Legal
Privacy Policy
Last updated: January 1, 2026 · Effective: January 1, 2026
Your health data belongs to you. Nexcure is designed from the ground up to protect your privacy. We never
sell your personal or health information to third parties — ever.
1. Information We Collect
When you create a Nexcure account and use our platform, we collect information necessary to deliver our
healthcare services:
- Account information — your name, email address, and password (stored as a secure
hash), or your Google profile details if you sign in with Google.
- Health profile data — symptoms, medical history, medications, and consultation
records that you voluntarily provide.
- Usage data — how you interact with Nexcure features, device type, browser, and IP
address for security and analytics.
- Communications — messages exchanged with Niramaay AI or Nexcure support.
2. How We Use Your Information
We use the information we collect strictly to provide, improve, and personalize Nexcure services:
- Deliver AI-assisted symptom analysis and health guidance through Niramaay.
- Connect you with verified healthcare providers for consultations.
- Send medication reminders and health notifications you have opted into.
- Maintain your longitudinal health record for personalized care continuity.
- Detect and prevent fraudulent activity and protect platform security.
- Comply with applicable laws and medical regulations.
3. Data Security
We apply industry-standard security measures to protect your health data at all times:
- All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
- Passwords are hashed using bcrypt with a cost factor of 12 — we never store plaintext passwords.
- Access to production data is restricted to authorized personnel on a need-to-know basis.
- We conduct regular security audits and vulnerability assessments.
While we implement rigorous security controls, no system is 100% secure. We encourage you to use a strong
password and keep your credentials confidential.
4. Data Sharing
We do not sell, rent, or trade your personal or health information. We may share your information only in
the following circumstances:
- With your consent — when you explicitly request a consultation with a doctor or
clinic on our platform.
- Service providers — trusted vendors (e.g. cloud infrastructure) who process data on
our behalf under strict data processing agreements.
- Legal requirements — when required by law, court order, or to protect the rights
and safety of our users.
5. Your Rights
You have the following rights regarding your personal data, regardless of your location:
- Access — request a copy of all data we hold about you.
- Correction — update or correct inaccurate personal information.
- Deletion — request permanent deletion of your account and associated data.
- Portability — export your health records in a standard format.
- Opt-out — withdraw consent for non-essential data processing at any time.
To exercise any of these rights, contact us at privacy@nexcure.health.
6. Cookies
Nexcure uses session cookies strictly necessary for authentication and security. We do not use tracking
cookies or third-party advertising cookies. You can disable cookies in your browser, though this will
prevent you from staying signed in.
7. Changes to This Policy
We may update this Privacy Policy periodically. We will notify registered users by email at least 14 days
before material changes take effect. Your continued use of Nexcure after the effective date constitutes
acceptance of the revised policy.