Nyvra← Back to home

Privacy Policy

Last updated: April 15, 2026

1. Introduction

Nyvra (“we”, “us”, “our”) is committed to protecting the privacy of our customers and their patients. This Privacy Policy explains how we collect, use, store, and share information when you use the Nyvra Hospital Platform.

2. Information We Collect

We collect the following categories of information:

  • Account information: Name, email address, organisation name, and role when you register
  • Usage data: Log data, IP addresses, browser type, pages visited, and feature usage
  • Platform data: Hospital branch details, doctor profiles, appointment records, and connected care data that you input into the Service
  • Payment information: Billing details processed securely by our payment provider; we do not store full card numbers

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve the Service
  • Authenticate users and maintain account security
  • Send transactional emails (account confirmations, password resets)
  • Respond to support requests
  • Comply with legal obligations
  • Analyse aggregate usage patterns to improve the platform

We do not sell your data or use patient health data for advertising purposes.

4. Data Storage and Security

All data is stored in Supabase-managed PostgreSQL databases with row-level security (RLS) enforced at the database level, ensuring strict data isolation between organisations. Data is encrypted at rest and in transit using TLS. We maintain audit logs of all data access and modifications.

5. Data Sharing

We do not share your data with third parties except:

  • Service providers: Infrastructure providers (Supabase, Vercel) who process data on our behalf under data processing agreements
  • Legal requirements: When required by law, court order, or governmental authority
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice to you

6. Data Retention

We retain your account data for as long as your account is active. Upon account termination, we will delete or anonymise your data within 90 days, unless we are required to retain it for legal or regulatory purposes.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability: receive your data in a machine-readable format

To exercise these rights, contact us at contact@nyvra.life.

8. Cookies

We use essential cookies for authentication and session management. See our Cookie Policy for details.

9. Children’s Privacy

The Service is not directed at individuals under 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notice. The “Last updated” date at the top reflects the most recent revision.

11. Contact

For privacy-related questions or requests, contact our Data Protection team at contact@nyvra.life.