Privacy Policy

1. Introduction

Sauti Care ("we", "us", "our", or "Company") operates the Sauti Care platform. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our service.

2. Data We Collect

• Patient health information (voice recordings, symptoms, medical history)
• Insurance information (claim details, verification data)
• Healthcare provider information (credentials, facility data)
• Device and usage data (technical diagnostics, analytics)

3. Data Protection

All patient data is encrypted using AES-256 encryption in transit and at rest. Voice biometrics are hashed using non-reversible algorithms. We comply with:

• Kenya Data Protection Act 2019
• GDPR (General Data Protection Regulation)
• HIPAA standards
• ISO 27001 security certifications

4. Data Retention

Patient health records are automatically deleted after 90 days unless legally required to retain. Audit logs are retained for 1 year. You have the right to request deletion of your data at any time.

5. Your Rights

• Right to access your personal data
• Right to correct inaccurate data
• Right to delete your data
• Right to restrict processing
• Right to data portability
• Right to withdraw consent

6. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@sauticare.com or Antony Mwangi Ngigge at antonyngigge@iworldafric.com