This Privacy Policy governs the collection, use, disclosure, and protection of personal and health-related information by CMH Group ("we", "us", or "our") in connection with your use of the Hyu! mobile application ("App", "Service", or "Hyu!") on Android and iOS devices, the Hyu! Console web-based management platform, and the hyu.cmhgroup.id website (collectively, the "Service").
Hyu! is a comprehensive digital health platform designed to empower users through personalized health tracking, secure data management, and seamless integration with device-level health systems. We prioritize transparency, user control, and compliance with global and local privacy regulations including Indonesia's Personal Data Protection Law (UU PDP), GDPR, and applicable app store policies.
1. Information We Collect
1.1 Account and Profile Information
When you register or log in, we collect:
- Name and contact details (encrypted)
- Identity number (encrypted)
- Date of birth, gender, and demographic information
- Emergency contact details
- Residential address (encrypted)
- Health information such as blood type
- Username and password (password securely hashed)
- Profile photo (stored securely on our servers)
Note: We do not store credit or debit card numbers. All payments are processed through secure payment processors.
1.2 Health and Medical Data
Hyu! may access health metrics stored on your device through the operating system's native health platform. This includes health information you choose to share, such as physical activity, vital signs, body metrics, sleep data, and other health records.
This data is used solely for personal health tracking within the app. Access requires your explicit permission via the operating system's consent screen. You can revoke access at any time from your device settings.
1.3 Biometric Verification Data (KYC / Liveness Detection)
To comply with clinical and regulatory requirements, we offer identity verification (KYC). When you verify your identity, we collect:
- Liveness selfie photo: Captured via face detection technology. Used solely to verify you are a real person.
- NIK (National Identity Number): Cross-referenced with national records for identity matching.
- Verification status: Whether your identity has been successfully verified.
Liveness images are stored encrypted on our servers. They are not used for facial recognition or any purpose beyond identity verification. You may choose not to verify, though some features (e.g., booking medical appointments) will be unavailable.
1.4 Device and Sensor Data (With Your Permission)
With your explicit consent, we may access camera, location, and other device features only with your permission. You can enable or disable these at any time through your device settings. We only collect data that you intentionally provide or share through these features.
1.5 Usage, Device, and Diagnostic Data
We automatically collect non-sensitive data to improve performance and reliability:
- Device model, OS version, and screen resolution
- Device brand and manufacturer (for troubleshooting)
- IP address, browser type (for web interactions)
- App usage patterns: feature engagement, session duration, navigation flow
- Crash reports and error logs (via crash reporting tools)
1.6 Advertising Data
To support free access to Hyu!, we display non-personalized advertisements via our advertising partners:
- Advertising ID: A resettable, anonymous device identifier used for frequency capping and reporting
- Ad interactions: Whether an ad was viewed, clicked, or dismissed
- Contextual data: Ad content is based on the current screen context, not on your health data or browsing history
Note: We do not share health data with ad networks. Subscribing to Hyu! Pro removes all advertisements entirely.
1.7 Alarm and Reminder Settings
You can set recurring or one-time health reminders (e.g., take medication, measure blood pressure). These settings are stored securely on our servers and synced across your devices.
1.8 Family and Relationship Data
If you add family members or dependents to your account, we store: name, relationship type (e.g., "Ibu", "Ayah", "Anak"), custom labels, age, and shared health goals (with consent).
1.9 Corporate / Employer Health Data
If you participate in a corporate health program (e.g., corporate MCU), we collect: corporate ID, employee ID (NIP, encrypted with blind index), corporate email, MCU test results, lab test history, and diagnosis data.
1.10 AI Chatbot Interactions (Aurora AI)
When you interact with our AI health assistant, we collect your chat messages, AI-generated responses, risk level assessments, and feedback ratings. You will be asked for explicit consent before your first chat interaction. Chat data is used to improve the AI's accuracy and relevance.
1.11 Referral Program Data
If you participate in our referral program, we collect your referral code, the username of the person who referred you, and referral redemption history for points and rewards.
1.12 Support and Feedback Communications
When you submit feedback, bug reports, or support tickets, we collect your name, contact info, message content, attachments/screenshots, device information for troubleshooting, and ticket resolution history.
1.13 Payment and Transaction Data
Payments are processed through secure payment processors. We store transaction records (invoice ID, amount, payment method type, status, date) but do not store full credit card numbers, CVV, or bank account details. Bank account info for healthcare provider payouts is stored encrypted.
