Privacy Policy

Effective date: November 3, 2025 Welcome to Xyvra Health (the “App”). Your privacy is important to us. This Privacy Policy explains how Xyvra Health and its affiliates collect, use, disclose, and protect information when you use our mobile application and related services, or visit our website at https://xyvragroup.com (together, the “Services”).

1. Controller / Contact Information

Controller: Xyvra Health

Website: https://xyvragroup.com Email: info@xyvragroup.com Telephone: +254 759 000652 Address: Nachu Plaza, Kiambere Road, 13th Floor, Suite 13D, Nairobi

2. Scope

This policy applies to personal information collected through our App, website, customer support channels, and other interactions where we link to this Privacy Policy.

3. Information We Collect

We collect information you provide directly and information collected automatically.

a) Information you provide

  • Account information: name, email address, phone number, profile information you choose to provide.
  • Health information: medical conditions, symptoms, medication, treatment history, biometric data, or other health-related information you enter into the App. (See Section 6 — Sensitive Data.)
  • Communications: messages, feedback, survey responses and other content you submit to us.
  • Payment and billing: where applicable, transaction details and billing information (we may use third-party payment processors who handle payment card data — we do not store full card numbers on our servers).

b) Information collected automatically

  • Usage data: pages or screens viewed, features used, interaction data, crash reports, diagnostics, and performance data.
  • Device & technical data: device model, operating system, app version, unique device identifiers, IP address, and mobile network information.
  • Location data: approximate or precise location if you permit location services. You can disable location collection via your device settings.
  • Cookies and similar technologies: for website analytics and session management (see Section 11).

4. How We Use Your Information

We use information to:

  • Provide, maintain, and improve the Services;
  • Process and respond to your requests, bookings, or orders;
  • Personalize your experience and provide tailored health information and recommendations;
  • Communicate with you about your account, updates, marketing (where permitted), and support;
  • Monitor and analyze usage and trends to improve functionality and security;
  • Comply with legal obligations and enforce our terms and policies.

5. Legal Bases for Processing (where required)

If you are a resident of the European Economic Area (EEA) or certain other jurisdictions, we rely on one or more of the following legal bases to process your personal data:

  • Performance of a contract: to provide the Services you request;
  • Legal obligation: to comply with laws and regulations;
  • Consent: when you have given clear consent (for example, to receive marketing messages or allow precise location);
  • Legitimate interests: for our business purposes such as ensuring security, preventing fraud, and improving the Services — except where such interests are overridden by your rights.

6. Sensitive Health Data

Some information collected through the App may be health-related sensitive data. Because this data is particularly sensitive, we will process it only when one of the following applies:

  • We have your explicit consent to process the specific health data;
  • Processing is necessary for the provision of health care or health-related services you requested;
  • Processing is otherwise permitted by applicable law.

7. Sharing and Disclosure

We may share your information in the following limited circumstances:

  • Service providers: third-party vendors who perform services on our behalf (e.g., hosting, analytics, payment processing). They only receive the information necessary to perform their functions and must protect it.
  • Healthcare providers: where you authorize us to share information with doctors, clinics or labs.
  • Legal: to comply with laws, respond to lawful requests, prevent fraud, or protect our rights and property.
  • Business transfers: in connection with a merger, acquisition, or sale of assets — with notice and appropriate protections.
  • With your consent: any other sharing you explicitly authorize.

8. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. Where required by law, we will implement appropriate safeguards (such as standard contractual clauses) to protect your personal data.

9. Data Security

We implement technical and organizational measures designed to protect your information from accidental loss, unauthorized access, disclosure, alteration, or destruction. Unfortunately, no system is completely secure — if you suspect a security issue, contact us immediately at info@xyvragroup.com.

10. Data Retention

We retain personal information only as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of data and the purposes for which it was collected.

11. Cookies and Analytics

Our website uses cookies and similar technologies to operate the site, remember preferences, and provide analytics about site usage. You may control cookie settings through your browser; disabling cookies may limit certain features.

12. Third-Party Links and Services

The Services may contain links to third-party websites and services (for example, analytics providers, payment processors, or social networks). This Privacy Policy does not apply to those third parties. Please review their privacy notices before providing personal information.

13. Children

Our Services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us and we will take steps to delete it.

14. Your Rights

Depending on your jurisdiction, you may have rights including access, correction, deletion, restriction of processing, data portability, objection to processing, and the right to withdraw consent. To exercise your rights, contact us at info@xyvragroup.com. Where required, we may ask you to verify your identity before responding.

15. California Privacy Rights (CCPA)

If you are a resident of California, you may have additional rights under the California Consumer Privacy Act, including the right to request certain information about our data practices and to request deletion of personal information subject to applicable exceptions. To submit a request, contact us at the email or telephone above.

16. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes we will provide prominent notice, for example via the App or our website, and update the effective date above. We encourage you to review this page periodically.

17. How to Contact Us

For questions, concerns, or to exercise your privacy rights, contact:

Xyvra Health Nachu Plaza, Kiambere Road, 13th Floor, Suite 13D, Nairobi Telephone: +254 759 000652 Email: info@xyvragroup.com Website: https://xyvragroup.com

By using the Services you acknowledge that you have read and understood this Privacy Policy.

Create your account