
This Privacy Policy outlines how Bluemify ("Company", "we", "us", or "our") collects, uses, and protects the personal information of users of our website, mobile application, and related services (“Services”). By accessing or using Bluemify, you agree to the terms of this Privacy Policy.
We may use the information collected for the following purposes:
- To provide healthcare and wellness services through the platform.
- To connect you with doctors, healthcare professionals, or caregivers.
- To process bookings, payments, and transactions.
- To contact you via phone, SMS, or in-app communication to confirm receipt of services, verify service delivery by healthcare providers, conduct quality checks, and ensure patient safety.
- To communicate with you regarding your account, services, or support requests.
- To comply with legal and regulatory obligations.
- To improve, personalize, and enhance the Services.
- To send health-related updates, reminders, or educational content (with your consent).
- For research and analytics to improve maternal, mental health, and family care solutions.
- To enable doctors to conduct virtual consultations with patients on Bluemify via Google Meet, including automatically generating meeting links for booked appointments, syncing the doctor's consultation schedule to Google Calendar, and sending calendar invites to the doctor and patient for each virtual consultation.
We may share your information in the following situations:
- With healthcare professionals and institutions: Only the necessary information will be shared for your consultation, treatment, or care, subject to your consent.
- With partner hospitals, clinics, and healthcare providers: When services are delivered by our partners (e.g., hospitals, laboratories, pharmacies, or referral centers), we share only the medical and administrative details required. All partners are bound by formal agreements and must comply with Bluemify’s privacy and security standards as well as the Kenya Data Protection Act.
- With third-party service providers: For hosting, payment processing, cloud storage, analytics, and communication services.
- With Google: When you book a virtual consultation with a doctor who uses our Google Meet integration, your name and email address are shared with Google as the invited attendee on the consultation's calendar event, solely so you receive the meeting invite and link. Google processes this data under its own privacy policy.
- For legal reasons: If required by law, regulation, or valid legal process.
- For business transfers: In case of a merger, acquisition, or restructuring, your data may be transferred as part of the business assets.
We do not sell or rent your personal information to third parties.
Bluemify's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, when a doctor connects their Google account to conduct virtual consultations with patients on Bluemify, we access Google Calendar and Google Meet data solely to:
- Automatically create a Google Meet link for each virtual consultation booked by a patient through Bluemify.
- Sync that consultation's date and time with the doctor's Google Calendar.
- Send calendar invites containing the Meet link to both the doctor and the patient ahead of the consultation.
This access is limited to virtual consultations booked and managed through Bluemify. We do not access, read, or modify any other events, contacts, or data in the doctor's Google account.
The video and audio of a virtual consultation itself takes place on Google's infrastructure via Google Meet and is not stored or hosted by Bluemify. Google's own privacy policy governs how Google processes data during the call itself.
Bluemify may offer the ability to record virtual consultations for quality, safety, or clinical record-keeping purposes. Where recording is available, it will only occur with the informed consent of both the doctor and the patient, obtained before recording begins. Recordings, where enabled, are treated as health information under this Privacy Policy and are subject to the same security, retention, and access protections described above.
We do not use this data for advertising, sell it, or transfer it to third parties except as necessary to provide these features, comply with the law, or as part of a merger or acquisition (with continued adherence to this policy). No human at Bluemify reads this data except where necessary for security, legal compliance, or with the doctor's explicit consent for support purposes.
Doctors can revoke Bluemify's access to their Google account at any time via Google Account Permissions. Revoking access will disable Meet/Calendar integration but will not affect other Bluemify services.
We implement robust security measures, including:
- End-to-end encryption of sensitive data (medical and payment details).
- Access controls and authentication mechanisms.
- Regular security audits and monitoring.
- Compliance with Kenya Data Protection Act (DPA 2019).
All partners and service providers handling your data are required to implement equivalent security and confidentiality measures under Bluemify’s agreements.
While we use industry best practices, no system is 100% secure. In the event of a data breach, we will notify you and the relevant authorities as required by law.
Your data may be stored or processed on servers located outside Kenya, depending on our service providers. In such cases, we ensure that adequate safeguards are in place, including contractual protections and encryption, to protect your data.
We will retain your personal information for as long as necessary to:
- Deliver the services you requested.
- Fulfill legal, regulatory, or contractual obligations.
- Resolve disputes and enforce agreements.
Once no longer needed, data will be securely deleted or anonymized.
- OAuth tokens are retained only while the Google integration is active and are deleted immediately upon disconnection or account deletion.
Depending on your jurisdiction, you may have the right to:
- Access a copy of the personal data we hold about you.
- Request correction, updating, or deletion of your data.
- Restrict or object to certain processing activities.
- Withdraw consent for optional data processing (such as marketing communications).
- Request data portability (where applicable).
To exercise your rights, contact us using the details below. We will respond in line with applicable laws.
We may use cookies, analytics tools, and similar technologies to:
- Enable platform functionality.
- Analyze trends and usgae patterns.
- Improve service delivery and personalization.
You may disable cookies in your browser settings, but some features of Bluemify may not function properly.
Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices or content of such third parties. Please review their policies before providing personal data.
We may update this Privacy Policy from time to time. Any significant changes will be communicated by posting an updated version on the platform and, where appropriate, notifying you directly.
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:
Email: support@bluemify.com
Phone: +254 714 299 566
This Privacy Policy ensures that Bluemify complies with Kenyan law while also being aligned with international healthcare privacy standards in case of global scaling.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us: