Skip to main content
Skip to main content
NAVIDAD Health OSDigital Health Platform

Privacy Policy

Last updated: April 4, 2026

Introduction

This Privacy Policy describes how NAVIDAD Health OS ("we", "us") processes personal data when you use our websites, demos, and—where applicable—the cloud services we provide to healthcare organizations ("Customers").

Data controller

For website visitors, the controller is the NAVIDAD entity operating this site. For production health services, Customers (clinics, hospitals, labs) are often independent controllers for patient care records; we act as a processor under agreement.

Data we process

  • Contact and account identifiers (name, email, phone) when you request demos or trials.
  • Usage and diagnostic data needed to operate and secure the service.
  • Where Customers upload clinical data, processing is governed by the Customer agreement and applicable law.

Purposes and legal bases

We process data to provide and improve the platform, communicate with you, meet legal obligations, and—where allowed—send relevant product information. Legal bases include contract performance, compliance with legal obligations, legitimate interests in operating a secure and reliable service, and consent where required by applicable law.

Sharing and subprocessors

We use infrastructure and communications providers under strict data processing agreements. These include cloud hosting, transactional email, and analytics providers. A current subprocessor list is available on request by contacting privacy@navidad.health.

Retention

We retain personal data only as long as necessary for the purposes described above, including applicable legal, security, and audit requirements. Account data is retained for the duration of the subscription plus a reasonable wind-down period. Anonymised or aggregated data may be retained indefinitely for product improvement.

Your rights

Depending on your jurisdiction, you may have rights to access, rectify, delete, restrict, or port your data, and to object to certain processing. Indian data principals may have rights under the Digital Personal Data Protection Act 2023. To exercise your rights, contact us at the address below. We will respond within the timeframe required by applicable law.

Security

We implement administrative, technical, and organisational measures aligned with healthcare-grade expectations, including encryption in transit and at rest, role-based access control, audit logging, and regular security reviews. See also Security.

International transfers

Where personal data is transferred across jurisdictions, we use appropriate safeguards such as standard contractual clauses, data processing agreements, or other mechanisms as required by applicable data protection law. Customer data is processed in the region agreed upon during onboarding.

Children

Our platform services are directed to healthcare organisations and professionals, not to children acting independently. We do not knowingly collect personal data from children for independent account sign-up.

Changes

We may update this policy from time to time. We will post updates to this page and adjust the "Last updated" date. For material changes, we will notify Customer administrators via email or in-product notice.

Contact

Privacy questions: privacy@navidad.health · Contact form