Privacy Policy

Last updated: April 9, 2026

1. Introduction

Ta-Tech Solutions ("we", "us") operates the PolyHealth platform. This Privacy Policy explains how we collect, use, store, and protect your personal information and patient health data.

2. Data We Collect

We collect: (a) Staff data: name, email, phone, role, department, login activity, device information; (b) Patient data: name, date of birth, contact details, medical history, vitals, diagnoses, prescriptions, lab results, imaging, insurance information; (c) Financial data: invoices, payments, mobile money transactions; (d) Technical data: IP addresses, browser type, device identifiers, usage analytics.

3. How We Use Data

We process data to: (a) provide healthcare management services to the Tenant; (b) enable clinical workflows (appointments, encounters, prescriptions, lab orders); (c) support AI-assisted features (symptom checking, voice transcription); (d) process payments; (e) ensure platform security and prevent fraud; (f) generate anonymised analytics for the Tenant; (g) comply with legal obligations.

4. Data Storage and Security

Data is stored on secure servers provided by Supabase (PostgreSQL). All data is encrypted at rest and in transit (TLS 1.2+). Access is controlled through row-level security policies, role-based access control, and multi-factor authentication. We maintain audit logs of all data access. Document storage uses encrypted buckets with access logging.

5. Data Sharing

We do not sell personal or health data. Data may be shared with: (a) the Tenant's authorised staff as required by their role; (b) third-party service providers who process data on our behalf (Supabase for hosting, Twilio for WhatsApp, payment providers for mobile money), all bound by data processing agreements; (c) law enforcement or regulatory authorities when required by law.

6. Data Retention

Patient medical records are retained for the minimum period required by Cameroonian healthcare regulations (typically 20 years for adult records). Staff data is retained for the duration of employment plus 7 years. Financial records are retained for 10 years. Upon Tenant termination, data export is available for 90 days.

7. Your Rights

You have the right to: (a) access your personal data; (b) request correction of inaccurate data; (c) request deletion of your data (subject to legal retention requirements); (d) object to processing; (e) data portability. Patients may exercise these rights through their healthcare facility or by contacting us directly.

8. Cookies and Tracking

We use essential cookies for authentication and session management. We use anonymous analytics to improve the Service. We do not use advertising cookies or trackers.

9. Children's Data

Patient records may include data of minors. Such data is processed only with the consent of the parent or legal guardian, as provided by the healthcare facility during registration.

10. Contact

For privacy-related inquiries: Ta-Tech Solutions, Data Protection Officer, Douala, Cameroon. Email: privacy@polyhealth.health

Β© 2026 PolyHealth. All rights reserved. Powered by Ta-Tech Solutions.