Effective Date: 12 March 2026
Last Updated: 12 March 2026

1. Introduction
ZARS Dermatology (“we,” “our,” or “us”) is a brand of AGElixir LLP, a limited liability partnership
registered in India. We operate a dermatology and aesthetic clinic in Powai, Mumbai, and this website
(www.zarsdermatology.com).

We are committed to protecting your personal data and respecting your privacy. This Privacy Policy
explains what personal data we collect, why we collect it, how we use and protect it, and what rights you
have in relation to your data.
This policy applies to all personal data collected through our website, including enquiry forms,
appointment requests, WhatsApp communication initiated through our website, and cookies or analytics
tools used on this site.
By using our website and providing your personal data, you consent to the collection and use of your
information as described in this policy. You may withdraw your consent at any time by contacting us at the
details provided below.

2. Who We Are (Data Fiduciary)
Under the Digital Personal Data Protection Act, 2023 (“DPDP Act”), we are the “Data Fiduciary” —
meaning we determine the purpose and means of processing your personal data.
Legal Entity: AGElixir LLP (trading as ZARS Dermatology)
Registered Address: [Insert LLP registered address]
Clinic Address: 2nd Floor, Dikshant Bhavan, Before Millennium Tower, Adi Shankaracharya Marg,
Powai, Mumbai 400076
Email: info@zarsdermatology.com
Phone: +91 97690 58778

3. What Personal Data We Collect
3.1 Information You Provide Directly
When you interact with our website, you may provide us with the following personal data:
Appointment Request Form: Name, phone number, email address, preferred date and time, area of
concern (selected from a dropdown), and any message you include.
WhatsApp Enquiry: When you initiate a conversation via the WhatsApp button on our website, your
phone number and any information you share in the conversation are processed by WhatsApp (operated
by Meta Platforms, Inc.) and received by our clinic team.
Email Communication: If you email us at info@zarsdermatology.com, we receive your email address,
name (if provided), and the content of your message.
Phone Calls: If you call our clinic, we may note your name, phone number, and the nature of your
enquiry for follow-up purposes.

3.2 Information Collected Automatically
When you visit our website, certain data is collected automatically through cookies and similar
technologies:
Analytics Data: Pages visited, time spent on pages, referring website, browser type, device type, and
approximate geographic location (city-level, not precise). This is collected through Google Analytics 4.
Marketing Data: If you have consented to marketing cookies, Meta (Facebook) Pixel may collect data
about your browsing behaviour on our site for the purpose of future advertising campaigns.
Essential Cookies: Cookies strictly necessary for website functionality, such as remembering your
cookie consent preferences.

3.3 Information We Do Not Collect Through This Website
This website does not collect medical records, health data, diagnostic information, payment or financial
data, government identification numbers, or any biometric data. Any clinical or medical information is
collected and managed separately within the clinic environment, subject to applicable medical record-
keeping regulations.

4. Why We Collect Your Data (Purpose of Processing)
We collect and process your personal data for the following specific purposes:
Appointment Booking & Communication: To process your appointment request, confirm bookings,
send reminders, and follow up on enquiries you have made.
Responding to Enquiries: To respond to questions submitted through our contact form, email, phone, or
WhatsApp.
Website Improvement: To understand how visitors use our website so we can improve its content,
structure, and performance (via anonymised analytics).
Future Marketing (with consent): If you consent to marketing cookies, we may use data to show you
relevant advertisements about ZARS Dermatology on social media platforms. We will never sell your data
to third parties for their marketing purposes.

5. Legal Basis for Processing
Under the DPDP Act, 2023, we process your personal data on the following basis:
Consent: When you submit a form, initiate a WhatsApp conversation, or accept optional cookies, you
provide consent for us to process your data for the stated purposes. You may withdraw consent at any
time.
Legitimate Use: For data necessary to respond to your direct enquiries and provide the services you
have requested.

6. Cookies and Tracking Technologies
Our website uses cookies, which are small text files stored on your device. We categorise cookies as
follows:
Necessary Cookies (Always Active): These are essential for the website to function properly. They
include cookies that remember your cookie consent preferences. These cannot be disabled.
Analytics Cookies (Opt-In): We use Google Analytics 4 to understand website usage patterns. These
cookies collect anonymised data such as pages visited, session duration, and traffic sources. No
personally identifiable information is stored by Google Analytics on our behalf.
Marketing Cookies (Opt-In): We use Meta (Facebook) Pixel to support future advertising campaigns.
When enabled, this cookie tracks website visits and actions to help us show relevant advertisements to
visitors on Meta platforms (Facebook, Instagram).
When you first visit our website, a cookie consent banner will appear, allowing you to:
Accept All cookies, Manage Preferences (choose which categories to enable), or Reject Non-Essential
cookies.
You can change your cookie preferences at any time by clicking the “Cookie Settings” link in the website
footer. You can also manage cookies through your browser settings.

