Privacy Policy

Your data belongs to you. Here's how we protect it.

Last updated: January 2026

Introduction

Nurafya Health Technologies ("Nurafya," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SMS/USSD-based diabetes management services.

1. Information We Collect

Personal Information

We may collect the following types of personal information:

  • Phone number (required for SMS/USSD services)
  • Age, gender, and weight (for health risk assessment)
  • Health data including blood glucose readings, dietary information, and medication records
  • Location information (country/region for localization)

Automatically Collected Information

  • SMS/USSD session data
  • Timestamps of interactions
  • Device and network information

2. How We Use Your Information

We use your information to:

  • Provide diabetes risk screening and health management services
  • Deliver personalized nutritional guidance based on your dietary inputs
  • Verify medication authenticity through our anti-counterfeit systems
  • Send appointment reminders and health tips
  • Improve our services through aggregated, anonymized analytics

3. Data Protection

Health data is classified as sensitive personal information. We implement:

  • End-to-end encryption for all data transmission
  • Encryption at rest for stored data
  • Strict access controls and audit logging
  • Regular security assessments

4. Data Sharing

We do NOT sell your personal data. We may share data with:

  • Healthcare providers (only with your explicit consent)
  • Service providers who assist in delivering our services (under strict confidentiality agreements)
  • Legal authorities when required by law

5. Your Rights

Depending on your location, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Withdraw consent at any time
  • Data portability

6. Regulatory Compliance

We comply with:

  • Nigeria: Nigeria Data Protection Act 2023 (NDPA)
  • Kenya: Data Protection Act 2019
  • South Africa: Protection of Personal Information Act (POPIA)

7. Data Retention

We retain your health data for as long as you maintain an active account. You may request deletion at any time by contacting us.

8. Contact Us

For privacy-related inquiries:

  • Email: privacy@nurafya.com
  • SMS: Text PRIVACY to our shortcode