Privacy Policy

Last updated: October 2025

1. Overview

Soul Flow Care (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you use our wellness, mental health, and educational support services.

We comply with applicable privacy laws, including:

  • The Digital Personal Data Protection Act, 2023 (India); and

  • The Personal Information Protection and Electronic Documents Act (PIPEDA, Canada).

By using our services, you agree to the terms of this Privacy Policy.

2. Who Handles the Data

Soul Flow Care is based in India and primarily processes personal information within India. Data may also be processed by verified third-party service providers located in Canada or other countries, under strict contractual safeguards ensuring privacy protection consistent with PIPEDA and the DPDP Act.

3. What Information We Collect

We collect only the minimum personal information necessary to deliver our services effectively. This may include:

  • Identity and contact details (such as name, email, and phone number).

  • Health or wellness-related documents that users voluntarily share for educational or support purposes.

  • Session and communication data (such as chat, video, or audio session metadata).

  • Technical information, including device data, IP address, and security logs.

Users always have the right to choose what information to share.

4. Why We Collect This Information

We collect and process personal information to:

  • Provide personalized wellness, educational, or coaching sessions.

  • Communicate with users regarding appointments, updates, or feedback.

  • Coordinate with local professionals or clinicians, with explicit consent.

  • Ensure platform security, prevent misuse, and meet audit or legal obligations.

We never sell or rent personal information to third parties.

5. Consent and User Choices

We obtain clear, informed, and voluntary consent before collecting or using any personal or health-related data.

  • Users may withdraw consent at any time by contacting our privacy team.

  • We will explain how withdrawal may affect ongoing services or data retention obligations.

  • Separate opt-in consent is required for non-essential communications, such as newsletters or marketing updates.

We ensure meaningful consent in line with both PIPEDA and the DPDP Act’s principles of notice, purpose limitation, and user control.

6. Cross-Border Data Transfers

Personal data may be stored or accessed in India, Canada, or other jurisdictions where our trusted service providers operate.
We require all third parties handling personal data to maintain protections comparable to those provided under PIPEDA and the DPDP Act.
However, information stored abroad may be subject to lawful access by authorities in those jurisdictions.

7. Data Retention and Safeguards

We retain personal information only as long as necessary to fulfill the identified purposes or meet legal obligations. Afterward, data is securely deleted or anonymized.

Soul Flow Care applies multiple safeguards, including:

  • Administrative: privacy training, limited access, and confidentiality agreements.

  • Technical: encryption, secure servers, and firewalls.

  • Physical: restricted access to facilities and devices.

8. Your Rights

Users have the right to:

  • Access their personal information.

  • Request correction of inaccurate or incomplete data.

  • Withdraw consent at any time.

  • Request deletion of data where retention is no longer required.

Requests can be made to privacy@soulflowcare.com.

If unresolved, Canadian users may contact the Office of the Privacy Commissioner of Canada, and Indian users may contact the Data Protection Board of India.

9. Children’s Privacy

Our services are intended for adults (18+).
If a minor seeks support, verified parental or guardian consent is required. Soul Flow Care reserves the right to decline services where consent cannot be appropriately verified.

10. Privacy and Security Practices

Soul Flow Care adheres to the principles of both PIPEDA and the Digital Personal Data Protection Act, 2023, including:

  • Lawfulness and fairness: Data is processed only for legitimate, consented purposes.

  • Purpose limitation: Data is collected only for identified service needs.

  • Data minimization: Only essential data is collected.

  • Security and accountability: Robust administrative and technical safeguards are implemented.

No medical diagnosis or clinical record is created. All information is used solely for educational, wellness, and personal growth purposes.