Neem

Privacy Policy

Last Updated: February 19, 2026

1. Introduction

Neem ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

By using Neem, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Personal Health Information

We collect health-related information that you provide, including but not limited to:

  • Patient demographics (name, date of birth, gender, blood type)
  • Medical conditions, diagnoses, and symptoms
  • Medications and allergies
  • Lab results, imaging reports, and other medical documents
  • Vital signs and health measurements
  • Family medical history
  • Lifestyle information (diet, exercise, sleep patterns)
  • Appointments and healthcare provider information

2.2 Account Information

  • Email address
  • Preferred name
  • Phone number (optional)
  • Password hash and salt (we do not store plaintext passwords)
  • Language and reading level preferences

2.3 Usage Information

  • Device information (type, operating system, unique identifiers)
  • App usage data and interaction patterns
  • Log data (IP address, browser type, access times)
  • Crash reports and error logs

2.4 AI-Generated Content

  • Wellness assessment results and health insights
  • AI expert chat conversations (Nutrition, Physiotherapy, Mental Health)
  • AI-generated explanations and educational content

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Generate personalized wellness assessments and health insights
  • Extract and organize data from uploaded medical documents
  • Provide AI-powered health correlations and pattern analysis
  • Deliver personalized lifestyle education and guidance
  • Track lab trends and identify potential health risks
  • Enable communication with AI health experts
  • Manage multiple patient profiles under one account
  • Respond to your requests and provide customer support
  • Send important updates about the service
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Data Storage and Security

4.1 Where Your Data is Stored

  • Cloud infrastructure: Your data is stored on secure cloud infrastructure operated by Neem and our service providers.
  • Data location: Depending on your location and the providers we use, your data may be processed in Canada and other jurisdictions. When personal information is processed outside your province or outside Canada, it may be subject to the laws of those jurisdictions.
  • Server storage: Patient data, medical records, and health information are stored in encrypted databases.
  • Device storage: PHI may be stored locally on your device to enable offline and local-first use.
  • Logout behavior: Logging out clears session/token state, but does not automatically wipe on-device PHI. You can explicitly remove local PHI in Settings -> Privacy -> Clear all on-device data.

4.2 Security Measures

We implement security controls designed for health data:

  • TLS encryption in transit
  • Encryption at rest for sensitive health information
  • Secure authentication and session/token protection
  • Role-based access controls and monitoring
  • Security testing and patching practices
  • Audit logging for high-risk actions (for example, export, share, and deletion requests)

Note: No method of transmission or electronic storage is completely risk-free.

5. Information Sharing and Disclosure

5.1 We DO NOT sell your personal health information.

5.2 We may share your information only in the following circumstances:

  • With your consent: We share information when you explicitly authorize us to do so.
  • Service providers: We may share information with contracted providers (for example cloud hosting and AI processing) under confidentiality and data-protection obligations.
  • Legal requirements: We may disclose information if required by law, court order, or governmental request.
  • Safety and security: We may disclose information to protect the rights, property, or safety of Neem, our users, or the public.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity subject to equivalent privacy commitments.

6. AI and Machine Learning

Neem uses artificial intelligence to provide personalized health insights.

  • AI analyzes health data to generate assessments, correlations, and educational content.
  • AI-generated content is educational and is not medical diagnosis or treatment advice.
  • AI processing is performed under contractual confidentiality and security controls.
  • We do not use identifiable user PHI to train foundation models.
  • Data used to improve product quality is de-identified or aggregated where required.
  • AI processing respects language preferences and reading level settings.

7. Your Rights and Choices

You have rights regarding your personal information:

  • Access: Request a copy of your data.
  • Correction: Update or correct your information.
  • Deletion: Request deletion of selected data categories or your account.
  • Export and portability: Request machine-readable exports where available.
  • Consent withdrawal: Withdraw consent for selected categories where applicable.
  • Opt-out: Opt out of non-essential communications.

How to submit requests: use in-app privacy controls or contact [email protected].

Service levels: we target acknowledgment within 72 hours and completion within 30 days unless legally extended.

8. Children's Privacy

Neem allows parents and caregivers to manage health information for dependents. If you create a profile for a minor, you represent that you are the parent or legal guardian with authority to provide that information.

Where required by applicable Canadian law, parental or guardian consent is required for minors (including Quebec-specific age rules where applicable).

9. Data Retention

We retain personal health information while your account is active to support longitudinal health tracking and app functionality.

If you request account deletion, deletion starts immediately for primary application records, and backup/system replicas are removed on a rolling basis with a target completion window of up to 30 days, subject to legal retention obligations.

Security and audit records may be retained only as required for legal, fraud prevention, and security purposes, then deleted or anonymized according to policy.

Logout does not delete your account data. Logout clears active session state; account deletion is a separate action in Privacy settings.

10. Data Residency and Cross-Border Transfers

Your information may be transferred to, stored in, or processed in Canada and/or other countries where Neem or our service providers operate.

Where required, we apply contractual and legal safeguards for cross-border processing.

11. Breach Notification

Neem maintains an incident response process for suspected or confirmed privacy/security incidents.

  • We investigate and contain incidents promptly.
  • When legally required, we notify affected users and regulators in accordance with applicable Canadian privacy laws.
  • We maintain breach records for required statutory periods.

12. Third-Party Links and Services

Neem may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. Review their privacy policies before use.

13. Medical Disclaimer

Important: Neem is not a medical device and does not provide medical advice, diagnosis, or treatment. AI-generated content is for educational purposes only. Always consult qualified healthcare professionals regarding medical decisions.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For significant changes, we will provide notice in-app and update the "Last Updated" date.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, contact us at [email protected].

16. Compliance Scope

Neem is committed to complying with applicable privacy and health data laws.

  • Canada: PIPEDA baseline, with provincial requirements applied where legally triggered.
  • Provincial laws: Applicable provincial private-sector privacy laws are applied where required.
  • Other jurisdictions: Additional laws apply where Neem offers services in those jurisdictions.

Neem is designed for personal health tracking and management by individuals and families. If you are a regulated healthcare organization or professional, you are responsible for determining whether and how Neem can be used within your own legal and regulatory obligations.

← Back to Home