Privacy Policy
Last updated: December 2024
Our Commitment to Your Privacy
At Shiora, we understand that health data is among the most sensitive personal information. We are committed to protecting your privacy with the highest standards of security and transparency. This policy explains how we collect, use, and safeguard your information.
Information We Collect
Personal Information: Name, email address, date of birth, and contact details provided during registration.
Health Information: Health metrics, symptoms, menstrual cycle data, wellness goals, and other health-related information you choose to share.
Usage Data: How you interact with our Services, including features accessed, time spent, and preferences.
Device Information: Device type, operating system, browser type, and IP address for security and optimization.
How We Use Your Information
We use your information to: (a) provide personalized health insights and recommendations; (b) improve and develop our Services; (c) communicate important updates; (d) ensure platform security; (e) comply with legal obligations; (f) conduct anonymized research to advance women's health.
Data Protection
Your health data is encrypted using AES-256 encryption at rest and TLS 1.3 in transit. We employ multi-factor authentication, regular security audits, and strict access controls. Our systems are compliant with international healthcare data standards including HIPAA principles and GDPR requirements.
Data Sharing
We never sell your personal health data. We may share information with: (a) healthcare providers at your explicit request; (b) service providers who assist our operations under strict confidentiality agreements; (c) authorities when required by law. Anonymized, aggregated data may be used for research purposes.
Your Rights
You have the right to: (a) access your personal data; (b) correct inaccurate information; (c) delete your account and data; (d) export your data in portable format; (e) withdraw consent for optional processing; (f) lodge complaints with supervisory authorities.
Data Retention
We retain your data for as long as your account is active or as needed to provide Services. Upon account deletion, personal data is removed within 30 days, except where retention is required by law or for legitimate business purposes.
International Transfers
Your data may be processed in countries outside your residence. We ensure appropriate safeguards including standard contractual clauses and adequacy decisions to protect your information during international transfers.
Contact Us
For privacy inquiries: privacy@shiora.health
Data Protection Officer: dpo@shiora.health