Privacy Policy

Nafsia Clinic respects your privacy and is committed to protecting your personal data. This policy explains how we collect, organize, and use user data when using the Platform.

Compliance: This policy is designed to comply with international privacy regulations including: • General Data Protection Regulation (GDPR) - European Union • Algerian Law 18-07 on Personal Data Protection • Google Play and Apple App Store policies

Required Data (necessary for service): • Full name • Phone number or email • Age / Date of birth • Province / Country • Password (encrypted)

Optional Data: • Profile picture • Preferred languages • Preferred professional specialties

Session Data: • We do not record session content • We only record date, time, and duration for billing • All sessions are end-to-end encrypted

We use your data for:

1. Providing the Service: • Verify your identity and account • Connect you with suitable Professionals • Process payments • Send session notifications and reminders

2. Improving the Service: • Usage analysis (aggregate, not individual) • Developing new features • Detecting technical issues

3. Legal Compliance: • Complying with law enforcement requests • Preventing illegal activities • Protecting others' rights

4. Marketing (optional): • Sending newsletters only with your consent • Offers and promotions • Surveys

You can unsubscribe from marketing messages anytime.

We use the following security measures:

Encryption: • Data Transfer: SSL/TLS (https://) • Data at Rest: AES-256 for sensitive data (names, phones) • Passwords: SHA-256 with salt

Access: • Only necessary staff can access data • All employees sign NDAs • Session content is not accessible

Backups: • Daily backups stored securely • Session recordings are not kept (no content backups)

Security Level: We follow best practices but cannot guarantee 100% security. In case of breach, we will notify you per law.

Account Data: • We retain your account data while it's active • When you delete your account: All personal data is deleted immediately (name, phone, email, profile picture)

Financial Records & Receipts: • We keep them for 7 years (legal tax requirement) • Stored securely and encrypted

Session Records: • Kept only for billing and dispute purposes • Personal names and info removed when account is deleted • Session content itself is never recorded (end-to-end encryption)

Your Right to Delete: • You can delete your account anytime from account settings • All your personal data will be deleted immediately • Financial records remain only for legal purposes

We share data only with these parties:

1. Professionals (necessary for service): • Username only (we don't share your real name in in-app sessions) • WhatsApp number only for WhatsApp sessions • Session time and details • We don't share previous session history • We never share your email

2. Payment Providers: • PayPal and SATIM only receive what's necessary • We don't share health or personal data with them

3. Support Team: • Can access data to resolve issues • Under strict agreements

4. Law Enforcement (by law only): • If authorities request data with legal order • We'll notify you if legally able

We never sell your data to third parties.

You have the following rights (under GDPR and Law 18-07):

Access: • Right to get a copy of your data

Correction: • Right to correct inaccurate data

Deletion ("Right to be Forgotten"): • Right to delete your data (with legal exceptions) • More details: Data Deletion Policy

Data Portability: • Right to receive your data in standard format

Objection: • Right to object to data processing

Withdraw Consent: • Right to withdraw marketing consent

Request Rights: 📧 privacy@nafsiaclinic.com We'll respond within 30 business days.

We use cookies for:

Essential Cookies (necessary): • Secure login and sessions • Language preferences • Cannot be disabled

Analytics Cookies: • Analyze how you use the Platform • Improve performance • Can be disabled

Marketing Cookies: • Retarget ads • Can be disabled

How to Manage: You can manage cookies from browser settings. Note: disabling them may affect service.

The Platform is for adults only (18+).

If You're a Parent/Guardian: • Don't allow minors to create accounts • If we discover a minor account, it will be deleted

Limited Exception: • We may allow therapy sessions for teenagers (16+) with parental/guardian consent • Data is strictly protected • Parents/guardians can access accounts

Data may be transferred to: • Servers in Algeria and the European Union • Third parties outside the country (PayPal, etc.)

Protection: • All transfers are protected by SSL/TLS • We comply with legal data transfer agreements • We support standard contractual clauses for EU

Data Protection Officer: 📧 privacy@nafsiaclinic.com

Complaints: • You can file a complaint with your local data protection authority • EU: Contact your country's data protection authority

Updates: We may modify this policy. We'll notify you of significant changes.