Privacy Policy
Plain English explanations of how we collect, use, and fiercely protect your personal and health information.
Plain English explanations of how we collect, use, and fiercely protect your personal and health information.
Welcome to Heala Health. This policy explains our data practices. Please review this document alongside our Terms of Service, which govern your overall use of the platform.
If you have any questions, you can always reach our team directly at contact@healahealth.com.
Heala Health Ltd is a digital healthcare platform incorporated and operating across Nigeria. We act as the Data Controller for your information under the NDPR.
This means we determine how and why your personal data is processed. Our goal is to provide a unified, secure health ecosystem for patients and doctors.
If you have any questions regarding your data, you can reach our Data Protection Officer directly at dpo@healahealth.com.
We collect account details (name, email), health information (symptoms, history), and basic device analytics to make the platform work.
We only use your data to connect you with doctors, maintain your digital health wallet, and improve our AI triage system.
We use your information strictly to provide the service you signed up for. We never sell your personal or health data to third parties, and we do not use your health data for advertising.
Your medical records are protected with bank-grade encryption. Only you and the doctors you authorize can view your files.
We share your data only with the doctors you choose, and the secure cloud providers (like AWS and Paystack) that power our app.
We rely on trusted infrastructure providers to operate safely. These include AWS (cloud storage), Paystack (payments), and OpenAI (anonymised AI triage processing). All providers are bound by strict data processing agreements.
We may also disclose data if legally required by a Nigerian court order or in emergency situations to protect your life.
You have the right to access, correct, or completely delete your data from our servers at any time.
Under the Nigeria Data Protection Regulation (NDPR) 2023, you have the right to be forgotten. If you request account deletion, we will wipe your personal data within 30 days (except where medical retention laws require otherwise).
To exercise your rights, email contact@healahealth.com.
We take your privacy seriously. If you need to request a data deletion or have specific security concerns, contact our Data Protection Officer.