Privacy Policy

Last updated: 26 Jul 2025

Welcome to “Tupo Doctor” (hereinafter "the App"). We highly value your privacy and the protection of your personal data. Please read this Privacy Policy carefully to understand how we collect, use, store, share, and protect your personal data, and the rights you have under global privacy regulations such as the General Data Protection Regulation (GDPR).

I. Data Controller Information

Item	Details
Data Controller	Nanjing Heyback Technology Co., Ltd.
Registered Address	F2594, No. 18 Yinchun Road, Maigaoqiao Innovation Park, Qixia District, Nanjing, Jiangsu, China
Privacy Contact Email	privacy@xiaoheigohome.com
Legal Representative Contact	jed@xiaoheigohome.com
Data Protection Officer (DPO)*	Not appointed for now. Please contact via the privacy email for any questions.

II. Information We Collect

While using the App, we may collect the following categories of information:

2.1 Health Information Provided or Uploaded by the Patient

Health information you actively input: answers during consultations, symptom descriptions, general health status, etc.
Images you upload: medical reports, examination reports, test sheets, medication packaging or inserts, etc.

Note: The above may contain sensitive personal data. We transmit and store such data in encrypted form and use it for AI analysis and health advice generation only with your explicit consent.

2.2 App Permissions

Camera permission: used to take and upload photos of medical or health materials.
Photo Library / Storage permission (if applicable): used to select existing images from your device for upload.

2.3 Account Information

Third-party account information: when you log in with Google, Apple ID, or email, we obtain public info linked to your account (e.g., nickname, avatar, email).
In-App user identifier: a unique identifier used to associate your data within the App.

III. Purposes and Legal Bases for Processing

According to Article 6 GDPR, our lawful bases and corresponding purposes are as follows:

Purpose	Legal Basis
Provide core functions (consultations, health advice)	Contract Performance: Art 6 (1)(b)
Process uploaded health images and return analysis results	Explicit Consent: Art 6 (1)(a)
Improve product experience, prevent fraud, statistics	Legitimate Interests: Art 6 (1)(f)
Handle payments and subscriptions (RevenueCat)	Contract Performance: Art 6 (1)(b)
Comply with legal obligations (tax, audit, etc.)	Legal Obligation: Art 6 (1)(c)

You may withdraw consent at any time in the settings page; withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

IV. Data Retention Periods

Data Type	Retention Period
Account info & consultation records	5 years after last login, then deleted or anonymised
Uploaded health images	Deleted automatically after 1 year at most (or within 30 days after consent withdrawal)
Backup logs	Rolling deletion after 1 year

If you exercise the right to erasure or close your account, related data will be removed from production within 30 days and from backups within 90 days.

V. Cross-border Data Transfers

Your data is hosted in Alibaba Cloud Singapore data centre. For user data originating from the EU/EEA, we safeguard transfers with the Standard Contractual Clauses (SCC, 2021/914/EU) and equivalent measures to remain GDPR-compliant.

For third-party service providers outside the EEA, we rely on their Data Processing Agreements (DPA) or contracts incorporating SCCs to protect your data:

Google Firebase / Google Cloud: official DPA (incl. 2021/914/EU SCC) — https://cloud.google.com/terms/data-processing-terms
RevenueCat, Inc.: official DPA (incl. SCC) — https://www.revenuecat.com/dpa
Coze AI:
- EEA users: data is sent only to coze.com; official DPA (incl. SCC) — https://www.coze.com/legal/data-processing-addendum
- Non-EEA users: data may be sent to coze.cn (China/Singapore) and is protected by confidentiality and security agreements; SCC/ equivalent safeguards will be added once available.
Alibaba Cloud (Singapore): infrastructure sub-processor; official DPA (incl. SCC) — https://www.alibabacloud.com/help/en/legal/latest/fe2cxg

We do not sell your personal data. The service providers below process data only under our instructions and in line with this Policy:

Third Party / SDK	Role	Purpose	Privacy / DPA Link
Coze AI (coze.com)	Processor	AI workflow & large-model access (EEA data only)	https://www.coze.com/legal/data-processing-addendum
Coze AI (coze.cn)	Processor	AI workflow & large-model access (Non-EEA data only)	https://www.coze.cn/open/docs/guides/privacy
Google Firebase Analytics	Processor	App usage analytics	https://policies.google.com/privacy
RevenueCat	Processor	Subscription aggregation & payment verification	https://www.revenuecat.com/privacy
Alibaba Cloud (ap-southeast-1)	Hosting / IaaS (encrypted storage, Singapore)	https://www.alibabacloud.com/help/en/legal/latest/fe2cxg

All processors are bound by confidentiality and security obligations.

VII. Automated Decision-making

The App does not make decisions with legal or significant effects on you solely based on automated processing (including profiling) without human review.

You have the following rights and may exercise them via “Settings › Privacy” or by emailing privacy@xiaoheigohome.com:

Right of access: obtain a copy of your data we hold.
Right to rectification: correct incomplete or inaccurate data.
Right to erasure (right to be forgotten).
Right to restriction of processing.
Right to data portability: receive data in a machine-readable format and transfer it elsewhere.
Right to object to processing based on legitimate interests.
Right to withdraw consent at any time.
Right not to be subject to automated decision-making.

EU Subscription Cooling-off: For first-time subscriptions by EU residents, you may withdraw within 14 days from payment and obtain a refund, unless you expressly agree that we start providing digital services immediately.

If you believe our processing breaches the GDPR, you may lodge a complaint with a supervisory authority (see next section).

IX. Complaints & Supervisory Authorities

You may contact the data protection authority (DPA) in your residence or workplace country, e.g.:

Germany: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) — https://www.lda.bayern.de
France: CNIL — https://www.cnil.fr
Netherlands: Autoriteit Persoonsgegevens — https://autoriteitpersoonsgegevens.nl

X. Children’s Data

The App is intended for users aged 16 and above. We do not knowingly collect personal data from children under 16. If we discover such collection, we will delete the data immediately.

XI. Changes to this Policy

We may update this Policy from time to time. For material changes involving categories, purposes, or sharing of data, we will notify you via in-app pop-up, email, or other practical means and, where required, seek your renewed consent.

XII. Contact Us

For questions or to exercise your rights, please contact us:

Email: privacy@xiaoheigohome.com
Company: Nanjing Heyback Technology Co., Ltd.
Registered Address: F2594, No. 18 Yinchun Road, Maigaoqiao Innovation Park, Qixia District, Nanjing, Jiangsu, China