscribe to our services or publications;
• Request further information to be sent to you;
• Enter a survey;
• Use our services with a Platform Counselor;
• Request marketing to be sent to you;
• Give us feedback or contact the support team.
• Information we collect about you through automated technologies or interactions: As you interact with the Platform, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this Personal Data by using cookies, server logs, and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details.
• With regard to each of your visits to our Platform, we may collect the following information:
• Information obtained from video consultation;
• Data provided by your Insurer;
• Communications with us via social media platforms, email, electronic messages, and other electronic and non-electronic communications;
• Your networks and connections made available to us, depending on the permissions you have granted, from your mobile and desktop devices’ address book contacts, and other social media such as Facebook, Instagram, and Twitter.
• Information we receive from third parties or publicly available sources: We may receive Personal Data about you from various third parties and public sources as set out below:
• Technical Data from the following parties:
• Analytics providers;
• Advertising networks; and
• Search information providers.
• Contact, Financial, or Transaction Data from providers of technical and payment services.

If you fail to provide Personal Data

Where we need to collect Personal Data by law, or under the terms of the agreements we have with you and you fail to provide that data when requested, we cannot perform the agreement we have or are trying to enter into with you. In this case, we may cancel an appointment you have booked through the Platform, but we will notify you about the cancellation.

How we use your Personal Data

We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data when it is necessary:

• For performance of the User Agreement we are about to enter into or have entered into with you: This means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
• For our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests: Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
• To comply with a legal obligation: Complying with a legal obligation means processing your Personal Data where it is necessary for compliance with a legal obligation that we are subject to.

Legal Basis for Processing:

• Subscription Processing: We process your personal data based on the performance of a contract (your subscription to our services).
• Explicit Consent: We obtain your explicit consent for processing any sensitive personal data related to mental health services.

The following are some of the common purposes or activities for which the Data may be processed:

• We keep a record of the Services provided to you so that this information can be used for billing purposes.
• The information may be provided to your insurance company if you are seeking to recoup the expense of the Services from your chosen insurance company.
• We may be required to provide your Personal Data to regulators as necessary.
• We will pass on your Personal Data to a court of law when a court order has been issued.
• To provide you, or permit selected third parties to provide you, with information about services we feel may interest you. If you are an existing Client, we will only contact you by electronic means (e-mail, SMS, or push message) with information about services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new user, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.
• To notify you about changes in our service.
• To ensure that content from the Platform is presented in the most effective manner for you and for your device.
• To administer the Platform for internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes.
• To improve the Platform to ensure that content is presented in the most effective manner for you and for your computer.
• To allow you to participate in interactive features of our service when you choose to do so as part of our efforts to keep the Platform safe and secure.
• To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
• To make suggestions and recommendations to you and other users of the Platform about services that may interest you or them.
• To comply with a legal or regulatory obligation.

Withdrawal of Consent

You have the right to withdraw consent to marketing at any time by contacting us. As specified in this Privacy Policy, we do not rely on consent as a legal basis for processing your Personal Data, although we will get your consent before sending third-party direct marketing communications to you via email or text message.

Change of Purpose

We will only use your Personal Data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at info@Takalam.ae. If we need to use your Personal Data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Location Information

You can choose whether or not to allow the Platform to collect and use real-time information about your device’s location through the device’s privacy settings. If you block the use of location information, some parts of the Platform may then be inaccessible or not function properly.

Links to Third-Party Sites

The Platform may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.

Where we store your Personal Data

We will at all times comply with the applicable laws, regulations, decrees, and policies issued by relevant authorities in the UAE (collectively, “Local Laws”) and will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. We store all your personal counseling data (including your primary care information, secondary care information, medication information, and diagnostic information) on secure servers. Any payment transactions will be encrypted. We do not store any credit or debit card information. Payments are processed via a third-party payment provider that is fully compliant with Payment Card Industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology. Once we have received your information, we will use strict procedures, industry-standard physical, technical, and administrative safeguards and security features to try to prevent unauthorized access.

