Privacy Policy

Your privacy and the security of your medical information is our top priority. This policy explains how we collect, use, and protect your personal health data.

Last updated: January 2025

Privacy at a Glance

Your medical data stays private and encrypted
We never sell your personal information
You control who can access your records
You can delete your data at any time

1. Who We Are

InfoRx is a healthcare technology platform designed to help patients in Nigeria and other underserved regions better understand their medical information. We use artificial intelligence to interpret prescriptions, lab results, and medical documents, making healthcare more accessible and understandable.

This Privacy Policy applies to all services provided through our website, mobile applications, and related platforms (collectively, the "Services").

2. Information We Collect

Personal Information

  • Name and email address (when you create an account)
  • Phone number (optional, if provided)
  • Authentication information (encrypted passwords, Google account details if you use Google login)
  • Profile preferences and settings

Medical Information

  • Medical documents you upload (prescriptions, lab results, scan reports)
  • AI-generated summaries and interpretations of your medical data
  • Health history and patterns identified from your records
  • Notes and additional information you choose to provide

Technical Information

  • Device type, operating system, and browser information
  • IP address and general location (country/region level only)
  • Usage patterns and feature interactions (anonymized)
  • Error logs and performance data to improve our services

3. How We Use Your Information

Primary Uses

  • Provide AI-powered interpretation of your medical documents
  • Generate personalized health summaries and insights
  • Maintain secure storage of your medical records
  • Send you important account and security notifications
  • Improve our AI algorithms and service quality (using anonymized data)

Important: What We DON'T Do

  • We never sell your personal or medical information
  • We don't share your data with insurance companies
  • We don't use your information for marketing to third parties
  • We don't provide medical advice or replace professional healthcare

4. When Information May Be Shared

With Your Explicit Consent

You may choose to share specific medical records or summaries with healthcare providers. This sharing only happens when you explicitly authorize it for each instance.

Service Providers

We work with trusted third-party service providers who help us operate InfoRx:

  • Supabase: Secure database hosting and authentication
  • AI Services (OpenRouter): Document interpretation (data is anonymized)
  • Cloud Infrastructure: Secure file storage and backup

All service providers are required to maintain strict confidentiality and security standards.

Legal Requirements

We may disclose information if required by law, such as responding to valid legal requests or protecting against fraud and security threats. We will notify you when possible and legally permitted.

5. How We Protect Your Data

Encryption

  • All data encrypted in transit and at rest
  • Industry-standard AES-256 encryption
  • Secure HTTPS connections for all communications

Access Controls

  • Multi-factor authentication available
  • Role-based access for our team
  • Regular security audits and monitoring

We follow industry best practices and comply with applicable data protection regulations. However, no system is 100% secure, and we cannot guarantee absolute security.

6. Your Rights and Choices

You Have the Right To:

  • Access all your personal and medical data
  • Correct any inaccurate information
  • Delete your account and all associated data
  • Export your data in a portable format
  • Control who can access your information
  • Opt out of non-essential communications
  • Request information about data processing
  • File complaints with data protection authorities

To exercise any of these rights, contact us at privacy@inforx.ng or through your account settings.

7. How Long We Keep Your Data

  • Active accounts: We keep your data while your account is active and for legitimate business purposes
  • Deleted accounts: Most data is deleted within 30 days, with some anonymized usage data retained for service improvement
  • Medical records: Deleted immediately when you delete them or close your account
  • Legal requirements: Some data may be retained longer if required by law

8. International Data Transfers

Your data may be processed in countries outside Nigeria, including the United States and European Union, where our service providers operate. We ensure appropriate safeguards are in place through:

  • Contractual data protection clauses with service providers
  • Compliance with international data transfer regulations
  • Regular security assessments of data processing locations

9. Children's Privacy

InfoRx is not intended for children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately at privacy@info-rx.org.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons. We will notify you of significant changes by:

  • Sending an email notification to your registered email address
  • Posting a notice on our website and in the app
  • Updating the "Last updated" date at the top of this policy

11. Contact Us

If you have questions about this Privacy Policy or how we handle your information, please contact us:

Email: privacy@info-rx.org

General Inquiries: hello@info-rx.org

Address: InfoRx Healthcare Technology
Port Harcourt, Rivers State, Nigeria

Built with bolt.new badge