Yanmu

Privacy Policy

Last updated: May 28, 2026

Who we are

Yanmu ("we", "us", or "our") operates a healthcare coordination platform that connects mothers and pediatric doctors. This Privacy Policy explains how we collect, use, store, and share personal information when you use the Yanmu mobile app, doctor web portal, and related services (collectively, the "Service").

Contact: [email protected]

Information we collect

We collect information you provide and data generated through your use of the Service, including:

  • Account and identity: phone number (used for sign-in via one-time passcode), profile details for mothers and doctors, and role information.
  • Child health information: child profiles, growth and vaccination records, clinical notes, prescriptions, milestones, mood check-ins, and attachments you or your care team upload.
  • Communications: messages, voice notes, and images shared in care conversations between connected mothers and doctors.
  • Scheduling: appointment requests, availability, and related scheduling metadata.
  • Device and technical data: device identifiers, push notification tokens, app version, and general usage metadata needed to operate and secure the Service.
  • Analytics: limited product analytics (for example, screen views and performance signals). Conversation and child record screens are treated as private routes and excluded from routine screen and page analytics. We do not use session replay.

How we use information

We use personal information to:

  • Provide and operate the Service, including authentication, care coordination, messaging, records, and appointments.
  • Send service-related notifications (for example, new messages or appointment updates) when you enable push notifications.
  • Maintain security, prevent abuse, enforce rate limits, and investigate incidents.
  • Improve reliability and usability through aggregated or de-identified analytics where permitted.
  • Comply with legal obligations and respond to lawful requests.

Legal bases (where applicable)

Depending on your location, we process personal information based on one or more of: performance of a contract (providing the Service), legitimate interests (security, product improvement), consent (where required, for example optional analytics), and legal obligation.

Storage and security

Data in transit is protected with industry-standard TLS (HTTPS).

Sensitive health-related fields (such as message bodies, record details, mood notes, and intake summaries) are encrypted at rest on our servers using AES-256-GCM before storage in our database.

On mobile devices, session credentials are stored using the platform secure store (Keychain on iOS, Keystore on Android) with device-only accessibility where supported.

We apply access controls, audit logging for protected health access on the server, and rate limiting on authentication and write endpoints. No method of transmission or storage is completely secure; we work to protect your information using reasonable safeguards.

How we share information

We do not sell your personal information. We share information only as described below:

  • With your care team: mothers and connected doctors can see information needed for coordinated care (for example, shared records and messages within an active care connection).
  • Service providers: hosting, database, object storage, SMS delivery for sign-in codes, push notification delivery (Apple/Google via Expo), and analytics (PostHog, EU-hosted ingestion proxied through our API origin where configured).
  • AI intake assistant (when enabled): optional intake flows may send redacted conversation context to OpenAI to generate structured summaries; direct identifiers are stripped before transmission. You should not rely on AI output as medical advice.
  • Legal and safety: when required by law, to protect rights and safety, or to enforce our terms.

Analytics

We may use privacy-oriented analytics to understand how the Service is used. We do not record or replay user sessions. Conversation and child record areas are configured as private routes: screen and page analytics are suppressed on those paths. Before enabling analytics in production, we align vendor settings (for example, disabling broad autocapture and session replay) and data processing agreements with our posture.

You can contact us if you have questions about analytics or wish to exercise choices available in your region.

Retention and deletion

We retain information for as long as your account is active and as needed to provide the Service, comply with law, resolve disputes, and enforce agreements. Clinical access may be logged for compliance investigations according to our internal retention practices.

You can sign out and revoke active sessions from the app or portal where available. To request account deletion or export of your data, contact [email protected]. We will verify your request and respond according to applicable law.

Children's information

Yanmu is designed for parents and guardians to manage their children's health information with connected clinicians. The Service is not directed at children to create their own accounts. A parent or legal guardian provides and controls child profile data.

Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, or port your personal information, and to object to certain processing. To exercise these rights, email [email protected]. We may need to verify your identity before fulfilling a request.

International users

We may process and store information in countries where we and our service providers operate. By using the Service, you understand that your information may be transferred to jurisdictions that may have different data protection rules than your home country, with appropriate safeguards where required.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the "Last updated" date. Material changes may be communicated through the Service or by email where appropriate.