ellyra
Privacy Policy

🔒 Ellyra Health – Privacy Policy

Last Updated: September 2025

Ellyra Health is provided by ELLYRA LIFE SCIENCES LTD, registered at 5 Derwent Drive, Tunbridge Wells, England, TN4 9TB. Contact: privacy@ellyra.health

1. Introduction

Ellyra ("we", "us", "our") is a mobile health application designed to support your wellbeing through symptom checking, health tracking, and related services. We are committed to handling your personal data in accordance with the UK GDPR and Data Protection Act 2018.

This Privacy Policy explains what data we collect, how we use it, and the rights you have.

Ellyra does not provide medical diagnosis, treatment, or prescriptions. All features are for informational purposes only, and users must seek professional medical advice for diagnosis or treatment.

2. Information We Collect

We only collect information necessary to provide our services:

  • Personal details – e.g. name, date of birth, email, phone number.
  • Health data (special category data) – symptoms, medical history, health surveys, uploaded reports, or photos you provide (with explicit consent).
  • Biometrics – if you enable FaceID or TouchID for login (handled securely by your device, not stored by us).
  • Technical data – device type, app version, IP address, crash/error logs.

3. How We Use Your Information

  • Delivering app features (symptom checker, report insights, health tracking).
  • Improving safety, quality, and performance of our service (using anonymised or aggregated data).
  • Communicating with you (service updates, reminders, or changes to this policy).
  • Regulatory compliance and patient safety reporting (where required).
  • Legal obligations or defending claims (if applicable).
  • We do not use personal health information (PHI) to train our systems. User data is processed solely to deliver Ellyra's features and is not retained for model training purposes.

We do not sell your data to third parties.

4. Data Security

  • All transmissions are encrypted (TLS/HTTPS).
  • Health data stored with strong encryption at rest.
  • Access limited to authorised staff under strict confidentiality.

5. Your Rights

You have rights under UK GDPR, including:

  • Access your data
  • Correct inaccuracies
  • Request deletion ("right to be forgotten")
  • Restrict or object to processing
  • Complain to the ICO (ico.org.uk)

Contact us at privacy@ellyra.health to exercise these rights.

6. Children's Privacy

Ellyra is not intended for children under 17. User must be 17 and above to use the app.

7. Sharing Your Data

We may share data with:

  • Service providers (cloud hosting, analytics, support tools).
  • Healthcare professionals (only if you choose to share).
  • Regulators or authorities (if legally required).
  • Business transfers (e.g., merger/acquisition, with safeguards).

Data is stored in the UK/EEA. If transferred outside, we use legally approved safeguards.

8. Updates

We may update this Privacy Policy from time to time. Please check the Privacy Policy section regularly for the latest version.