Medysense Privacy Policy

Effective Date: 1 May 2025 | Last Updated: 7 May 2025

Medysense ("we," "us," or "our") operates the Medysense mobile application and website (collectively, the "Platform"). This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, how long we keep it, and how you can exercise your rights over it. By using the Platform you agree to the practices described here. If you do not agree, please do not use the Platform.

→ See also our Terms of Service

1. Who We Are

Medysense is a health-technology platform that connects patients with licensed medical professionals for consultations, appointment booking, and general health guidance. We also offer an AI-powered health assistant ("Amelia") that can help you find doctors, answer general health questions, and manage appointments. Medysense is operated by Medysense Health Technologies and is primarily available in Nigeria.

2. Information We Collect

We collect several categories of data depending on how you interact with the Platform.

2.1 Information You Provide Directly

Data Type	Examples	Why We Need It
Account details	Full name, email address, phone number, password, profile photo	Create and secure your account, communicate with you
Profile information	Date of birth, gender, home address, city, state, occupation	Personalise services, match you with nearby professionals
Health information	Allergies, blood group, chronic conditions, current medications, past surgeries, illness history, genetic disorders, healthcare preferences	Share relevant context with your chosen medical professional and with Amelia AI to provide appropriate guidance
Payment & banking details	Transaction amounts, wallet balance, bank name, account name, account number (professionals only)	Process consultation payments and professional payouts
Chat messages	Text messages, files, and images shared during consultations	Facilitate communication between you and your medical professional
Voice recordings	Audio sent during voice conversations with Amelia AI	Transcribe your spoken words so Amelia can respond
Professional credentials (professionals only)	Resume, government-issued ID, professional licence, malpractice insurance number, education qualifications, references	Verify professional identity and licensing before approval

2.2 Information Collected Automatically

Data Type	Examples	Why We Need It
Device information	Device model, operating system version, unique device identifiers, push-notification token	Deliver push notifications, diagnose crashes, ensure compatibility
Location data	GPS coordinates (latitude and longitude), geocoded addresses	Find nearby professionals, estimate travel times, facilitate home-visit bookings
Usage data	Features used, pages viewed, interaction timestamps	Improve the Platform, fix bugs, understand usage patterns
Crash and error logs	Stack traces, error messages, device state at time of crash	Identify and resolve technical problems

2.3 Information from Third Parties

If you sign in using Google or Facebook, we receive your name, email address, and profile picture from that provider. We do not receive or store your Google or Facebook password.

3. How We Use Your Information

We use personal data only for the purposes described below:

Provide core services — create your account, match you with professionals, facilitate consultations, process appointments and payments.
AI health assistant — power Amelia's ability to answer health questions, search for professionals, and help book appointments. Your conversation history and relevant health profile data are sent to our AI provider (see Section 5) to generate responses.
Communication — send you appointment confirmations, payment receipts, service updates, and account-security alerts via push notification, email, or SMS.
Safety and verification — verify professional credentials, prevent fraud, and enforce our Terms of Service.
Improvement — analyse aggregated, de-identified usage trends to improve features, fix issues, and develop new services.
Legal compliance — meet regulatory obligations, respond to lawful requests from authorities, and protect the rights and safety of our users.

We do not sell your personal data. We do not use your health information for advertising purposes.

4. Legal Basis for Processing

Contract performance — processing necessary to deliver the services you signed up for (account management, appointments, payments).
Consent — where required, such as collecting health data, voice recordings, and location information. You may withdraw consent at any time (see Section 9).
Legitimate interest — improving our Platform, preventing fraud, and ensuring security.
Legal obligation — where we are required by law to retain or disclose data.

5. Third-Party Service Providers

We share data with trusted third parties solely to operate the Platform. Each provider is contractually required to protect your data and use it only for the stated purpose.

Provider	Purpose	Data Shared
Amazon Web Services (AWS)	Cloud hosting, file storage, AI processing (Bedrock)	All data stored on our servers; AI conversation content
Paystack	Payment processing	Transaction amounts, payment references
Google Firebase	Push notifications, crash reporting	Device tokens, crash logs, device information
Google Maps	Geocoding, directions	Addresses, GPS coordinates
Mailgun	Transactional email delivery	Email addresses, email content
Sentry	Backend error monitoring	Error logs, limited user identifiers for debugging
Google / Facebook	Social sign-in (OAuth)	Authentication tokens (we do not share data back)

We do not share, sell, or rent your personal information to advertisers, data brokers, or any other third party not listed above.

