Effective Date: 2^nd October, 2025

At The Hyphen Konnect (“THK”), we respect your privacy and are committed to protecting the confidentiality and security of the information you share with us. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information in connection with our website, platform, and services. It reflects the confidentiality standards in our client and therapist agreements and is designed to align with the Digital Personal Data Protection Act, 2023 (India) and other applicable law.

Scope and Acceptance.
This Policy applies to personal information we process when you visit our website, create an account, communicate with us, or use our therapy, medical, or legal consulting services online. By using our website or services, you consent to the practices described in this Policy. If you do not agree, you should not use the website or services.

The Information We Collect.
We collect information necessary to deliver services safely and effectively. This may include identifiers such as your name, contact details, and emergency contact; service-related information such as medical history, therapy notes, legal matter details, and session content; session recordings where applicable; billing details and transaction records; and technical information such as IP address, device and browser details, and usage data generated through cookies or similar technologies. We may also retain communications you send to us, including forms and feedback.

How We Use Information.
We use information to register and manage your account, schedule and conduct sessions, coordinate care among our authorized professionals, and provide services you request. We process payments, verify and improve service quality, and maintain accurate records. We may use recordings, where created, strictly for supervision, quality assurance, and internal audits, and to discourage unauthorized off-platform dealings between clients and professionals. We also use information to comply with legal obligations, respond to lawful requests from authorities, and conduct internal analytics and research using de-identified or aggregated data where feasible.

Legal Basis, Consent, and Withdrawal.
We rely on your consent, the performance of a contract, compliance with law, and our legitimate interests (balanced against your rights) as legal bases for processing. We will seek explicit consent where required—particularly for sensitive personal data such as health information and for session recordings. You may withdraw consent at any time by contacting us; however, withdrawal may limit access to certain services and does not affect processing previously carried out or processing required by law.

Confidentiality and Recordings.
Confidentiality is central to our work. Information shared during sessions is kept confidential, subject to legally recognized exceptions such as risk of harm to self or others, suspected abuse of a minor or vulnerable person, a valid court order, or other mandatory-reporting obligations. Where sessions are recorded, access is limited to the authorized administrative team for supervision and quality control. Recordings are not used for marketing, are not shared with third parties without your written consent, and are retained only for as long as necessary for the purposes stated in this Policy and applicable law.

Sharing and Disclosure.
We do not sell or trade personal data. We may share information with authorized professionals involved in your care, and with trusted service providers who support our operations (for example, cloud hosting, payment processing, communication tools), subject to confidentiality and data-protection obligations. We may disclose information to legal or governmental authorities when required by law or to protect rights, safety, or property. In emergencies or where there is a credible risk of harm, we may contact your emergency contact or appropriate services. Where you specifically consent, we may share information in ways you request.

Data Security and Retention.
We implement reasonable administrative, technical, and physical safeguards to protect personal information against loss, misuse, unauthorized access, disclosure, alteration, and destruction. Despite these measures, no system is completely secure, and we encourage you to protect access to your devices, email, and accounts. We retain personal information, including recordings where applicable, only for as long as necessary to provide services, satisfy legal and professional requirements, and enforce our agreements, after which it is securely deleted or de-identified.

Cookies and Similar Technologies.
We may use cookies and similar technologies to operate the website, remember preferences, understand usage patterns, and improve performance. You may adjust your browser settings to refuse cookies; doing so may affect site functionality.

International Transfers.
If personal information is transferred outside India—for example, to cloud infrastructure located abroad—we will ensure that appropriate safeguards are in place and that such transfers are consistent with applicable Indian law.

Your Rights.
Subject to law, you may have the right to request access to your personal information, seek correction of inaccuracies, request deletion or restriction of processing in certain circumstances, and withdraw consent where consent is the basis of processing. You may also raise a grievance or lodge a complaint with the appropriate authority. To exercise your rights, please contact us using the details below. We will respond within timelines required by law.

Children’s Privacy.
Our services are intended for adults. Users under eighteen (18) require parent or guardian consent. We do not knowingly collect personal information from minors without such consent; if we learn we have done so, we will take appropriate steps to delete it.

Updates to This Policy.
We may revise this Policy from time to time. The Effective Date at the top indicates the latest version. Material changes will be highlighted on our website or communicated by email where appropriate. Your continued use of the website or services after changes take effect signifies acceptance.

Contact and Grievance Redressal.
We take privacy concerns seriously and have appointed a Grievance Officer in accordance with applicable law. You may contact us for questions, requests, or complaints:

Grievance Officer
Email: Grievance@thephyenkonnect.com

Governing Law and Jurisdiction.
This Policy is governed by the laws of India. Subject to good-faith efforts at amicable resolution, the courts of Hyderabad, Telangana, India will have exclusive jurisdiction over disputes arising from or relating to this Policy or our processing of personal information.