YilaCare Legal

Privacy Policy

Last updated: May 24, 2026

Yila Technology Pte Ltd ("YilaCare", "we", "us", or "our") operates the YilaCare mobile application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.

1. Information We Collect

Personal Information: Name, date of birth, gender, nationality, identification number (NRIC/FIN/Passport), phone number, and email address.

Health Information: Medical records, consultation history, prescriptions, medical certificates, lab results, and health screening data.

Device Information: Device type, operating system, unique device identifiers, and mobile network information.

Location Data: With your consent, we collect location data to show nearby clinics and enable relevant services.

2. How We Use Your Information

We use your information to:

  • Provide and maintain our healthcare services
  • Process appointments, queue requests, and telemedicine consultations
  • Manage your family members' healthcare under your account
  • Send appointment reminders and health notifications
  • Process payments and maintain transaction records
  • Improve our services and user experience
  • Comply with legal and regulatory requirements

3. Data Sharing

We share your information only with:

  • Healthcare providers: Clinics and doctors you choose to consult with, limited to information necessary for your care
  • Payment processors: To process your transactions securely
  • Service providers: Third-party services that help us operate our platform (cloud hosting, SMS delivery)
  • Legal authorities: When required by law or regulation

We do not sell your personal or health information to third parties.

4. Data Security

We implement industry-standard security measures including:

  • End-to-end encryption for sensitive data
  • Secure HTTPS/TLS 1.3 for all communications
  • Encrypted storage for identification numbers and medical records
  • Regular security audits and monitoring
  • Access controls and audit logging

5. Data Retention and Deletion

We keep your data only for as long as your account is active or as needed to provide our services. Specific retention periods are:

  • Account and profile data (name, ID number, phone, email, addresses, emergency contacts): kept while your account is active and removed when you delete your account.
  • Medical records, prescriptions, and medical certificates: retained for at least 6 years as required by Singapore Ministry of Health (MOH) regulations (longer for paediatric records). After account deletion these are kept without any identifier linking them to you.
  • Payment and billing records: retained for 5 years for accounting and tax compliance.
  • Anonymized analytics: retained indefinitely in a form that cannot identify you.

You can delete your account and associated personal data at any time, directly in the app: tap your profile avatar (top-right of the home screen), scroll to the bottom, tap 'Delete my account', and confirm. Your account is removed immediately. If you cannot access the app, email support@yilamed.com and we will process the deletion within 30 days, in line with Singapore's PDPA.

For step-by-step instructions and full details of what is deleted, see our Account Deletion page.

6. Your Rights

Under the Personal Data Protection Act (PDPA) of Singapore, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Withdraw consent for data collection
  • Request deletion of your data
  • Request transfer of your data

7. Children's Privacy

Our services are available to users aged 12 and above. For users under 18, a parent or guardian must manage their account through the Family Management feature.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy in the app and updating the "Last updated" date.

9. Contact Us

If you have questions about this Privacy Policy, please contact us: