Nu3CarePlus Privacy Policy

Effective Date: [12/11/2024]
Last Updated: [13/02/2025]

1. Introduction

Nu3CarePlus ("we," "us," or "our") is a health technology platform designed to connect users with certified nutritionists, chefs, and health professionals. Our mission is to make health and nutrition services accessible and efficient, particularly for diabetic patients and individuals requiring tailored care.

This Privacy Policy outlines how we will collect, use, protect, and share your personal data once our platform launches. By using our app, website, or related services, you agree to the terms outlined in this policy.

2. Data Collection

Once operational, we will collect the following types of personal data to deliver our services:

• Personal Information: Names, contact details (email, phone number), and demographic information.
• Health Information: Medical history, dietary preferences, and health goals.
• Payment Information: Credit card details, bank account information, and transaction history (processed securely by Paystack).
• Technical Information: IP addresses, device information, and browsing behavior.

3. Legal Basis for Processing (GDPR)

We will process your data based on the following legal grounds:

• Consent: When you explicitly agree to our data processing activities (e.g., signing up for our services).
• Contract Performance: To fulfill our obligations under the terms of service (e.g., providing nutrition plans).
• Legitimate Interests: To improve our platform, prevent fraud, and ensure security.

4. Data Use

We will use your data for the following purposes:

• To provide personalized nutrition and health services.
• To process payments and manage subscriptions (via Paystack).
• To improve our platform’s functionality and user experience.
• To communicate with you about updates, promotions, and support.

5. Data Sharing

We may share your data with:

• Service Providers: Trusted third parties who assist in delivering our services, including:
  • Paystack: For secure payment processing. Paystack’s privacy policy can be found here.
  • Cloud Providers: For data storage and platform hosting.
• Health Professionals: Nutritionists, chefs, and pharmacists involved in your care.
• Legal Authorities: When required by law or to protect our rights and safety.

We will ensure all third parties comply with GDPR, NDPR, and other applicable data protection laws.

6. Data Transfers (GDPR)

If we transfer your data outside the European Union (EU), we will use safeguards such as Standard Contractual Clauses (SCCs) or ensure the recipient country has adequate data protection laws.

7. Data Retention

We will retain your data only as long as necessary to:

• Provide our services.
• Comply with legal obligations.
• Resolve disputes or enforce agreements.

Once the retention period ends, we will securely delete or anonymize your data.

8. User Rights

Under GDPR and NDPR, you will have the following rights:

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your data under certain conditions.
• Restriction: Limit how we use your data.
• Portability: Receive your data in a machine-readable format.
• Objection: Object to certain data processing activities.

To exercise these rights, contact us at [support@nu3careplus.com].

9. Data Breach Notification

In the event of a data breach, we will:

• Notify affected users and relevant authorities (e.g., NITDA) within 72 hours.
• Take immediate steps to mitigate the breach and prevent future incidents.

10. Security Measures

We are committed to implementing robust security measures to protect your data, including:

• Encryption: All data will be encrypted during transmission and storage.
• Access Controls: Only authorized personnel will have access to your data.
• Regular Audits: We will conduct regular security audits to identify and address vulnerabilities.

11. Cookies and Tracking

We will use cookies and similar technologies to:

• Enhance your user experience.
• Analyze platform usage and performance.

You will be able to manage your cookie preferences through your browser settings.

12. NDPR Compliance

As a Nigerian-based company, we are committed to complying with the Nigeria Data Protection Regulation (NDPR) once operational. This will include:

• NITDA Registration: We will register with the National Information Technology Development Agency (NITDA) and submit a Data Protection Impact Assessment (DPIA).
• Data Protection Officer (DPO): We will appoint a DPO to oversee compliance. Contact information for the DPO will be provided once appointed.
• Local Data Storage: We will store Nigerian users’ data within Nigeria, as required by NDPR.

13. GDPR Compliance

While we primarily operate in Nigeria, we will adhere to GDPR principles to ensure global standards of data protection. This includes:

• Obtaining explicit consent for data processing.
• Ensuring data minimization and accuracy.
• Providing transparent information about data use.

14. Third-Party Payment Processing (Paystack)

We will use Paystack, a secure third-party payment processor, to handle all payment transactions. Paystack collects and processes your payment information in accordance with its own privacy policy, which can be found here. We will not store your payment details on our servers.

15. Pre-Launch Status

As we prepare to launch, we are committed to building a platform that prioritizes data protection and user trust. We are in the process of implementing the necessary policies, systems, and safeguards to ensure compliance with GDPR, NDPR, and other applicable laws.

16. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or app notifications.

17. Contact Information

For inquiries or support, contact us at:

• Email: [support@nu3careplus.com]
• Address: [Lagos, Nigeria]

18. Compliance Statement

At Nu3CarePlus, we are committed to protecting your data and ensuring compliance with global and local data protection laws, including GDPR and NDPR. Your trust is our priority, and we are taking all necessary steps to maintain the highest standards of data security and privacy.