Privacy Policy — PAUSE App

Version 2.2 · Effective from: 22 May 2026 · Aligned with the Digital Personal Data Protection Act, 2023 (India) and the Indian Council of Medical Research National Ethical Guidelines for Biomedical and Health Research, 2017.

⚠️ Clinical disclaimer. PAUSE is a screening and self-education tool for adults aged 18 years and above. It does NOT provide a clinical diagnosis, prescribe treatment, deliver psychotherapy, or replace consultation with a qualified medical professional. It is NOT an emergency service. If you are in distress, please contact a qualified mental-health professional or one of the helplines listed at the end of every module within the app.

1. Who we are

The PAUSE App ("the App") is developed and operated by Dr. M. Jaideep Rao, MBBS MD (Community Medicine), Senior Resident, Department of Community Medicine, Government Medical College, Maheshwaram, Telangana, India ("the Service Provider", "we", "us"). For the purposes of the Digital Personal Data Protection Act, 2023 ("DPDP Act"), the Service Provider acts as the Data Fiduciary.

The App is free of charge, contains no advertising, and has no in-app purchases. It generates no commercial revenue. It is offered as an academic public-health initiative.

2. Who can use the App

The App is intended for adults aged 18 years or older. Users below 18 years are explicitly excluded; the age-gate at sign-in is enforced and the App will not store research-relevant data for users below this age. Any adolescent or minor version of the App would require separate ethical review and a separate consent flow.

3. What we collect, why, and on what lawful basis

Under DPDP Act §6, our lawful basis for processing personal data is your free, specific, informed, unambiguous consent, given through the in-app consent screens at first sign-in.

The App uses a single mandatory active Yes/No choice at first sign-in. By tapping either Yes or No on the consent screen, you confirm that you are 18 years or older, that you have read and accept the Terms & Conditions and this Privacy Policy (both linked on the consent screen), and that you understand PAUSE is a screening tool and not a clinical service. The two outcomes differ only in research participation:

Yes, include my data: your de-identified responses are used for IEC-approved community-medicine research and publications during the 24-month IEC approval period.
No, just for me: the App remains fully usable for personal screening, but no research-relevant data will be written to the research database.

Both outcomes are recorded explicitly with timestamp and consent version. Neither option is pre-selected; you must actively tap one to proceed.

3.1 What we collect when you use the App for personal screening

Category	Examples	Where it is stored
Authentication identifier	Google account email (only if you choose Google Sign-In to sync progress across devices)	Supabase auth table — kept logically separate from research data
App functional data	Questionnaire responses, scores, app version, screen-time log entries, journal entries, mood check-ins, badges, challenge progress	Locally on your device (browser localStorage); also on the Supabase backend if you signed in
Operational data	App version, consent version, timestamps of consent and submission	On your device and, with your consent, on the Supabase backend

3.2 What we additionally collect only if you tick the research-consent box

Category	Examples
Sociodemographic profile	Age band, gender (self-identified), education, occupation/student status, broad location category
Digital use profile	Primary device type, daily screen-time band, primary purpose of internet use
Self-report health context	Self-rated health, chronic illness yes/no, average sleep, physical activity, prior detox attempts
Validated screening scales	Item responses on CSS-12, BSMAS, SVAS-6, GDT-4, PCUS-11, BWAS, and the four health-impact modules
Derived metrics	Digital Wellness Score (DWS), Health Wellness Score (HWS), severity bands
Audit metadata	app_version, consent_version, scale_version, ISO timestamp of submission

3.3 What we DO NOT collect for research

Your name, residential address, phone number, exact date of birth, or any government identification number.
Photographs, biometric data, advertising identifiers, or precise geolocation.
Your Google email address is not joined to the analytic research dataset. It is held only in the authentication layer for your own progress sync.

4. How we use your data

Personal use: to deliver the screening, feedback, and self-help features inside the App.
Research use (only with your active consent): to estimate the burden and patterns of digital behavioural problems in adult populations, to validate the psychometric instruments used, to develop and validate the DWS and HWS, and to publish aggregate findings in peer-reviewed scientific outlets during the 24-month IEC approval period.

We do not use your data for marketing, advertising, or profiling for commercial purposes. We do not sell or rent your data to any third party.