6. Data Retention

We keep your data only as long as necessary for the purposes described in this policy, or as required by law. Below is a summary of our retention periods:

Data Category	Retention Period	Reason
Account information	Until you delete your account, plus 30 days	Allow account recovery within a grace period
Health & medical records	Until you delete your account, or up to 6 years after last activity if required by applicable health-records regulation	Comply with medical record-keeping laws; continuity of care
Consultation chat history	Until you delete your account	Provide ongoing access to your consultation records
AI conversation history	Until you delete your account, or you can delete individual conversations within the app	Allow you to revisit past interactions with Amelia
Voice recordings	Processed in real time and not stored after transcription	Audio is transcribed immediately; the raw recording is discarded
Payment records	7 years after the transaction date	Tax and financial regulatory requirements
Professional credentials	Duration of the professional's active account, plus 2 years	Verification audit trail
Crash logs & error reports	90 days	Technical troubleshooting
Location data	Duration of the active session only; stored coordinates in your profile persist until account deletion	Service delivery; saved-address convenience

When data reaches the end of its retention period, it is permanently deleted or irreversibly anonymised within 30 days.

7. Data Deletion

You can request deletion of your data in any of the following ways:

Delete your account from the app — go to Settings → Account → Delete Account. This will permanently remove your profile, health records, chat history, AI conversations, and all associated personal data from our active systems within 30 days.
Delete individual AI conversations — within the Amelia chat screen, you can delete specific conversations at any time.
Email us — send a deletion request to privacy@medysense.app from the email address associated with your account. We will process your request within 15 business days.

When you delete your account:

Your personal information, health data, chat messages, AI conversations, profile photos, and uploaded documents are permanently removed from our active databases.
Payment transaction records may be retained for up to 7 years as required by financial regulations, but will be dissociated from your personal identity.
Data already shared with medical professionals during completed consultations (such as diagnosis notes) may be retained by those professionals in accordance with their own record-keeping obligations.
Backup copies are purged within 30 days of deletion.
Data held by third-party providers (Firebase, Sentry) will be deleted in accordance with their own retention schedules, typically within 90 days.

Please note that account deletion is irreversible. You will lose access to your consultation history, wallet balance, and all stored data.

8. Data Security

We take the security of your personal data seriously and have implemented the following measures:

All data transmitted between your device and our servers is encrypted using TLS (HTTPS).
Passwords are stored using industry-standard one-way hashing; we cannot see or retrieve your password.
Access to production databases and servers is restricted to authorised personnel using multi-factor authentication.
Payment processing is handled entirely by Paystack, a PCI-DSS compliant provider. We do not store your full card numbers.
Our infrastructure is hosted on Amazon Web Services (AWS), which maintains SOC 2, ISO 27001, and other security certifications.
We conduct regular reviews of our access controls and security practices.

While we strive to protect your personal data, no method of electronic transmission or storage is 100% secure. If you become aware of any unauthorised access to your account, please contact us immediately.

9. Your Rights

Depending on your location and applicable law, you may have the following rights:

Access — request a copy of the personal data we hold about you.
Correction — ask us to correct inaccurate or incomplete data. You can also update most information directly in the app under Settings.
Deletion — request that we delete your personal data (see Section 7 above).
Withdraw consent — where processing is based on your consent (e.g., location tracking, health data collection), you can withdraw consent at any time through your device settings or by contacting us. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
Data portability — request your data in a structured, machine-readable format.
Restriction — ask us to limit how we use your data in certain circumstances.
Object — object to processing based on our legitimate interests.

To exercise any of these rights, email privacy@medysense.app. We will respond within 15 business days.

10. Children's Privacy

Medysense is not intended for use by children under the age of 16. We do not knowingly collect personal data from children. If you believe a child under 16 has provided us with personal information, please contact us at privacy@medysense.app and we will delete the data promptly.

11. Device Permissions

The app may request the following permissions on your device. Each permission is optional and you can grant or revoke it at any time through your device's settings:

Camera — to take photos for your profile or share images during consultations.
Location — to find nearby medical professionals and facilitate home-visit bookings. We access your location only when you actively use location-based features.
Microphone — to enable voice conversations with Amelia AI. Audio is streamed for real-time transcription and is not stored after processing.
Photo library — to upload existing photos for your profile or during consultations.
Notifications — to send you appointment reminders, booking updates, and important account alerts.

Revoking a permission may limit certain features of the app but will not affect your ability to use core services like text-based chat and appointment booking.

12. Cookies and Tracking

The Medysense mobile app does not use cookies. Our website may use essential cookies required for the site to function (e.g., session management). We do not use advertising cookies or third-party tracking pixels.

13. International Data Transfers

Our servers are hosted on AWS in the United States. If you are located outside the United States, your data will be transferred to and processed in the United States. We rely on AWS's security certifications and contractual safeguards to ensure your data is protected to a standard consistent with applicable data-protection laws.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you through an in-app notification or by email at least 7 days before the changes take effect. The "Last Updated" date at the top of this page indicates when the policy was most recently revised. We encourage you to review this policy periodically.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out to us:

Email: privacy@medysense.app

General support: support@medysense.app

Address: Medysense Health Technologies, Lagos, Nigeria

→ Read our Terms of Service for the full conditions of using the Platform.