Welcome to Janaushadhii.com.

This Agreement is entered into between Janaushadhii.com, located at D-1/249, Block D, New Kondli, Delhi 110096, inspired by Jan Aushadhi Kendra initiative, (hereinafter referred to as the “Company,” “Janaushadhii.com,” “we,” “us,” or “our”) and you, (hereinafter referred to as the “Data Processor”).

For the purposes of this Agreement, each shall be individually referred to as a “Party” and collectively as the “Parties.”

This Agreement governs the Data Processor’s responsibilities in connection with the services provided through our website, https://www.janaushadhii.com/ (referred to as the “Service”).

1. Definitions

In this Data Processing Agreement (“Agreement”), the following definitions apply:

  • “Controller” refers to Janaushadhii.com, the entity that determines the purposes and means of processing personal data.
  • “Processor” refers to the party engaged by the Controller to process personal data on behalf of the Controller.
  • “Personal Data” means any information relating to an identified or identifiable individual.
  • “Processing” refers to any operation or set of operations performed on personal data, including collection, recording, storage, alteration, retrieval, and more.
  • “Data Subject” refers to the individual whose personal data is being processed.
  • “Applicable Law” refers to the relevant data protection and privacy laws applicable to the Agreement.

2. Application

This Agreement governs the processing of Personal Data by the Processor on behalf of the Controller. It applies to all data processing activities related to the services offered by the Controller through its website or platform.

3. Subject-Matter of the Processing Agreement

The Processor is responsible for processing Personal Data on behalf of the Controller in accordance with the terms of this Agreement. This includes handling, storing, and transferring Personal Data as required to provide the services defined in a separate agreement between the parties.

4. Obligations of the Processor

(a) The Processor shall:

  1. Process Personal Data only on documented instructions from the Controller, including any transfers of Personal Data to a third country or international organization, unless required by law.
  2. Ensure that individuals authorized to process Personal Data have committed to confidentiality or are under an appropriate statutory obligation of confidentiality.
  3. Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing Personal Data.
  4. Assist the Controller in fulfilling its obligations to respond to requests from Data Subjects exercising their rights under Applicable Law.
  5. Notify the Controller without undue delay of any Personal Data breach or security incident involving Personal Data.
  6. Assist the Controller in ensuring compliance with the obligations related to data security, impact assessments, and prior consultations as required under Applicable Law.
  7. Upon the Controller’s request, return or delete all Personal Data upon termination of the services, unless retention is required by law.

(b) The Processor represents and warrants:

  1. It will process Personal Data in compliance with Applicable Law.
  2. It has taken steps to ensure that its employees, contractors, or agents who are authorized to process Personal Data are aware of and comply with the terms of this Agreement.
  3. It will not engage sub-processors without prior specific or general written authorization of the Controller.

5. Personal Data Transfers

The Processor shall not transfer Personal Data to a third country or international organization without obtaining prior written consent from the Controller, except where required to do so by law. In such a case, the Processor shall inform the Controller of that legal requirement before processing, unless prohibited by law.

6. Liability

Each party’s liability under this Agreement shall be subject to the limitations and exclusions of liability as set forth in the main service agreement between the parties, except where Applicable Law provides otherwise.

7. Termination (Contractual Penalty)

This Agreement shall remain in effect for as long as the Processor processes Personal Data on behalf of the Controller. Upon termination, the Processor shall immediately cease processing Personal Data and shall return or securely delete all Personal Data, as instructed by the Controller. A breach of this Agreement, particularly regarding confidentiality and data protection obligations, shall result in a contractual penalty, the amount of which shall be determined based on the extent of the breach.

8. Special Termination Right

The Controller reserves the right to terminate this Agreement with immediate effect if the Processor is found to be in material breach of any obligation related to the protection of Personal Data. In such cases, the Controller may withhold payment for services rendered or take further legal action to recover damages.

9. Miscellaneous

  1. Amendments: Any amendments to this Agreement shall be in writing and mutually agreed upon by both parties.
  2. Confidentiality: The Processor agrees to maintain the confidentiality of all Personal Data and not disclose it to third parties except as instructed by the Controller or as required by law.
  3. Severability: If any provision of this Agreement is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.

10. Assignment

The Processor may not assign or transfer its obligations under this Agreement without the prior written consent of the Controller.