Your privacy
Helios Health Ltd (“Helios”, “we”, “us”) is a medical technology company headquartered in Kampala, Uganda. We build proactive healthcare infrastructure: the Health Plus Card, the Helios Pulse wearable, and the Health Plus clinical platform: for patients, doctors, and healthcare facilities across Africa.
This Privacy Policy applies to all Helios services: helioshealths.com, app-healthplus.com, the Health Plus App, the Health Plus Card, and the Helios Pulse device. It explains exactly what data we collect, why we collect it, how we protect it, and what rights you have over it.
We process your data in compliance with the Uganda Data Protection and Privacy Act (DPPA) 2019. We do not sell your personal data. We do not use your health data for advertising.
What data we collect
Identity & Account Data
- Full name, date of birth, gender, nationality
- Email address, phone number, profile photo (optional)
- Government-issued ID (for identity verification where required by law)
- Account credentials (passwords stored as irreversible cryptographic hashes)
Health & Medical Data (Special Category)
- Medical history, chronic conditions, allergies, immunizations, blood type
- Prescription records, lab results, consultation notes
- Real-time biometrics from Helios Pulse: ECG, SpO₂, heart rate, blood pressure estimates, body temperature, motion and activity data
- Emergency medical data stored on your Health Plus Card (accessible offline by NFC/QR scan at partner facilities in emergencies)
Health data is classified as a special category under the DPPA and receives the highest level of protection. We process this data only with your explicit consent or in emergency situations where your vital interests are at risk.
Financial & Transaction Data
- Health Plus Wallet balance and transaction history
- Payment method references (full card numbers are never stored: processed by PCI-DSS compliant payment providers)
- Mobile Money transaction references
Device & Usage Data
- IP address, browser type, operating system, device identifiers
- Pages visited, features used, session duration, error logs
- Cookies and similar technologies (see Our Policies section)
How we use your data
- Service delivery: Managing your account, Health Plus Card, wallet, appointments, and consultations
- Health monitoring: Processing Helios Pulse biometric data to generate real-time health insights and clinical alerts
- Emergency care: Displaying critical health data to authorised healthcare providers in life-threatening situations
- Payments: Processing wallet top-ups and facility transactions securely
- Communications: Appointment reminders, health alerts, prescription notifications, support responses
- Safety & compliance: Fraud detection, unauthorized access prevention, legal obligations
- Platform improvement: Anonymized, aggregated analytics to improve reliability and features
Legal basis for processing
| Processing activity | Legal basis |
|---|---|
| Account creation and service delivery | Contract performance |
| Health data and biometric monitoring | Explicit consent |
| Consultation recording | Explicit consent (both parties) |
| Emergency health data access | Vital interests |
| Financial transaction processing | Contract performance |
| Fraud detection and security | Legitimate interests |
| Legal and regulatory compliance | Legal obligation |
| Anonymized research and analytics | Legitimate interests / Consent |
Research data
Helios operates at the intersection of healthcare delivery and public health research. Understanding population-level health trends: prevalence of hypertension, diabetes onset patterns, care access gaps: helps us improve the platform and contributes to the broader fight against non-communicable diseases in Africa.
Our core research commitment
We do not use individually identifiable health data for research without your explicit, informed consent. Any data contributed to research is de-identified and aggregated to a level where no individual can be identified. You can participate in research or opt out at any time from your account settings, without affecting your access to Helios services.
Types of research data use
- Anonymized platform analyticsAggregated, de-identified usage data (e.g. feature adoption rates, system performance) used to improve the platform. No individual can be identified. No consent required beyond accepting these terms.
- De-identified health trend researchAggregate epidemiological data (e.g. hypertension prevalence in a region) shared with academic institutions and public health bodies. Data is stripped of all identifiers before use. Opt-out available in settings.
- Clinical validation studiesDevice accuracy validation and clinical efficacy studies use de-identified biometric data from consenting users. Explicit consent required before enrollment.
- AI model improvementAnonymized sensor data from Helios Pulse is used to improve our health monitoring algorithms. You can opt out of contributing to model training in your account settings without losing monitoring functionality.
Your research data rights
- Withdraw from research participation at any time: retroactive de-identification applied
- Access information about which research studies your data has contributed to
- Request a full export of all data associated with your account
- Object to specific types of data processing for research purposes
Privacy protection
Your health data is among the most sensitive information that exists. Our privacy protection architecture is built on the principle of minimum necessary access: only the people and systems that genuinely need your data to provide your care can access it.
Consent management
You control precisely who can see your medical records. The platform uses a granular consent system: you grant access to specific providers for specific record types for defined time periods. Every grant of access is logged. You can revoke consent at any time.
Standard access
Requires your explicit consent before any doctor or facility can view your records
Emergency access
Break-the-glass access in life-threatening situations: time-limited, fully logged, you are notified within 24 hours
Audit trail
Every record access event is permanently logged with timestamp, accessor identity, and purpose
Consent withdrawal
You can withdraw consent for any provider at any time from your account settings: effective immediately
Data sharing
We share your data only in these circumstances:
- Authorized providers: Doctors and facilities you have explicitly granted access to through the consent system
- Service providers: Third-party vendors (cloud hosting, payment processing, SMS delivery) operating under strict data processing agreements that prohibit them from using your data for any purpose other than providing services to Helios
- Legal requirements: When required by a valid court order or statutory obligation under Ugandan law: we will notify you unless legally prohibited from doing so
- Business transfers: In the event of a merger or acquisition, you will be notified at least 30 days in advance and may request deletion before any transfer occurs
We never share your data for advertising
Your health data is never sold, rented, or used to build advertising profiles. Full stop.
Your rights
Access
Request a full copy of all personal data we hold about you
Correction
Request correction of any inaccurate or incomplete data
Deletion
Request deletion of your account and personal data (subject to legal retention requirements for medical records)
Portability
Receive your data in a structured, machine-readable format (JSON / PDF)
Object
Object to processing based on legitimate interests
Restrict
Request restriction of processing in specific circumstances
Withdraw consent
Withdraw consent for health data processing at any time without penalty
Complain
Lodge a complaint with the Uganda Personal Data Protection Office (PDPO)
To exercise any of these rights, email centraloffice@helioshealths.com. We respond within 30 days.
Security standards
Medical data demands medical-grade security. Our infrastructure is designed from the ground up to protect biometric data, clinical records, and financial transactions against unauthorized access, breaches, and misuse.
Encryption at rest and in transit
All health and personal data is encrypted at rest using AES-256. All data in transit is protected by TLS 1.3. Database fields containing biometric data use field-level encryption with keys managed by a dedicated secrets management system.
Role-based access control (RBAC)
Access to patient data is strictly role-based. Patients, doctors, facility staff, community health workers, and administrators each have precisely scoped permissions. No role has broader access than required for its function. Privilege escalation requires multi-factor approval.
Full audit logging
Every data access event: read, write, export, emergency access: is recorded with a timestamp, user identity, IP address, and declared purpose. Audit logs are tamper-evident and retained for a minimum of 7 years.
Multi-factor authentication (MFA)
MFA is required for all healthcare provider accounts and strongly encouraged for patient accounts. Administrative access to production systems requires hardware security keys.
Offline-first device security (Helios Pulse)
Biometric data stored on Helios Pulse is encrypted on-device. NFC communication uses ISO/IEC 14443 with secure element authentication. Data synced to the cloud is transmitted over an encrypted BLE channel and re-encrypted at ingestion.
Infrastructure and penetration testing
Our infrastructure undergoes regular security assessments and third-party penetration testing. Critical vulnerabilities are remediated within 24 hours. Our security posture is reviewed quarterly.
Breach response
In the event of a confirmed data breach affecting personal or health data, we will notify affected users and the Uganda PDPO within 72 hours of discovery, in compliance with the DPPA 2019.
Our policies
Data retention
| Data type | Retention period | Basis |
|---|---|---|
| Account & identity data | Duration of account + 30 days after deletion | Contract performance |
| Medical records | Minimum 7 years from last clinical event | Uganda Health Records Regulations |
| Prescription records | 7 years | Pharmacy & Drugs Act (Uganda) |
| Transaction records | 7 years | Financial compliance (Uganda) |
| Audit logs | 7 years | DPPA 2019 compliance |
| Helios Pulse biometric data | 2 years rolling (configurable by patient) | Consent |
| Anonymized research data | Indefinite | Legitimate interests |
| AI chat logs (public widget) | 90 days (not linked to account) | Legitimate interests |
Cookies policy
We use cookies and similar technologies to operate our websites. You manage your preferences through the cookie banner shown on first visit. Your choices are stored in your browser and respected on return visits.
Strictly necessary
Session management, authentication, security tokens. Required for the website to function. Cannot be disabled.
Functional
Remember your language preference, region, and UI settings across sessions.
Performance
Anonymized analytics (page views, error rates, load times) to understand platform usage. No individual tracking.
Targeting
Used only with your explicit consent to show relevant content. We do not use targeting cookies for third-party advertising networks.
Children's privacy
Our Services are not directed at children under 13. We do not knowingly collect personal data from children under 13. Users between 13 and 17 require documented parental or guardian consent to create an account. If you believe a child has provided us with personal data without appropriate consent, contact centraloffice@helioshealths.com and we will delete the data promptly.
International data transfers
Patient health and biometric data is primarily stored and processed within Uganda. Where operational requirements involve processing in other jurisdictions (e.g. cloud infrastructure providers), we ensure appropriate safeguards are in place including standard contractual clauses and data processing agreements. We do not transfer personal health data to jurisdictions without adequate data protection frameworks without explicit consent.
Changes to this policy
We will notify you of material changes to this policy by email and through a prominent notice on our websites at least 14 days before the changes take effect. The “Last Modified” date at the top of this page reflects the most recent revision. Continued use of our Services after changes take effect constitutes acceptance of the revised policy.
Contact us
For any privacy-related questions, data subject requests, or concerns about how Helios handles your personal data, contact us through the channels below. We respond to all privacy requests within 30 days.
Platform Support
For account-specific issues, lost card, data export requests, or consent management help.
support@app-healthplus.comUganda Personal Data Protection Office (PDPO)
If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the Uganda PDPO, the national supervisory authority for data protection. Visit pdpo.go.ug for contact details.