Privacy Policy

Introduction

Nasiha ("we," "our," or "us") operates a telemedicine platform that connects patients with licensed healthcare providers. We are committed to protecting your privacy and ensuring the security of your personal and health information.

This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our mobile application and services. Please read this policy carefully. By using Nasiha, you consent to the practices described in this Privacy Policy.

Personal Information

• Full name and date of birth
• Email address and phone number
• Physical address (optional)
• Government-issued identification (for identity verification)
• Profile photo (optional)
• Payment information (processed securely through AzamPay)

Health Information

• Medical history and health conditions
• Symptoms and consultation notes
• Prescriptions and medications
• Lab results and medical documents you upload
• Consultation recordings (with your consent)

Technical Information

• Device information (model, operating system)
• IP address and location data
• App usage data and analytics
• Push notification tokens

We use the information we collect to:

• Provide and improve our telemedicine services
• Connect you with appropriate healthcare providers
• Process payments and manage your wallet
• Send appointment reminders and health notifications
• Maintain your electronic health records
• Comply with legal and regulatory requirements
• Prevent fraud and ensure platform security
• Improve our services through analytics
• Respond to your inquiries and support requests

We may share your information with:

Healthcare Providers

Doctors and medical professionals on our platform who provide your care will have access to relevant health information to deliver effective treatment.

Service Providers

Third-party companies that help us operate our platform, including:

• AzamPay for payment processing
• Daily.co for video consultations
• Firebase for push notifications
• DigitalOcean for cloud hosting

Legal Requirements

We may disclose information when required by law, court order, or to protect the safety of our users and the public.

We implement robust security measures to protect your information:

• End-to-end encryption for all communications
• Secure, encrypted storage of health records
• Regular security audits and vulnerability testing
• Access controls and authentication requirements
• Employee training on data protection
• Compliance with healthcare data protection standards

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Portability: Receive your data in a portable format
• Restriction: Limit how we process your information
• Objection: Object to certain types of processing
• Withdraw Consent: Withdraw previously given consent

To exercise these rights, please visit our Account Deletion page or contact us at support@nasihatz.org.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Health records are retained in accordance with Tanzania healthcare regulations. When you delete your account, we will delete your personal information within 30 days, except where retention is required by law.

Children's Privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of Nasiha after changes are posted constitutes your acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us: