Your privacy is our priority. Learn how we collect, use, and protect your health information.
Last Updated: December 3, 2025
This Privacy Policy describes how Red Ribbon Health collects, uses, maintains, and discloses information collected from users. By using our platform, you consent to the data practices described in this policy. We are committed to HIPAA compliance and protecting your sensitive health information with the highest standards of security and confidentiality.
We collect information you provide directly, including name, email address, date of birth, and contact details when you create an account.
With your explicit consent, we collect health-related data including symptoms, medications, appointments, lab results, nutrition, exercise, mood, and stress levels. This information is stored securely and used solely to provide you with personalized health tracking services.
We automatically collect information about how you interact with our platform, including access times, pages viewed, IP address, browser type, and device information.
We use essential cookies for authentication and session management. We do not use third-party tracking cookies or sell your data to advertisers.
We use your information to provide, maintain, and improve our health tracking services, including generating insights and recommendations based on your health data.
We may send you service-related notifications, appointment reminders, and important updates about our platform. You can opt out of non-essential communications at any time.
We may use aggregated, de-identified data for research purposes to improve healthcare outcomes. Individual health information is never shared without your explicit consent.
We may use or disclose your information when required by law, to protect our rights, or to prevent fraud and ensure platform security.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your health information is protected with enterprise-grade security measures.
We implement strict access controls and authentication mechanisms. Only authorized personnel with a legitimate need can access protected health information.
Our systems undergo regular security audits and penetration testing to identify and address potential vulnerabilities.
We host our services on secure, HIPAA-compliant cloud infrastructure with redundant backups and disaster recovery procedures.
You have the right to access, download, and export your personal and health information at any time through your account settings.
You can update or correct your information directly through the platform. Contact us if you need assistance with data corrections.
You have the right to request deletion of your account and all associated data. We will process deletion requests within 30 days, except where retention is required by law.
You can withdraw your consent for data processing at any time. This may limit your ability to use certain platform features.
You have the right to receive your data in a structured, commonly used, and machine-readable format for transfer to another service.
With your explicit consent, we may share your health information with healthcare providers you designate for continuity of care.
We may share information with trusted service providers who assist in platform operations, subject to strict confidentiality agreements and HIPAA compliance.
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change and your rights regarding your data.
We may disclose information when required by law, court order, or government request, or when necessary to protect rights, property, or safety.
We never sell, rent, or trade your personal or health information to third parties for marketing purposes.
We retain your information for as long as your account is active and as necessary to provide services.
After account closure, we retain certain information for up to 7 years as required by healthcare regulations and legal obligations.
We may retain de-identified, aggregated data indefinitely for research and service improvement purposes.
We may retain data longer when required by legal proceedings, investigations, or regulatory requirements.
If you have questions about this Privacy Policy or how we handle your information, please contact our Privacy Officer:
redribbon@doctor4africa.com
We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification.