Privacy Policy

Our Privacy Statement was first published on February 7, 2014, and was last updated on January 02, 2023. It governs the privacy terms of our website(s), located at isrgrajan.com, isrg.in, isrg.me, isrg.co.in and the services and utilities we provide you (the “Website” or the “Service”). Any capitalised terms not defined in our Privacy Policy have the same meaning as specified in our Terms of Service, accessible at isrgrajan.com/tos. The terms, “we” and “our” as used in this document refer to Isrg KB and its subsidiaries.

Table of Content

Your Privacy

Our website follows all legal requirements to protect your privacy. Our Privacy Policy is a legal statement that explains how we may collect information from you, how we may share your information, and how you can limit our sharing of your information. You will see terms in our privacy policy that are capitalized. These terms have meanings as described in the definitions section below:

Definitions

  • Personal Data: Personal data refers to information about a living person who can be identified from that information (or from that information and other information in our possession or likely to come into our possession).
  • Usage Data: Usage Data is information that is automatically collected while using a service or from the service infrastructure (for example, the time of a page visit, your IP address, your browser user agent, the language of your device, and so on).
  • Cookies: Cookies are small blocks of data created by a web server while a user is browsing a website and placed on the user’s computer or other device by the user’s web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a user’s device during a session.
  • Data Controller: “Data Controller” means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this privacy policy, we are a data controller of your data.
  • Data Processors (or Service Providers): “Data Processor” (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various service providers in order to process your data more effectively.
  • Data Subject: A “data subject” is any living individual who is the subject of personal data.
  • User: The “User” is the individual using our service. The user corresponds to the data subject, who is the subject of personal data.

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our service to you.

Types of Data Collected

  • Personal Data
    While using our service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to, an email address, name, address, state, province, zip code or postal code, city, cookies, and usage data. We may use your personal data to contact you with SMS, newsletters, marketing or promotional materials, and other information that may be of interest to you. You can opt out of receiving any or all of these communications from us by clicking the unsubscribe link or following the instructions included in any email we send. Registered users can further modify, alter, and delete their personal information by logging into their accounts.
  • Comments
    When visitors leave comments on the site, we collect the data shown in the comment form and also the visitor’s IP address and browser user agent string to help with spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available at automattic.com/privacy. After approval of your comment, your profile picture is visible to the public in the context of your comment. We also use third-party tools and services for managing comments and their privacy policy is available at facebook.com/privacy/policy.
  • Media
    We take the necessary steps to clear and remove the EXIF data from uploaded images, but in some cases, it may still contain embedded data like the device name, location information, etc. Users are encouraged to clean and remove personalised EXIF data before uploading to the website because visitors to the website can download and extract any location data from images on the website.
  • Contact forms
    While filing contact forms on the website, we collect specified and provided personal details which further subject to the collection of the personal information as specified above under section Personal Data.
  • Embedded content from other websites
    Articles on this site may include embedded content (e.g., videos, images, articles, social media posts, etc.). Embedded content from other websites behaves in the exact same way as if the visitor had visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
  • Usage Data
    We may also collect information on how the service is accessed and used (“Usage Data”). This usage data may include information such as your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

Cookies Policy

Cookies and similar tracking technologies are used to track activity on our service and store certain information. Cookies are files with a small amount of data, which may include a unique anonymous identifier. Cookies are sent to your browser from a website and stored on your device. Beacons, tags, and scripts are also tracking technologies used to collect and track information and to improve and analyse our service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service. Examples of cookies we use are session cookies (we use these cookies to operate our service) and preference cookies (we use these cookies to remember your preferences and various settings). You can instruct your web browser to stop storing cookies using the cookie setting options available in the web browser’s preferences.

Use of Data

We use the collected data for various purposes, including:

  • To provide and maintain our service.
  • To notify you about changes to our service.
  • To allow you to participate in interactive features of our service when you choose to do so.
  • To provide customer support.
  • To gather analysis or valuable information so that we can improve our service.
  • To monitor the usage of our service.
  • To detect, prevent, and address technical issues.
  • Unless you have opted not to receive such information, we will send you news, special offers, and general information about other goods, services, and events that we offer that are similar to those you have already purchased or inquired about.

Retention of Data

We will retain your personal data only for as long as is necessary for the purposes set out in this privacy policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also keep usage data for internal analysis. Usage Data is generally retained for a shorter period of time, unless it is used to strengthen the security or functionality of our Service, or we are legally required to retain this data for a longer period of time.

Transfer of Data

Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction, where the data protection laws may differ from those in your jurisdiction.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy, and no transfer of your personal data will take place to an organisation or a country unless there are adequate controls in place, including the security of your data and other personal information.