Disclosures of your Personal Data

You agree that we have the right to share your Personal Data, with the exception of your personal health records, with any employee or contractor of Takalam. We may share your Personal Data with the parties set out below for the purposes set out in the table above. We may disclose your Personal Data to third parties in the following scenarios:

• External Third Parties:
• Our users through the Platform, in the case of Counselors Data.
• Counselors with whom you have booked appointments through the Platform, in the case of Identity Data and Contact Data.
• Counselors with whom you have booked appointments for online consultations through the Platform, in the case of Identity, Contact, Financial Data, and Transaction Data.
• Service providers acting as processors who provide IT, system administration, and payment processing services.
• Professional advisers acting as processors or joint controllers, including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
• Regulators and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
• Third parties:
• If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, regulation, subpoena, court order, legal process, or government request or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of us, our Clients, or others.
• If we believe in good faith that it is necessary to protect the rights, property, or safety of us, our Clients, or others, to investigate fraud or respond to a government request.
• To notify or assist in notifying a family member, personal representative, or another person responsible for your care of your location and general condition.
• To whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Data in the same way as set out in this privacy policy.
• Other Third Parties:
• Contractors, mental-health professionals, physicians, psychologists, counselors, service providers, business associates, our staff, and any third parties we use to support our business and to provide health care services.
• Advertisers that require the data to select and serve relevant adverts to you and others.
• Analytics and search engine providers that assist us in the improvement and optimization of the Platform.
• Other Service providers, health plans, or their related entities for their treatment or payment activities, or health care activities.

We require all Third Parties to respect the security of your Personal Data and to treat it in accordance with the laws of the United Arab Emirates. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.

Transfers of Personal Data outside of the United Arab Emirates; Application of GDPR Issues

The Personal Data that we collect from you is stored in the UAE, but may be shared within Takalam by Takalam employees/agents/contractors. This may involve your data being transferred to, and stored at, a destination outside of your country of residence, or outside of the jurisdictions in which the persons to whom such Personal Data relates. It may also be processed by staff operating outside such jurisdictions who work for Takalam or a vendor. Such staff may be engaged in, among other things, the fulfillment of your booking/appointment, and the provision of support services. Your Personal Data may be transferred, stored, processed, and used by our affiliated companies and/or non-affiliated service providers in one or more countries outside your country. We ensure your Personal Data is protected in these cases by requiring all our group companies to follow the same rules when processing your Personal Data. Whenever we transfer your Personal Data out of such jurisdictions or to third parties, we aim to ensure a similar degree of protection is afforded to it by the use of contractual obligations. Where we use certain service providers, we may use specific contracts that give Personal Data the same protection it has in such a relevant jurisdiction. In the event of a conflict between applicable laws, regulations, decrees, and policies issued by relevant authorities in the UAE (collectively, “Local Laws”) and any legal authorities issued by foreign governments, the Local Laws will prevail.

GDPR

Takalam makes all reasonable efforts to comply with applicable, existing European Union (EU) data privacy regulations. In particular, the General Data Protection Regulation (2016/679) is a regulation in EU law on data protection and privacy applicable and available to all individuals within the European Union and the European Economic Area. This body of regulations, which also addresses the export of personal data outside the EU and EEA and is commonly referred to as “GDPR.” The basic tenants of the promulgated GDPR regulations include, but are not limited to disclosure when Takalam can sell, transfer, or third party marketing of User’s data.

At Takalam, you already have the ability to access your Personal Data and use it as you wish. This Privacy Policy and User Agreement is clear on what consent we seek with regard to your data and prior to your engagement with your Provider. We will provide our Clients notice of any data breach involving Personal Data that may occur.

The GDPR takes into account what has been termed the right “to forget”, effectively providing for you to request the deletion of your data once you cease using the Platform. This particular tenant of the GDPR may conflict with other applicable medical records retention laws. Applicable individual country medical retention laws are generally considered an acceptable exception to the GDPR regulations regarding the right to the deletion of certain data.

In the United States, this requires at least seven (7) years of retention, which is common globally. In other countries, retention of ten (10) years or more is required. Consequently, Takalam will not erase private health data directly upon a Client’s request, because of legal duties making it essential for medical file retention purposes.

Data Security

The Platform uses a highly secure and encrypted backend system ensuring optimal functionality, privacy, and security, however, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to the Platform, and any transmission is at your own risk. The only risk of jeopardizing the user’s privacy would be as a result of having their own personal email account hacked, and that would have no relation to do with the Platform.

We implement stringent security measures to protect your subscription and payment data, including encryption, secure payment gateways, and regular security audits.

Data Breach Notification

In the event of a data breach involving your personal data, we will notify you and the relevant authorities as required by law, detailing the nature of the breach and the measures taken to mitigate its effects.

