Privacy Policy

At DumuAfya, your privacy is our priority. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and health coordination services (the "Services").

To provide you with proactive longevity and chronic care management, we collect several types of information:

• Personal Identification Information: Name, email address, phone number, date of birth, and gender.
• Health and Medical Data: Medical history, symptoms, laboratory test results, medication records, and biometric data (e.g., blood pressure, glucose levels) provided by you or your healthcare providers.
• AI-Generated Insights: Data derived from our AI algorithms, including your Longevity Score and health risk assessments.
• Device and Usage Data: IP address, browser type, and information about how you interact with our platform to help us improve the user experience.

We use the information collected to:

• Provide and Manage Services: Create your Health Passport and coordinate your care with clinicians and labs.
• Proactive Health Insights: Use AI to identify health risks and provide personalized longevity recommendations.
• Communication: Send you health alerts, appointment reminders, and updates regarding your chronic care programs.
• Improvement of AI: Use de-identified, aggregated data to improve our health algorithms and predictive models.
• Compliance: Ensure we meet legal and regulatory obligations, including the Data Protection Act (2019).

We do not sell your personal or health data. We only share your information in the following circumstances:

• Healthcare Providers: With your consent, we share relevant health data with your doctors, lab technicians, or health coaches to facilitate your care.
• Service Providers: With trusted third parties who perform services for us (e.g., data hosting, payment processing), provided they adhere to strict confidentiality agreements.
• Legal Requirements: If required by law, such as in response to a subpoena or to protect the safety of our users.

DumuAfya implements industry-standard security measures, including:

• Encryption: Data is encrypted both in transit and at rest.
• Access Controls: Only authorized personnel with a "need-to-know" basis can access health information.
• Regular Audits: We perform periodic security reviews to protect against unauthorized access or data breaches.

Under the Data Protection Act, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we update or correct inaccurate information.
• Deletion: Request the deletion of your account and personal data (subject to medical record retention laws).
• Portability: Request that your data be transferred to another service provider.

We retain your health information for as long as your account is active or as required by health regulations and medical record-keeping laws in the Republic of Kenya.

Your information may be stored and processed in countries where we have facilities. By using our Services, you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules.

DumuAfya may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on our website and updating the "Last Updated" date.

If you have questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at: