Sicura Health

Sicura U.S. Privacy Policy

Effective Date: 1st August 2025
Jurisdiction: United States – California

1. Our Commitment to Your Privacy

Sicura Health Pty Ltd. ("Sicura", "we", "our", or "us") is committed to protecting your personal and health information. This Privacy Policy explains how we collect, use, protect, and disclose your information when you use the Sicura mobile application (“App”).

We follow strict privacy principles based on:

Data Minimization – We collect only what is necessary
On-Device Processing – Your health data never leaves your phone
Transparency & Control – You control your data, and we show you what we see
Security – We use advanced encryption and security measures to keep your data safe

This policy is governed by U.S. law, with California as the principal jurisdiction. It is intended to comply with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

2. Definitions

Personal Information: Any information that identifies, relates to, or could reasonably be linked to an individual.
Personal Health Information (PHI): Any health-related information tied to your identity or health status.
Aggregated Data: De-identified, combined information from groups of users that cannot be used to identify individuals.
Device Metadata: Information about your device (e.g., model, OS version) and diagnostic data related to app performance.

3. Information We Collect

a. Device Metadata (Non-Health Data)

Collected automatically to support app functionality and security:

Device type and OS version
App performance and crash logs
A randomized device identifier used to send communications to your app

b. Personal Health Data

Includes health measurements, lab results, wearable data, symptoms, medications, and other health-related inputs
Stored only on your mobile device
Never transmitted to Sicura servers

4. How We Use Your Information

Device metadata is used to:
- Support diagnostics and bug fixes
- Maintain app functionality across devices
- Securely send communications (e.g., app updates or alerts)
Personal Health Information is:
- Processed entirely on-device using AI to provide personalized recommendations
- Used to generate anonymized, aggregate-level insights (via federated learning)
- Never uploaded, stored, or analyzed by Sicura servers

5. Third-Party Services and External Links

Sicura may offer optional links or connections to third-party wellness services or healthcare providers. If you choose to interact with these services, they may learn about aspects of your health preferences based on your engagement.

We do not share your personal health data with these services. However:

If you choose to provide identifying information to a third-party service, they may associate it with your inferred health needs.
We recommend reviewing the privacy policies of any external service you engage with.

Sicura is not responsible for the privacy or security practices of external sites or services.

6. Your Privacy Rights (U.S. Users)
Including rights under the California Consumer Privacy Act (CCPA/CPRA)

Regardless of where you live in the U.S., we extend the privacy rights granted under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) to all Sicura users. These rights include:

Know what categories of personal information we collect and how it’s used
Access specific personal information we may hold (in this case, limited to non-health metadata)
Request Deletion of any personal information we maintain (note: personal health data remains solely on your device)
Correct inaccurate information we may retain
Limit the Use or Disclosure of Sensitive Personal Information (we do not disclose any such information)
Non-Discrimination for exercising privacy rights

We do not:

Sell or rent any personal information
Share your information for cross-context behavioral advertising
Profile you for automated decision-making

You may exercise your rights by contacting our Privacy Officer at:

📧 info@sicurahealth.ai

We will respond to verified requests within 45 days.

7. HIPAA Statement

Sicura is not a covered entity under the Health Insurance Portability and Accountability Act (HIPAA). However, we follow industry best practices in handling sensitive health-related data, including:

Data minimization
On-device-only storage
Encryption and local-only processing
No cloud storage or PHI transmission

8. Data Security

We employ commercial-grade safeguards to protect data on your device:

On-device encryption - All health information is encrypted using your device's built-in AES-256 encryption
Biometric and passcode protection - Secured by your device's authentication methods (Face ID, Touch ID, fingerprint, or passcode) when enabled
Local storage only - Your health data is stored exclusively on your device and never transmitted to external servers
No cloud backups - Personal health data is excluded from cloud backup services
Zero-knowledge architecture - We have no ability to access your health information

You are responsible for maintaining the security of your mobile device. If your device is lost or compromised, your health data may be at risk.

9. Data Retention and Deletion

Your health data is stored only on your device and is deleted when you uninstall the Sicura App
You may delete or update your data at any time within the app settings
We retain only anonymized device metadata for diagnostics and compliance

10. Children’s Privacy

Sicura is not intended for children under 13. We do not knowingly collect or store personal information from children.

11. Changes to This Policy

We may update this policy to reflect legal or technical changes.