Last Updated: June 17, 2026
TheHyWing ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, WhatsApp bot, and related services (collectively, the "Service"). TheHyWing is a climate-risk intelligence and preventive health platform that protects human health and livelihoods across multiple climate stressors. We operate globally and comply with applicable data protection laws in all jurisdictions where we serve users.
TheHyWing is the data controller responsible for your personal data. For data protection inquiries:
We collect information that you provide directly to us, including:
We use the collected information for:
TheHyWing is a personalized safety and preventive-health service, not a general information app. The protection it provides — heat-strain and climate-risk scoring, hydration plans, symptom triage, doctor teleconsultations, safety-buddy check-ins, and employer/team safety features — cannot be delivered anonymously. Each of these is calculated against your own occupation, health vulnerability, and location, and is tied to a secure account.
For this reason we require an account and certain personal details to function. We rely on the following bases:
You may withdraw consent or delete your account at any time (Settings → Consents, or email privacy@thehywing.com).
We take the protection of your health information seriously:
On Android, TheHyWing integrates with Health Connect to read selected wearable measurements only after you grant permission. We request read-only access and do not write any records to Health Connect.
Health Connect data types we request (read-only):
Why we access these data types: to compute your personalized physiological strain signal (heat/cold body stress), generate preventive actions, trigger high-risk alerts, and improve clinician decision-support during authorized consultations.
Minimum scope commitment: we request only the Health Connect data types required for the user-facing safety and preventive-health features described above. We do not request unrelated Health Connect permissions.
Sharing and limited use: Health Connect data is not sold and is not used for advertising, credit scoring, lending, or data brokerage. We only share health data with parties you authorize (for example, licensed clinicians in your consultation flow), or when legally required.
Your control: you can revoke Health Connect permissions anytime in Android Settings → Health Connect → App permissions → TheHyWing, and you can request deletion of your stored data from within the app (Settings → Consents) or by emailing privacy@thehywing.com.
We do not sell your personal information. We share data only in these circumstances:
AI Disclosure: TheHyWing uses AI (OpenAI GPT models) for symptom assessment, daily health tips, work schedule safety guidance, and personalized agricultural recommendations (Farm Intel).
Limitations: AI outputs are informational only — not medical diagnosis, prescription, or treatment. AI-generated agricultural guidance is advisory and does not guarantee crop yields or livestock outcomes. AI results are not reviewed by a clinician or agronomist in real-time. The AI may produce inaccurate results. Always consult qualified professionals. In emergencies, contact your local emergency services.
We implement industry-standard security measures:
Depending on your jurisdiction, you have the following rights:
To exercise any right, email privacy@thehywing.com. We respond within 30 days.
We retain your information for as long as your account is active or as needed to provide services. Health records may be retained for longer periods to comply with medical record-keeping requirements.
TheHyWing is not intended for users under 18 years of age. We do not knowingly collect information from children under 18.
In the event of a breach posing a risk to your rights, we will notify the relevant supervisory authority within 72 hours (GDPR/NDPA) and notify affected users without undue delay. Our breach response process includes:
Your data may be processed in countries other than your own. We use the following sub-processors:
| Sub-Processor | Purpose | Location | Data Shared |
|---|---|---|---|
| Render | Cloud hosting (API & database) | United States | All application data (encrypted at rest) |
| OpenAI | AI symptom assessment & farm advice | United States | Anonymised symptom text only (no PII) |
| Expo (EAS) | Push notification delivery | United States | Device push tokens & notification content |
| Meta (WhatsApp) | WhatsApp bot messaging | United States | Phone number & message content |
| Paystack | Payment processing (PCI DSS) | Nigeria | Payment data only |
| WeatherAPI / Open-Meteo | Weather data | UK / EU | GPS coordinates only |
| Brevo | Email delivery | EU | Email address & notification content |
| Netlify | Landing page hosting | United States | No personal data (static site) |
We ensure appropriate safeguards for cross-border transfers including Standard Contractual Clauses (SCCs), Data Processing Agreements (DPAs) with each sub-processor, and encryption of all data in transit (TLS 1.2+) and at rest (AES-256). PHI (Protected Health Information) is encrypted before leaving our application layer and is never sent to sub-processors in plaintext.
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.
EEA (GDPR): Data portability, right to object, lodge complaints with your local DPA. USA (CCPA): Right to know, delete, opt out — we do not sell data. Nigeria (NDPA 2023): Consent-based processing, breach notification, correction/deletion. India (DPDP 2023): Consent management, data erasure, representative nomination.
For privacy questions or data requests:
Data Protection Officer: privacy@thehywing.com
General Support: support@thehywing.com
Website: thehywing.com
© 2025-2026 TheHyWing. All rights reserved.