Passwords and Confidentiality

If you are provided with a password or any other piece of information as part of our security procedures for a registration-only section of the Platform, you are responsible for maintaining the confidentiality of your password and username for the Platform and you are responsible for all activities that are carried out under them. It is important for you to protect yourself against unauthorized access to your password and to your devices used to access our Services. You are responsible for keeping your password confidential. We urge you to take steps to keep your personal information safe by not disclosing your password and by logging out of your account after each use especially when you have finished using a shared device. It is your responsibility to control the dissemination and use of your password, and to control access to and use of your user ID and password. We do not have the means to check the identities of people using the Platform and we will not be liable where your password or username is used by someone else. You agree to promptly notify us of any unauthorized use of your password or username or any other breach of security of which you become aware. We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion, you have failed to comply with any of the provisions of these terms or the Terms of Use. If you need to deactivate your account, promptly inform us.

Data Retention

We will only retain your Personal Data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements. Generally, the retention periods for different aspects of your Personal Data will be six years. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. In some circumstances, we will anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you. In some circumstances, you can ask us to delete your data: see your legal rights below for further information.

Cookies

The Platform may use "cookies" to help you personalize your online experience. Cookies are small computer text files that are placed on your computer’s hard drive by a web page server transferred to your hard drive that contain information such as user ID, user preferences, lists of pages visited, and activities conducted while browsing the Platform. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide a convenience feature to save you time. Cookies tell the Platform that you have returned to a specific page. For example, if you register an account with Takalam, a cookie helps us recall your specific information on subsequent visits. This simplifies the process of recording your personal information. When you return to the Platform, the information you previously provided can be retrieved, so you can easily use the features that you customized.

At your option, expense, and responsibility, you may accept or decline cookies. You may block cookies or delete cookies from your hard drive. However, by disabling cookies, you may not have access to the entire set of features of this Platform and some parts of them may become inaccessible or not function properly. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Platform. The Platform uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse the Platform and also allows us to improve our services. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. For more information about the cookies we use, please see our Cookie Policy.

Promotional Offers from Us

We may use your Identity, Contact, Technical, Usage, and Profile Data and Special Categories of Personal Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services, and offers may be relevant for you. We call this marketing. You will receive marketing communications from us if you have requested information from us or created an account or purchased services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.

Marketing and Opt Out

We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. We will always give you the option to choose not to receive marketing communications from us. If you do not wish to have your Personal Data used by us to promote our own or third parties’ products or services, you can opt-out by contacting us. You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time by sending us an email. If we have sent you a promotional e-mail, you may send us a return e-mail asking to be omitted from future e-mail distributions.

Third-party Marketing

We will get your express opt-in consent before we share your Personal Data with any third-party company for marketing purposes. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by contacting us.

Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. In particular, you have the right to make the following requests at any time by contacting us at info@Takalam.ae:

• Request access to your Personal Data (commonly known as a “data subject access request”): This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
• Request correction of the Personal Data that we hold about you: This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. The correction of medical records will only be done as a time-stamped addendum. Previous notes written by our doctors will never be changed or erased.
• Request erasure of your Personal Data: This enables you to ask us to delete or remove Personal Data – with the exception of medical records – where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with Local Law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
• Object to processing of your Personal Data: You can object where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms.
• Request restriction of processing of your Personal Data: This enables you to ask us to suspend the processing of your Personal Data in the following scenarios:
• If you want us to establish the data's accuracy.
• Where our use of the data is unlawful but you do not want us to erase it.
• Where you need us to hold the data even if we no longer require it as you need it to establish, exercise, or defend legal claims.
• You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your Personal Data to you or to a third party: We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw consent at any time where we are relying on consent to process your Personal Data: However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
• Request that a copy of your information is provided to another person.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Automated Decision-Making

We may use automated decision-making or profiling in the context of our subscription services to enhance your experience. You can request human intervention if you believe that an automated decision has adversely affected you.

Changes to this Privacy Policy

The User Agreement and this Privacy Policy reflect our subscription models and any changes to terms related to subscription services. The Privacy Policy is reviewed and adjusted periodically. Any changes made to the Privacy Policy will be posted on this page and, where appropriate, may be notified to you by e-mail. It shall be your obligation to regularly check the Privacy Policy for updates. Continued use of the Platform following notice of such changes will indicate your acknowledgment of such changes and agreement to be bound by the terms and conditions of such changes.

Subscription Disclaimer and Acceptance

By subscribing to our services, you agree to the specific terms and conditions associated with the subscription model you choose (monthly or annual). Each subscription model may have different benefits and terms, which will be clearly outlined at the time of subscription. By proceeding with the subscription, you acknowledge and accept these terms.

Contact Us With Any Questions

For any data protection queries, you can contact our Data Protection Officer at info@Takalam.ae.