# Privacy Policy **Last updated:** 2026-06-06 This Privacy Policy describes how **Eleven Healthcare Sdn Bhd** ("we", "us", "our") handles information when you use the **Eleven Health: BP and Sugar** mobile application (the "App"). The App was developed by **Giada Solutions Sdn Bhd** on behalf of Eleven Healthcare Sdn Bhd. --- ## 1. Who we are **Data controller:** Eleven Healthcare Sdn Bhd **Developer:** Giada Solutions Sdn Bhd **Contact (privacy questions):** elevenhealth@doctor11.com --- ## 2. What the App does Eleven Health is a personal health app that helps you record vitals such as blood pressure and blood sugar, review trends over time, and set medication reminders on your device. If you create an account, selected health information you enter may be stored on our servers so you can access it across sessions and devices. **The App is not a substitute for professional medical advice or emergency services.** In an emergency, contact local emergency services. --- ## 3. Information we collect and process ### 3.1 Account and authentication When you register or sign in, we process: - Phone number and password (password is stored using secure hashing on our servers; we do not store your password in plain text). - Session token issued after login, stored on your device so the App can call our APIs on your behalf. ### 3.2 Health and profile information When you use health data and vitals features, the information you enter or upload may be sent to and stored on **our servers** associated with your account. This may include, depending on what you provide: - Name / username, email, date of birth - Body measurements and related profile fields (e.g. height, gender, blood type) - Allergies, chronic medications, and similar health lists - Vital signs or measurements you log (e.g. blood pressure, blood sugar, weight) - Other fields the App’s forms and APIs support **Accuracy:** You are responsible for the accuracy of information you submit. ### 3.3 Images and device features If you use features that use the **camera** or **photo library**, images you choose to capture or select may be processed **on the device** and/or **sent to our servers** as required for that feature (for example, reading values from a photo). We use such data only to provide the feature, unless we tell you otherwise. ### 3.4 On-device data (not sent to us) Some settings and data stay **only on your device**, for example: - Medication **reminder times** and on/off state - Preferences such as **notification style** (e.g. normal vs alarm-style) - Cached copies of content for offline or faster display This locally stored data is not uploaded to our servers **unless** the App explicitly syncs it (reminder schedules in the current design are local-only). ### 3.5 Notifications If you enable them, the operating system may show **local notifications** for reminders you configure. We do not need to receive the content of those notifications on our servers for them to fire on schedule. ### 3.6 Optional AI or third-party tools If the App or our backend uses **artificial intelligence** or external APIs (for example, to power assistants or analysis), inputs you provide may be processed by those systems under agreements we maintain. We will describe material changes in-app or in this policy when we add such processing. ### 3.7 Technical and diagnostic data Like most mobile apps, our systems may process: - IP address, device/browser type, and approximate timestamps when you call our APIs - Error or security logs needed to operate and protect the service We do not use this policy to describe every possible log field; contact us for more detail if needed. --- ## 4. Legal bases and purposes (summary) We use your information to: - Provide, maintain, and improve the App and related services - Authenticate you and protect accounts - Display and store health-related data you choose to save - Comply with law and respond to lawful requests Where GDPR or similar law applies, we rely on appropriate bases such as **performance of a contract**, **legitimate interests** (security, service improvement), **consent** where required, or **legal obligation**. --- ## 5. Sharing of information We do **not** sell your personal information. We may share information with: - **Service providers** who help us host, secure, or operate the App and backend (under contracts and confidentiality obligations). - **Authorities** when required by law or to protect rights and safety. --- ## 6. Retention We keep account and health-related data for as long as your account is active and as needed to provide the service, comply with law, resolve disputes, and enforce agreements. Local data on your device remains until you delete the App or clear app data unless the App provides a delete control. --- ## 7. Security We use reasonable technical and organizational measures to protect information, including **HTTPS** for network communication and **hashed passwords** on the server. No method of transmission or storage is 100% secure. --- ## 8. Your rights Depending on where you live, you may have rights to **access**, **correct**, **delete**, **export**, or **restrict** processing of your personal data, or to **withdraw consent** where processing is consent-based. --- ## 9. Children The App is not directed at children under 13. We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps. --- ## 10. International transfers If our servers or processors are located outside your country, your information may be transferred across borders. We take steps required by applicable law for such transfers. --- ## 11. Changes to this policy We may update this Privacy Policy from time to time. We will post the new version and update the “Last updated” date. If changes are material, we may provide additional notice (for example, in the App). --- ## 12. Contact **Eleven Healthcare Sdn Bhd** Email: elevenhealth@doctor11.com Developed by Giada Solutions Sdn Bhd. Email: info@giada.cloud Phone: +60187017671 --- *End of Privacy Policy*