Your consent to this privacy policy, followed by your submission of such information, represents your agreement to that transfer.

Disclosure of Data

  • Business Transaction: If we are involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
  • Disclosure for Law Enforcement: Under certain circumstances, we may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), the legal basis for collecting and using the personal information described in this privacy policy depends on the personal data we collect and the specific context in which we collect it.

We may process your Personal Data because:

  • We need to perform a contract with you.
  • You have given us permission to do so.
  • The processing is in our legitimate interests, and it’s not overridden by your rights.
  • For payment processing purposes.
  • To comply with the law.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data.

If you wish to be informed of what personal data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update, or to delete the information we have on you.
  • The right of rectification: You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object: You have the right to object to our processing of your Personal Data.
  • The right of restriction: You have the right to request that we restrict the processing of your personal information.
  • The right to data portability: You have the right to be provided with a copy of your personal data in a structured, machine-readable, and commonly used format.
  • The right to withdraw consent: You may also withdraw your consent at any time if we rely on it to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Service Providers

We may employ third-party companies and individuals to facilitate our service (“Service Providers”), to provide the service on our behalf, to perform service-related services, or to assist us in analysing how our service is used.

These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party service providers to monitor and analyse the use of our service.

  • Google Analytics: Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads in its own advertising network. You can prevent Google Analytics from tracking your activity on the Service by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, gtm.js, and dc.js) from sharing information with Google Analytics about visits and activity. For more information on the privacy practises of Google, please visit the Google Privacy and Terms web page: http://www.google.com/intl/en/policies/privacy/
  • Yandex Metrika: Yandex Metrica is a free web analytics service offered by Yandex that tracks and reports website traffic. Yandex Metrica may deploy tags to collect audience, traffic, and behaviour data for the website. For more information on the privacy practises of Yandex, please visit the Yandex Privacy and Terms web page: yandex.com/legal/metrica_termsofuse
  • Cloudflare: We use Cloudflare as our DNS provider, data processors, CDN provider and its various services like Monitoring, Security, and analytics etc. to provide high-quality and seamless services. The Privacy Policy of Cloudflare is accessible at cloudflare.com/privacypolicy.
  • StackPath: We use StackPath as CDN provider which further offers various services like traffic monitoring, security, traffic routing etc. The Privacy Policy of StackPath is accessible at stackpath.com/legal.
  • Microsoft Clarity: We use Microsoft Clarity to monitor traffic, and analytical purposes. The privacy policy is accessible at https://privacy.microsoft.com/en-gb/privacystatement.

Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g., payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are:

Advertisements

Advertising keeps our website and many of the websites and services you use free of charge. We and our advertising agencies work hard to make sure that ads are safe, unobtrusive, and as relevant as possible. We ensure no ads contain malware, ads for counterfeit goods, or ads that attempt to misuse your personal information. You may opt out of personalized advertising by visiting www.aboutads.info. The Privacy Policy and Terms of Services of the advertising agencies that we use are available at: policies.google.com and taboola.com/policies/privacy-policy.

Links to other sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.

Family Educational Rights and Privacy Act (FERPA)

Our services comply with all applicable provisions of the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99). We receive Student Data from School Customers as a “school official” under FERPA and only process Student Data for educational purposes. In the event we receive a subpoena or judicial order for the disclosure of education records, we will notify the associated School Customer(s) prior to fulfilling the request in accordance with §99.31(a)(9). For additional information on FERPA, please visit the U.S. Department of Education’s Privacy Technical Assistance Center.

Children’s Online Privacy Protection Act (COPPA)

Our services comply with all applicable provisions of the Children’s Online Privacy Protection Act (COPPA) (15 USC 6501 et seq.) To the extent COPPA applies to information we collect, we process such information for educational purposes only, at the direction of the partnering School Customer and on the basis of educational institution consent. For additional information on COPPA and educational institution consent, please refer to the Federal Trade Commission’s Complying with COPPA: Frequently Asked Questions.

Our COPPA & New York Section 2-D Compliance Policies

We takes student data privacy seriously. In alignment with U.S. Federal Law and Article 1 – Section 2D of the Laws of New York, we take the following actions to ensure student data privacy:

  1. We limits access to students’ education records to teachers and administrators who are named employees of the institutions with whom we partner, and only for legitimate educational interests.
  2. We does not use the education records for any purpose other than those explicitly authorized in our contract.
  3. Except for our authorised representatives, to the extent they are carrying out the contract, we do not disclose any personally identifiable information to any other party without the prior written consent of the parent or eligible student, or unless required by statute or court order, and the party provides a notice of the disclosure to the department, district board of education, or institution that provided the information no later than the time the information is disclosed, unless providing notice of the disclosure is expressly prohibited by the statute or court order.
  4. We maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in our custody.
  5. We use encryption technology to protect data while in motion or in our custody from unauthorised disclosure using a technology or methodology specified by the secretary of the United States Department of Health and Human Services in guidance issued under Section 13402(H)(2) of Public Law 111-5.

India — Code Of Ethics For Digital News Websites

The Digital News Publishers Association has voluntarily drawn up a Code of Ethics for its members as outlined below, which demonstrates their commitment to responsible digital publishing –even as it, in order to protect our 19 (1) (a) and other Constitutionally mandated freedoms, keeps under review and scrutinizes any developments likely to restrict the gathering and dissemination of news and current affairs or any other content.

The object of this Code is to outline high standards, ethics and practices in digital news publishing, and does not constitute any attempt to involve itself in the day to day operations of the publishers –who have complete editorial and content independence.

The basic precepts of the Code of Ethics are to maintain the standards of digital publishing as well as protect and maintain the independence of journalists, content entities and publishers.

  1. Digital news websites follow the laws of the land including the Constitution of India, the over 30 laws relating to the media, relevant provisions of IPC, CrPC as well as the Information Technology Act, 2000, where applicable.
  2. They also diligently adhere to accepted norms of journalistic ethics and practices and maintain the highest standards of professional conduct. There are several layers of these self-regulatory ethics and codes – including as outlined by specific entities as well as rigorous processes in newsrooms at the level of journalists and editors.
  3. Accuracy, Transparency & Fairness Members should eschew publication of inaccurate, baseless or distorted material. Pre-publication verification should be mandatory. Defamation should be avoided. Adherence to applicable laws and rules is necessary.
  4. Right of reply
    • News reports and articles should incorporate comments or version of person or party in respect of whom allegations are carried. If not carried, the person or party’s response, if received later, to be incorporated.
    • If there are developments in the news, and the concerned person or party requests an update, the same must be carried appropriately. Date of update should also appear in the news item published.
  5. Take down, delete or editIf news report or article is found to contain false or inaccurate information, then on approach by the concerned person or party, providing correct information, identifying himself or herself, providing required documents or material, the portion of the news report or article should be edited or deleted.If entire news report is found to contain false, inaccurate information, the entire article should be deleted.
  6. Respect Intellectual Property Rights
    • Copyright in text, photographs, plans, diagrams, cartoons, etc must be respected. If copyrighted material is used, then prior permission should be taken and publication must acknowledge moral and ownership rights.
    • If permission requires payment of fee or royalty, the same must be paid.
    • Trade Marks and Service Marks of third parties not to be used except with prior permission or if such use constitutes fair use.
    • In case infringement of intellectual property – upon receiving any request and after getting the necessary documents, the concerned content should be edited, deleted or take down if necessary.
  7. Care to be taken for reporting sensational matters and crime. Presumption of innocence must be preserved. Comments and speculation on evidence, witness and witness conduct, accused and victim and their respective conduct to be avoided. Such reporting should be based on facts and unbiased.
  8. Special care to be taken while reporting on sexual harassment in workplace, child abuse, rape, where accused or victims are minors, matrimonial, riots and communal disputes / clashes, divorce and custody cases, adoption matters, etc.
    • Care to be taken, to follow Sections 67, 67A and 67B of the Information Technology Act, 2000 where applicable — which provide for penalties for publishing or transmitting obscene material, sexually explicit material and also material depicting children in sexually explicit acts, in electronic form.
  9. Grievance Redressal Mechanism Members –when intermediaries as defined under the Information Technology Act, 2000— follow the grievance redressal mechanism as outlined therein and are cognizant of the liabilities and safe harbor protections under Section 79 of the IT Act 2000. Hence, as relevant, they follow the Information Technology (Intermediary Guidelines) Rules, 2011 including appointing a grievance officer whose contact details are displayed on the website and who acts within 36 hours of receipt of complaint by affected person and redresses the complaint within one month from its receipt.
  10. Training and Awareness ProgramsConduct periodic training and awareness programs with editorial staff about existing laws including Constitution of India, the over 30 laws relating to the media like The Indecent Representation of Women (Prohibition) Act, Copyright Act, Right to Information Act, relevant provisions of Indian Penal Code and CrPC, civil and criminal defamation, IPR, Juvenile justice, POCSO, relevant provisions relating to reporting on rape and molestation, harassment in the work place, caste or gender related crime, domestic violence, etc.
    • Names of victims and details leading to identification of victims or perpetrator, if juvenile or in the workplace, to be strictly avoided.
    • Photographs of victims, their residence, workplace, etc to be avoided.
    • Special care and caution must be exercised at all times while reporting matters related to communal or religious disputes/clashes. Such news items shall be published only after a proper verification of facts and should be presented with due caution and restraint, ensuring an environment that is conducive to promoting communal harmony, amity and peace.
    • Special care in reporting on Courts and judicial matters. Create awareness among editorial staff about legislative privileges and correct reporting of Court hearings, judicial matters, etc. To ensure that versions of victim and accused are covered, without comments thereon.
    • Respect for privacy especially persons not in public life.

Brazilian General Data Protection Law (LGPD)

If you reside in the Federative Republic of Brazil (“Brazil”), we will be the controller of your Personal Data provided to, collected by or for, or processed by in connection with our Services.

Legal Basis for Processing Personal Data (LGPD) Brazil

If you are a Customer, Site Visitor, or User from Brazil, under the Lei Geral de Proteção de Dados federal law 13,709/2018 (the “LGPD”), our legal basis for collecting and using the Personal Data described above (also referred to in this Section 5.4 as “Brazil Data”) will depend on the Personal Data concerned and the specific context in which we collect it.

However, we will normally collect Personal Data from you only (i) where we have your consent to do so, (ii) where we need the Personal Data to perform a contract with you, or (iii) where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.

If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).

Similarly, if we collect and use your Personal Data in reliance on our legitimate interests (or those of any third party), a notice will be provided to you in our disclosure statement.

If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, including if you would like to better understand how our legitimate interests to process your data are balanced against your data protection rights and freedoms, please contact us.

Your Rights to Your Personal Data (Brazil)

You have the right to request that we (i) confirm whether we are processing your Personal Data, (ii) provide you with access to the Personal Data we hold about you, (iii) disclose the public and private entities with which we have shared use of your Personal Data, (iv) correct your Personal Data, (v) export your Personal Data, for your own use or use by another controller (vi) anonymize, block, or delete any unnecessary or excessive data, (vii) delete all your Personal Data, and (vii) cease or restrict processing of your Personal Data. If you are a User and would like to understand what Personal Data and behavioral information we holds about you, specifically, and how you can exercise any of your rights with respect to your Personal Data, please visit your account. Customers may also submit a data subject access request by contacting us so that we may either respond with the relevant information or, if applicable, direct this request to, and cooperate with, your employer to respond.

The Canadian Consumer Privacy Protection Act (CPPA)

In any organization, failure to protect personal information can increase the risk of a privacy breach. These privacy breaches can lead to things such as reputational harm, fraud or identity theft.

We will protect personal information from loss or theft, unauthorized access, use or disclosure, modification or destruction through appropriate administrative, technical and physical security measures and safeguards.

The level of safeguards used to protect personal information will depend on the:

  • sensitivity of the personal information;
  • amount, distribution and format of the information;
  • method of storage.

We follow the Government of Canada’s Security Policy and any other direction or guidance on information technology security received from the relevant federal agencies.

Consent
Wherever possible, we seek a person’s consent before we collect their personal information. The form of consent may vary depending on the circumstances and the type of information being requested. Consent can be express or implied, and can be provided directly by the individual or by an authorized representative.

Express consent is preferred. Express consent can be given orally, electronically or in writing. Implied consent may be reasonably inferred from a person’s action or inaction. For example, providing a name and address to receive a publication or providing a name and telephone number to receive a response to a question. When determining the appropriate form of consent, we take into account the sensitivity of the personal information, the reasons we are collecting it, and the reasonable expectations of the person. When using personal information for a new purpose, we will document that new purpose and ask for consent again.

During our investigations, it may not always be possible to obtain a person’s consent to collect, use, or disclose their personal information. Both the Privacy Act and PIPEDA allow for the disclosure of personal information during the course of an investigation if it is necessary to carry out that investigation.

We will not use your personal information without your consent unless it is either:

  • for the same purpose for which the information was originally collected or compiled,
  • consistent with that purpose,
  • for a purpose that may be disclosed under section 8(2) of the Privacy Act.

The California Consumer Privacy Act (CCPA)

For California Residents Only. We may disclose your Personal Information to our subsidiaries or other third parties who may use that information to market directly to you. As a California resident, you have the right to opt-out of having your Personal Information licensed to such third parties. We will not share your information after we have received your notification that you are opting out. If you wish to opt-out you can contact us.

Changes to this Privacy Policy

We may update our privacy policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our service, prior to the change becoming effective, and update the “effective date” at the top of this Privacy Policy.

You are advised to review this privacy policy periodically for any changes. Changes to this privacy policy are effective when they are posted on this page.

Contact us

If you have any questions about this Privacy Policy, please contact us by using the contact information we provided on our Contact page.