5. Who can access your data

Only the Principal Investigator (Dr. M. Jaideep Rao) has administrative access to the research database.
Co-investigators access only fully de-identified extracts when preparing manuscripts under the approved IEC protocol.
We do not share your data with advertisers, data brokers, employers, insurance companies, or any other commercial entity.
We may disclose information only where required by a lawful order issued under Indian law.

6. Where your data is stored

App data and the research dataset are stored on Supabase (PostgreSQL) under the Principal Investigator's account, with TLS encryption in transit and at rest, row-level security policies, and monthly access-log review. Depending on the Supabase region selected, the underlying servers may be located outside India. Cross-border transfer is permitted under the DPDP Act for jurisdictions not specifically notified as restricted by the Central Government; the Principal Investigator monitors the notified list and will migrate the hosting region if the position changes.

7. How long we keep your data

Research data is retained for at least 5 years after the publication of the last manuscript arising from the IEC-approved umbrella protocol, in line with ICMR 2017 guidance, after which a decision to anonymise or destroy is taken in consultation with the IEC.
Personal-use data on your device (questionnaire history, logs, challenge progress) is retained until you uninstall the App or clear your browser data.

🔒 Your rights under the DPDP Act, 2023

As a Data Principal you have the following rights, which we honour without requiring you to give a reason:

Right to access: request a copy of the personal data we hold about you.
Right to correction: have inaccurate data corrected through the "Edit My Details" screen in the App or by emailing us.
Right to erasure: tap "Delete my research data" in the Account section of the App, or email us. Erasure is processed within 30 days.
Right to withdraw research consent at any time. The App remains fully usable; no further research data is collected after withdrawal.
Right to grievance redressal — contact details below. You may also approach the Data Protection Board of India where applicable.

Note: data that has already been pooled, analysed, or published in aggregate form before your erasure request may not be technically removable from those locked outputs. Aggregate published results cannot identify you.

8. Cookies, tracking, and analytics

The App does not use cookies for tracking, third-party advertising trackers, or behavioural analytics SDKs (e.g. no Google Analytics, no Facebook Pixel, no advertising IDs). The only persistent storage used on your device is the browser's localStorage for App functionality and offline use.

9. Security

All data is transmitted over HTTPS (TLS 1.2 or higher). The Supabase backend enforces row-level security so that one user cannot read another user's records. Administrative access is restricted to the Principal Investigator. We review access logs monthly. Any data breach with risk to participant safety or privacy will be reported to the Institutional Ethics Committee and, where required by the DPDP Rules, 2025, to the Data Protection Board of India.

10. Children's data

The App is intended for adults 18 years and older. We do not knowingly collect personal data from children or adolescents below 18. If you believe a person under 18 has provided personal data through the App, please contact us immediately and we will delete that data.

11. Conflict of interest

The Principal Investigator is also the sole developer of the App. To manage this dual role: the App is free of charge, contains no advertising, and has no in-app purchases; the dual role is openly declared within the in-app participant information screen; the Principal Investigator commits to publishing the full anonymised aggregate dataset alongside the primary manuscript, or making it available in a recognised open repository on reasonable request, to support transparent independent re-analysis.

12. Changes to this policy

This Privacy Policy may be updated. When we make a material change, the version number and effective date above will be updated and, where the change affects how we use your data, you will be asked to re-confirm consent within the App. Continued use after a non-material update constitutes acceptance.

📨 Contact / Grievance Officer / Data Fiduciary

Dr. M. Jaideep Rao
Senior Resident, Department of Community Medicine
Government Medical College, Maheshwaram, Telangana — 501510, India
Email: jaideeprao22@gmail.com

For privacy queries, data-rights requests, withdrawal of research consent, or grievance redressal under the DPDP Act, 2023, please write to the above email. We aim to acknowledge within 7 working days and resolve within 30 days.

🏛️ Institutional Ethics Committee (independent oversight)

Member Secretary, Institutional Ethics Committee
Government Medical College, Maheshwaram, Telangana, India
(Contact details available through the institution; users may also escalate grievances to the IEC independently of the Principal Investigator.)

13. Helplines (India)

These are publicly available, third-party helplines included for your safety. We have no commercial or institutional affiliation with these organisations.

Tele-MANAS (Government of India, 24×7 mental health helpline): 14416 / 1-800-891-4416
iCall (TISS): +91 9152987821 · Mon–Sat, 8 AM–10 PM
Vandrevala Foundation (24×7): 1860-2662-345
AASRA (24×7): +91 9820466726