Skip to content

Trust & Privacy

Your family's health data, in safe hands.

We know that health data is some of the most personal information a family has. This page explains, in plain language, not legalese, exactly what we do with it, what we will never do, and how you stay in control. Always.

Our promise

We treat your family's health data like our own family's.

That's not marketing copy. The people building Nuri Care have ageing parents too. We built this app because we needed it ourselves, and we would never ship something we wouldn't hand to our own grandmothers. Every decision about how data is collected, stored, and shared starts with one question: "Would we be comfortable if this were our family?"

If the answer is no, we don't do it.

The short version

What we do, and what we never do

In plain language, no fine print.

What we do

  • Store your data on encrypted servers, both in transit and at rest.

  • Let you export your Nuri data, at any time, in a readable format.

  • Delete your account and all associated data permanently, on request.

  • Keep our data practices up to date as laws and best practices evolve.

  • Tell you clearly if anything important changes: no buried policy updates.

What we never do

  • Sell your data to anyone. Not data brokers, not insurance companies, not advertisers.

  • Show ads. Nuri's only business model is a subscription you pay for directly.

  • Use your health data to train AI models. The AI safety checks only ever read your data to give you an answer.

  • Share your data with third parties who don't need it to make Nuri work.

  • Make it hard to leave. If you go, you take your data with you.

Security

Protected at every step

Here's what that looks like under the hood, in plain terms, not compliance jargon.

Encrypted in transit and at rest

Every byte travelling between your phone and our servers uses TLS (the same encryption your bank uses). The data we store is encrypted at rest as well, adding another layer of protection.

SSL certificate pinning

Nuri's mobile apps are hard-coded to talk only to our verified servers. This blocks a class of attack (called a "man in the middle") where someone tries to intercept your connection by pretending to be us.

Strict access controls

Every API request is authenticated. Our database rules enforce that users can only read and write their own records. We log anomalies and rate-limit requests to limit damage if any credential were ever compromised.

We try to be honest about what "secure" means: we follow current best practices and we fix vulnerabilities quickly when they're reported. No system is perfectly invulnerable. If you find a security issue, please email privacy@nuricare.co.

Data location & regulations

Where your data lives

Nuri's infrastructure runs on established cloud providers, using regions with strong data-residency practices. We chose our providers in part for their security posture and transparent data-handling policies.

We operate in alignment with Singapore's Personal Data Protection Act (PDPA): we collect only what we need, we tell you why we're collecting it, we keep it only as long as necessary, and we give you access and correction rights.

We also follow GDPR-aligned practices for users in applicable jurisdictions, including the right to erasure and the right to data portability.

Nuri is not a medical device and does not claim HIPAA compliance. If you need healthcare-grade compliance for a clinical setting, Nuri is not the right tool for that use case, and we'd rather tell you now.

Some safety features, like medication-interaction and exercise checks, send the details you enter to a trusted AI provider so it can generate the result. That information is used only to give you the answer. It is never used to train AI models, and never sold.

What data we collect

  • Account info (email, name): to identify you and send account notifications.
  • Medications, schedules, and dose logs: so reminders and safety checks work.
  • Appointments and provider details: to power the shared calendar and directory.
  • Wellbeing check-in responses: to surface trends over time.
  • Location: only if you switch on safe-zone alerts, so family can be notified if your parent leaves a known safe area. Off unless you turn it on.
  • Basic usage analytics (crash reports, which features get used): looked at in aggregate to fix bugs and improve the app.

You're in control

Your data moves when you say so. Or not at all.

Export or delete your account

From inside the app, you can request a full export of your data in a standard format, or permanently delete your account and every record associated with it. Deletion takes effect immediately, and backup copies clear within 90 days.

The elder controls what family sees

Family members only see what the elder has shared with them. This is built into how Nuri works, not an optional setting that can be overlooked. An elder can connect and disconnect family members at any time, and can limit exactly which information each person can access. Dignity and autonomy are non-negotiable.

Family-consent model

When a family caregiver asks to connect with an elder's account, the elder must explicitly approve. No one can follow an elder's health without their active, informed consent. Nuri is a tool for care, not surveillance.

Notifications you control

Push notifications for medication reminders, alerts, and family updates can be managed, or turned off entirely, in your device settings. We never send marketing push notifications.

Accessibility

Built to be usable by everyone

Nuri targets WCAG 2.1 Level AA across the app and this website. That means, in practice:

  • Large, readable text: the elder-facing app uses a minimum 18pt body size, well above AA requirements.
  • High contrast: we design body text to meet a 4.5:1 contrast ratio and interactive elements to meet 3:1, the WCAG AA thresholds.
  • Screen reader friendly: meaningful alt text, logical heading structure, and proper ARIA labels throughout.
  • Reduced motion: all animations respect the "prefer reduced motion" system setting.

Tell us if something's hard to use

Accessibility is never finished. We're a small team doing our best, and we know we'll miss things. If anything about Nuri, the app or this website, is hard to read, navigate, or understand, please tell us.

Your report goes directly to the team. We take these seriously.

Email us about accessibility →

Full Privacy Policy

The detailed legal document covering everything we do with your data, written for the regulator as well as for you.

Read the Privacy Policy →

Terms of Service

What you agree to when you create an account: your rights, our responsibilities, and how disputes are handled.

Read the Terms →

Questions or concerns?

Questions about privacy, security, or your data rights? We're a real team and we read every email.

privacy@nuricare.co →

(Domain live soon; email active from launch.)

Be first to bring Nuri home.

We're opening to a small group of families first. Join the waitlist and we'll reach out when it's your turn.