Privacy Policy

We collect information you provide directly to us when you create an account, complete your health profile, book appointments, or contact us for support.

Personal Information: Name, email address, phone number, date of birth, gender, and profile photo.

Health Information: Medical history, symptoms, medications, lab results, prescriptions, vaccination records, and other health records you upload or generate through Clara.

Usage Data: Information about how you use Clara, including pages visited, features used, search queries, and interaction logs.

Device Information: Device type, operating system, unique device identifiers, IP address, and mobile network information.

Location Data: With your permission, approximate location to help you find nearby doctors and pharmacies.

We use the information we collect to:

• Provide, maintain, and improve our services
• Connect you with healthcare providers
• Power Clara AI's personalised health insights and recommendations
• Send appointment reminders and important health notifications
• Process payments and manage subscriptions
• Comply with applicable healthcare regulations including Nigeria's NDPR
• Detect and prevent fraud or abuse
• Communicate with you about updates, features, and support

We do not sell your personal or health information. We share your information only in the following circumstances:

With Healthcare Providers: When you book an appointment or share a health record, the relevant provider receives your information to deliver care.

With Your Consent: You may choose to share specific records or information with doctors, hospitals, or family members.

Service Providers: We work with trusted third parties (such as cloud storage and payment processors) who are bound by strict data protection agreements.

Legal Requirements: We may disclose information if required by law, court order, or to protect the rights and safety of our users.

We take the security of your health data seriously. We implement:

• End-to-end encryption for all health records in transit and at rest
• Row-level security on our database so you only see your own data
• Secure, time-limited access links for shared health records
• Multi-factor authentication options for your account
• Regular security audits and penetration testing

No method of electronic storage or transmission is 100% secure. We encourage you to use a strong, unique password and enable biometric authentication.

We retain your personal and health information for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data at any time by contacting us at privacy@clara.health.

Certain information may be retained for longer periods where required by law or for legitimate business purposes (such as fraud prevention or legal disputes).

Under Nigeria's National Data Protection Regulation (NDPR), you have the right to:

• Access: Request a copy of your personal data we hold
• Correction: Update or correct inaccurate data
• Deletion: Request erasure of your data ("right to be forgotten")
• Portability: Receive your data in a machine-readable format
• Objection: Object to certain processing of your data
• Withdrawal: Withdraw consent at any time

To exercise any of these rights, contact our Data Protection Officer at dpo@clara.health.

Our web application uses cookies and similar technologies to:

• Keep you signed in across sessions
• Remember your preferences
• Analyse usage patterns to improve our service
• Detect security threats

You can manage cookie preferences in your browser settings. Disabling cookies may affect some features of the service.

Clara is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately at privacy@clara.health.

Parents or guardians may create and manage accounts for their children, in which case their health data is handled with the same protections.

We may update this Privacy Policy from time to time. We will notify you of significant changes by sending an email to your registered address or by displaying a prominent notice in the app at least 14 days before the changes take effect.

Continued use of Clara after changes take effect constitutes acceptance of the updated policy.

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact:

Data Protection Officer Clara Health Technology Ltd. Lagos, Nigeria Email: dpo@clara.health Phone: +234 (0) 800 CLARA HQ