Privacy Policy

Applicability and Scope

This Privacy Policy applies to information collected from users in India who interact with Lean Protocol through the Platform, consultations, customer support, forms, messages/calls/emails, home lab collection coordination, medicine fulfillment coordination, and community participation. This policy is intended to align with applicable Indian laws, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and rules/updates issued under it.

Definitions

"Personal Data" means any data about an individual who is identifiable by or in relation to such data.

"Processing" means collection, storage, use, sharing, disclosure, transfer, deletion, or any other operation performed on Personal Data.

"Partners" means laboratories, pharmacies, payment processors, logistics partners, technology vendors, and other entities assisting Lean Protocol in delivering services.

"Care Team" means doctors, dieticians, trainers, psychologists, and other qualified experts engaged through the Platform.

Consent and Your Choices

You provide consent through clear affirmative actions, such as onboarding, submitting information, using the Platform, or purchasing packages. You may choose not to provide certain information; however, this may limit or prevent us from providing services safely and effectively.

You may withdraw consent by writing to support@leanprotocol.in. Withdrawal may result in our inability to continue services, especially where medical safety, prescriptions, or continuity of care require the information.

Information We Collect

We may collect the following categories of Personal Data depending on how you use Lean Protocol:

• Identity and contact information such as name, age/date of birth, gender, phone number, email address, and address/location details needed for services.
• Account information such as login credentials and profile details. Passwords are not stored in plain text.
• Health and lifestyle information such as height, weight, BMI, goals, medical history, allergies, medications, comorbidities, symptoms, side effects, diet preferences, activity level, sleep, stress, and other inputs you share.
• Consultation and care records such as doctor/nutritionist/trainer/psychologist notes, assessments, plans, follow-ups, prescriptions, and progress tracking.
• Diagnostics information such as lab test orders and reports received from partner labs, including home collection details where applicable.
• Smart scale data automatically synced through the Platform, including weight measurements and related logs captured through device integration.
• Payment and transaction information such as payment status, transaction references, and package details. Card/bank credentials are typically processed by our payment gateway and are not stored by Lean Protocol.
• Device and usage information such as IP address, device identifiers, app version, browser type, pages/screens used, time spent, feature usage, crash reports, and diagnostic logs.
• Communications such as messages, emails, chats, calls, feedback, and support tickets.
• Community information such as posts/comments you make in community spaces, subject to moderation and safety rules.

How We Collect Information

We collect information in the following ways:

• Directly from you when you sign up, fill onboarding forms, complete questionnaires, purchase packages, chat with the team, or participate in consultations.
• Automatically through technology when you use the Platform, including cookies and similar tools (primarily for functionality and analytics).
• From your Care Team when they create notes, plans, or medical records during service delivery.
• From partner labs when test results are shared for inclusion in your health record.
• From partner pharmacies and logistics partners for medicine fulfillment and delivery coordination where included in your package.
• From payment partners when they confirm payment success/failure and related transaction references.
• From integrated devices (including smart scales) when you connect them and enable syncing through the Platform.

How We Use Your Information

We use your Personal Data for purposes including:

• Providing services such as onboarding, consultations, creating plans, monitoring progress, and coordinating care across experts.
• Clinical safety and suitability checks, including determining eligibility and ensuring appropriate medical oversight.
• Coordinating lab tests and receiving reports from partner labs.
• Facilitating prescription-based medicine fulfillment through partner pharmacies where part of your package and clinically prescribed.
• Operating and improving the Platform, including feature development, troubleshooting, analytics, and user experience improvements.
• Customer support, including resolving issues, appointment coordination, scheduling, reminders, and service communications.
• Payments, billing, invoices/receipts, refunds (where applicable), fraud prevention, and transaction verification.
• Compliance with applicable laws, lawful requests, and enforcement of our Terms & Conditions.
• Internal quality checks and training, including maintaining care continuity and service standards.
• Marketing communications, where permitted by law and your preferences, including updates, offers, and educational content. You may opt out of promotional communications by following the unsubscribe option (where available) or writing to support.

Recording of Consultations

From time to time, Lean Protocol may record certain consultations or chats for quality, training, compliance, and continuity of records. Where recording occurs, it will be made known to you. If you do not wish to be recorded, you may inform us before the consultation begins; where feasible, we will provide an alternative.

Community Visibility and Safe Sharing

Community features are designed for support and accountability. Posts, comments, and messages you share in community spaces may be visible to other members or moderators. You should avoid posting sensitive medical details, personal identifiers, or confidential information in community spaces. Lean Protocol is not responsible for information you voluntarily choose to disclose to others in community areas.

Sharing of Information

We do not sell your Personal Data. We may share Personal Data only as necessary for delivering services and for lawful purposes, including:

• With the Care Team so they can provide consultations, monitor progress, and coordinate your plan.
• With partner labs to schedule collections/tests and deliver reports.
• With partner pharmacies to dispense and deliver prescribed medicines, including necessary delivery details.
• With payment partners such as Razorpay to process payments and verify transactions.
• With logistics and delivery partners to deliver medicines or kits where applicable.
• With technology vendors and service providers that help us host, secure, analyze, and operate the Platform, under appropriate contractual safeguards.
• With legal/regulatory authorities where required by law, court order, or to protect rights, safety, and prevent fraud or misuse.
• In a business transfer scenario such as merger, acquisition, financing, or restructuring, where user information may be shared as part of due diligence and transfer, subject to confidentiality and lawful safeguards.