Privacy Policy

1. Introduction

NutriCare ("we", "us") is committed to protecting your privacy. This policy explains how we collect, use, store, and protect your personal information when using the NutriCare platform. This policy applies to users in Vietnam and internationally.

2. Information We Collect

Personal information: Name, email, password (encrypted), avatar, address, phone number, professional credentials (for dietitians).

Health data: Medical conditions, nutrition goals, dietary preferences, food allergies, nutrition assessment results (BMI, MUST, MNA, etc.), meal plans, patient records (for healthcare staff).

Usage data: IP address, browser, device, pages visited, time spent, search and filter behavior.

Cookies: We use session cookies to maintain login and preference cookies to remember language and settings.

3. How We Use Data

We use your information to: (a) personalize food and recipe recommendations; (b) conduct nutrition assessments; (c) manage meal plans; (d) connect you with nutritionists; (e) improve the platform; (f) send account-related notifications; (g) analyze aggregate usage trends.

4. Data Sharing

With nutritionists: When you request a consultation, relevant health information is shared with the professional you choose.

With organizations: If you belong to a hospital/clinic, organization administrators may view patient data within their organization scope.

Aggregated data: We reserve the right to sell or share general, aggregated, or anonymized data for research or commercial purposes. However, we will NOT sell or share individual users' private personal information to third parties.

Legal requirements: We may disclose information when required by law or competent authorities.

5. Health Data

Health data is processed in compliance with Vietnam's Law on Cybersecurity (Law No. 86/2015/QH13) and Decree 13/2023/ND-CP on Personal Data Protection. Health data is encrypted at rest and accessible only by authorized healthcare personnel.

6. Storage & Security

Data is stored on secure servers. Passwords are hashed using bcrypt. Connections use HTTPS/SSL. We perform regular backups and have disaster recovery plans. However, no system guarantees absolute security.

7. User Rights

You have the right to: (a) access your personal data; (b) request correction of inaccurate information; (c) request deletion of your account and data; (d) export your personal data; (e) withdraw consent for data processing. To exercise these rights, contact: nutricare@vietnamcos.com

8. Children's Privacy

NutriCare is not intended for children under 13. We do not knowingly collect information from children under 13. If discovered, we will delete it immediately. Users aged 13-18 require parental consent.

9. International Data Transfers

Data may be processed on servers outside Vietnam. By using the Service, you consent to this international data transfer. We ensure appropriate protection levels under Vietnamese law and international standards.

10. Data Retention

Account data: retained until you delete your account. Medical assessment data: 5 years (per healthcare regulations). Usage data: 12 months. System logs: 6 months.

11. Legal Compliance

This policy complies with: Decree 13/2023/ND-CP (Vietnam Personal Data Protection), Cybersecurity Law 2015, GDPR (for EU users), and international data security standards.

12. Changes to Policy

This privacy policy may change at any time without prior notice. Continued use of the Service after changes constitutes acceptance of the new policy. The updated version will always be available on this page.

13. Contact

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact: nutricare@vietnamcos.com