7. Third-Party Services
We use the following third-party services that may process your data:
Google Analytics 4 (Google LLC): Website analytics. Data processed: anonymised browsing behaviour.
Privacy policy: https://policies.google.com/privacy
Meta (Facebook) Pixel (Meta Platforms, Inc.): Advertising tracking (only when marketing cookies are
accepted). Data processed: browsing behaviour for ad targeting. Privacy policy:
https://www.facebook.com/privacy/policy
WhatsApp (Meta Platforms, Inc.): Communication channel. When you click the WhatsApp button on our
website, you are redirected to WhatsApp’s platform. Data is processed according to WhatsApp’s own
privacy policy: https://www.whatsapp.com/legal/privacy-policy
Google Maps (Google LLC): Embedded map on our Contact page. Data processed: standard map
interaction data. Privacy policy: https://policies.google.com/privacy
We do not sell, trade, or rent your personal data to any third party. Third-party services listed above
process data only for the purposes described and in accordance with their own privacy policies.

8. How Long We Keep Your Data
We retain your personal data only for as long as necessary to fulfil the purposes for which it was
collected:
Appointment enquiry data: Retained for up to 24 months from the date of enquiry to facilitate follow-up
communication and improve our services. After this period, data is securely deleted.
Analytics data: Google Analytics data is retained for 14 months (default GA4 retention period).
Anonymised aggregate data may be retained longer for trend analysis.
Marketing cookie data: Retained for the duration specified by Meta’s cookie policy (typically up to 90
days for the Facebook Pixel).
Email correspondence: Retained for up to 24 months unless a longer retention is necessary for ongoing
patient communication.
You may request earlier deletion of your data at any time by contacting us.

9. How We Protect Your Data
We take appropriate technical and organisational measures to protect your personal data, including:
SSL/HTTPS encryption on all pages of our website to protect data in transit.
Access to personal data is restricted to authorised clinic staff on a need-to-know basis.
Form submissions are delivered to a secured email inbox and are not stored in publicly accessible
databases.
Third-party services used are established providers with their own robust security practices.
While we take all reasonable precautions, no method of electronic transmission or storage is completely
secure. If you have concerns about data security, please contact us.

10. Your Rights Under the DPDP Act, 2023
As a Data Principal (the individual whose data is being processed), you have the following rights under
the DPDP Act:
Right to Access: You may request confirmation of whether your personal data is being processed and
obtain a summary of the data we hold about you.
Right to Correction: You may request correction of any inaccurate or incomplete personal data we hold
about you.
Right to Erasure: You may request deletion of your personal data where it is no longer necessary for the
purpose it was collected, or where you withdraw your consent.
Right to Withdraw Consent: You may withdraw your consent for data processing at any time. This will
not affect the lawfulness of processing carried out before the withdrawal.
Right to Grievance Redressal: You have the right to file a complaint with us or with the Data Protection
Board of India if you believe your data has been mishandled.
To exercise any of these rights, please contact us using the details in Section 12.

11. Children’s Data
Our website is not directed at children under the age of 18. We do not knowingly collect personal data
from children through this website. If a parent or guardian becomes aware that their child has provided us
with personal data without their consent, please contact us and we will promptly delete such data.
For minors who visit the clinic for dermatological care, data is collected and managed within the clinical
environment with appropriate parental or guardian consent, separate from this website.

12. Contact Us / Grievance Officer
If you have any questions about this Privacy Policy, wish to exercise your rights, or have a complaint
regarding the handling of your personal data, please contact:

Grievance Officer: Dr. Harpreet Ashraf
Entity: AGElixir LLP (trading as ZARS Dermatology)
Address: 2nd Floor, Dikshant Bhavan, Before Millennium Tower, Adi Shankaracharya Marg, Powai,
Mumbai 400076
Email: info@zarsdermatology.com
Phone: +91 97690 58778

We will acknowledge your request within 7 days and endeavour to resolve it within 30 days.
If you are not satisfied with our response, you may file a complaint with the Data Protection Board of India
as established under the DPDP Act, 2023.

13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or
applicable law. When we make material changes, the updated policy will be posted on this page with a
revised “Last Updated” date.

We encourage you to review this page periodically to stay informed about how we protect your data.
© 2026 ZARS Dermatology. A brand of AGElixir LLP. All rights reserved.