Legal

Privacy Policy

Effective date: 13 April 2026

Last updated: 13 April 2026

NesChade Global Ltd ("NesChade", "we", "us", or "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, and the rights you have — whether you visit our website, use our product Cliniqa, or engage us for a custom software or AI engagement. We operate under the Nigeria Data Protection Act 2023 (NDPA).

Who we are
Scope of this policy
Information we collect
How we use your information
Legal basis
How we share information
Third-party service providers
Data retention
Security
Your rights under the NDPA
Children
International data transfers
Cookies and website analytics
Changes to this policy
Contact us

1. Who we are

NesChade Global Ltd is a Nigerian company registered with the Corporate Affairs Commission. We build focused AI products for the Nigerian market. Our flagship product, Cliniqa, is an AI-powered mobile application that helps users interpret laboratory test results. We also provide selective custom software and AI automation services to businesses.

For the purposes of the NDPA, NesChade Global Ltd is the data controller of the personal data processed through our website and products.

2. Scope of this policy

This policy applies to:

Our website at neschadeglobal.com and any of its pages.
Our product Cliniqa (mobile application and its web surfaces, including cliniqa.cloud).
Interactions with us over email, contact forms, or business engagements.

This policy does not apply to third-party websites or services we link to. You should review their privacy policies separately.

3. Information we collect

3.1 Information you provide directly

Account information (when you create a Cliniqa account or contact us): your name, email address, phone number where applicable, and a password hash.
Lab report content (Cliniqa only): photographs or uploads of laboratory test results that you submit for interpretation. These may include personal and health-related information such as patient name, test values, and reference ranges.
Inquiries and project details: information you send us through the contact form, email, or during a business engagement.

3.2 Information collected automatically

Device and technical information: device model, operating system, app version, language settings, and general diagnostic data needed to keep the product working.
Usage information: how you interact with Cliniqa (for example, which features you use), for the purpose of improving the product.
Approximate location (Cliniqa only, with your consent): used to surface nearby pharmacies and laboratories via the in-app map feature. You can decline this permission and still use the rest of the app.
Website analytics: aggregate visitor statistics (pages viewed, approximate location, referral source). See the Cookies section below.

3.3 Sensitive personal data

Lab test results are considered sensitive personal data under the NDPA because they relate to health. We treat this category of information with additional care, process it only for the purposes described in this policy, and rely on your explicit consent to do so.

4. How we use your information

We use the information we collect to:

Provide and operate Cliniqa — including reading your lab report with OCR, interpreting values with AI, and returning plain-language explanations and recommendations.
Maintain your account and remember your previous interpretations so you can track trends over time.
Surface nearby pharmacies and laboratories when you use the map feature.
Respond to your inquiries and deliver custom software or AI engagements you have contracted us for.
Monitor product health, fix bugs, prevent abuse, and improve accuracy of AI interpretations.
Comply with our legal obligations under Nigerian law.

We do not use your lab results, health data, or personal data to train third-party AI models for unrelated purposes, and we do not sell your personal data to anyone.

5. Legal basis for processing

Under the NDPA, we rely on the following lawful bases:

Consent — for processing lab report content, health data, location, and for sending optional communications.
Contract — where processing is necessary to deliver a service you have signed up for (for example, your Cliniqa account or a consulting engagement).
Legitimate interest — for keeping our products secure, preventing fraud, and making operational improvements, provided those interests do not override your rights.
Legal obligation — where we must process or retain information to comply with applicable law.

We share personal data only in these limited circumstances:

With trusted third-party service providers who process data on our behalf under written agreements (see next section).
When required by law, a court order, or a lawful request by a Nigerian authority.
In connection with a business transaction such as a merger, acquisition, or sale of assets, in which case we will notify affected users in advance.
With your explicit consent, for any other purpose disclosed to you at the time.

7. Third-party service providers

We use a small number of reputable service providers to run our infrastructure and deliver Cliniqa's AI features. These providers only process data on our instructions and are bound by confidentiality and data protection obligations.

Categories of providers we use include:

Cloud hosting and storage providers for the website, Cliniqa backend, and user data storage.
OCR and AI / large language model providers used to read lab report images and generate interpretations.
Map and location services (for example, Google Maps) for the pharmacy and lab finder.
Email and communication services used to respond to you and to send service-related notices.
Analytics services used to understand aggregate usage of our website and app.

A current list of named processors and their roles is available on request by emailing contact@neschadeglobal.com.

8. Data retention

We keep personal data only for as long as we need it:

Account information: kept for as long as your Cliniqa account is active. If you delete your account, we remove it within 30 days, except where we are legally required to retain certain records.
Lab report content and interpretations: stored in your account so you can access them later. You can delete any individual entry from within the app at any time. Deleted entries are removed from our active systems within 30 days.
Inquiries and business correspondence: retained for up to 3 years for service continuity and tax or legal recordkeeping.
Website analytics: aggregated and non-identifying, retained for up to 24 months.

9. Security

We use reasonable administrative, technical, and organisational safeguards to protect personal data in our custody, including encryption in transit, access controls, and the principle of least privilege for staff. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security — but we commit to promptly investigating and notifying affected users of any confirmed data breach in accordance with the NDPA.

10. Your rights under the NDPA

Under the Nigeria Data Protection Act 2023, you have the right to:

Access the personal data we hold about you.
Correct inaccurate or incomplete information.
Delete your personal data ("right to erasure"), subject to legal exceptions.
Object to, or restrict, certain types of processing.
Withdraw consent at any time where we rely on consent as the legal basis.
Portability — receive your personal data in a structured, commonly used format.
Lodge a complaint with the Nigeria Data Protection Commission (NDPC) if you believe your rights have been violated.

To exercise any of these rights, email us at contact@neschadeglobal.com. We will respond within the timeframes required by the NDPA.

11. Children

Cliniqa and our website are intended for users 18 years of age or older. We do not knowingly collect personal data from anyone under 18 without the consent of a parent or legal guardian. If you believe a child has provided personal data to us, please contact us and we will delete the information promptly.

12. International data transfers

Some of our service providers (for example, cloud hosting or AI providers) may process data outside Nigeria. Where this happens, we rely on contractual and technical safeguards to ensure your data receives a level of protection consistent with the NDPA. By using our products, you understand that your information may be processed in jurisdictions outside Nigeria.

13. Cookies and website analytics

Our website uses a minimal set of cookies and similar technologies to keep the site working and to understand aggregate visitor behaviour. We do not use advertising cookies and we do not track you across other websites. You can disable cookies in your browser settings; most of the site will continue to work normally.

14. Changes to this policy

We may update this Privacy Policy from time to time as our products evolve or as the law requires. When we make a material change, we will update the "Last updated" date at the top of this page and, where appropriate, notify you through Cliniqa or by email. We encourage you to review this page periodically.

15. Contact us

If you have any questions, concerns, or requests about this Privacy Policy or how we handle your personal data, please contact us:

Email: contact@neschadeglobal.com
Company: NesChade Global Ltd, Nigeria

You may also contact the Nigeria Data Protection Commission (NDPC) if you believe your rights under the NDPA have been violated and we have not addressed your concern.