1.14 WhatsApp Communication Data
With your consent, we may send service notifications via WhatsApp: MCU session invitations, appointment reminders, marketing broadcasts (opt-in, opt-out anytime), and pharmacy order updates.
2. How We Use Your Information
Your data enables us to deliver a personalized, secure, and intelligent health experience across the Hyu! ecosystem:
2.1 Service Delivery & Personalization
- To create and manage your account across the mobile app and web console
- To display real-time health dashboards and lifetime progress tracking
- To sync physical activity and vital signs from your device automatically via supported health platforms
- To process MCU (Medical Check-Up) registrations, results, and corporate health reports
- To facilitate clinic queue management, appointment booking, and BPJS Kesehatan integration
- To enable telemedicine consultations with healthcare professionals
- To process pharmacy orders, cart management, and prescription verification
2.2 Communication & Notifications
- To provide timely reminders based on your schedule and health profile (medication, appointments, etc.)
- To send appointment confirmations, queue status updates, and service notifications
- To deliver marketing and promotional communications (with opt-in consent; opt-out available at any time)
- To respond to support tickets, feedback submissions, and inquiries
- To send WhatsApp notifications for MCU sessions, order updates, and broadcasts (opt-in only)
2.3 Security, Analytics & Improvement
- To verify your identity through KYC/liveness detection for clinical compliance
- To authenticate users and protect accounts from unauthorized access
- To analyze trends in anonymized form for research and service improvement
- To diagnose technical issues and fix bugs via crash reporting
- To load non-personalized ad content to support free app access
- To prevent duplicate entries of health data and fraud
2.4 AI-Powered Features
- To power the Aurora AI health assistant for symptom triage and health information
- To analyze chat conversations to improve AI response accuracy (with consent)
- AI responses are for informational purposes only and do not constitute medical advice
Note: We do not use health data for advertising, behavioral profiling, or sale to third parties. All monetization (e.g., Pro features, ads) is decoupled from personal health information.
3. Data Storage and Security
We take the security of your data seriously. All sensitive data is stored on secure servers located in Indonesia, with multiple layers of protection:
3.1 Encryption Standards
- Data in transit: Industry-standard encryption for all network communications
- Data at rest: Strong encryption for sensitive personal data fields (name, address, NIK, phone, email, etc.)
- Passwords: Securely hashed and salted
- Searchable fields: Sensitive searchable fields use additional encryption to prevent unauthorized internal access
3.2 Access Control
- Authentication: Secure login with session management
- Two-Factor Authentication (2FA): Optional for enhanced account security
- Role-Based Access Control (RBAC): Strict role-based permissions for clinic staff and administrators
- Encrypted API keys for clinic-to-server communications
3.3 Infrastructure Security
- Regular security audits and vulnerability assessments
- API protection measures to prevent unauthorized access
- Screen protection to prevent app content capture on sensitive screens
- Encrypted daily backups with retention policies
- Compliance with Indonesian health data standards and PDP (UU PDP)
4. Data Sharing and Disclosure
We do not sell, rent, or trade your personal or health data. We may share information only under these specific conditions:
- With Your Consent: Sharing health reports with doctors, clinics, or family members at your explicit direction.
- Healthcare Providers: When you book appointments or undergo MCU, relevant data is shared with the clinic or hospital for service delivery.
- BPJS Kesehatan: For insurance eligibility verification and claim processing through the PCare bridging system.
- Service Providers: Hosting, analytics, payment processing, and support partners bound by strict data protection agreements.
- Legal Compliance: When required by law enforcement or regulatory bodies (e.g., Kominfo, Kemenkes, BPJS).
- Business Transfers: In case of merger, acquisition, or asset sale, with notice and continued protection.
- Public Health: Aggregated, anonymized data may be shared for epidemiological research (opt-in only).
We do not share health data with advertising networks or data brokers.
5. Third-Party Integrations
Hyu! integrates with several external platforms to deliver its full range of features:
5.1 Current Integrations
- Google Sign-In: For secure authentication. We receive basic profile info (name, email, avatar) only with your explicit consent.
- Health Platforms: For automatic sync of fitness and health data. You control access at the OS level and can revoke data types individually.
- Analytics & Crash Reporting: For app usage analytics and crash reporting. Data is anonymized and aggregated.
- Push Notifications: For sending notifications across Android and iOS devices.
- Advertising Partners: For non-personalized advertisements in the free version of the app.
- Remote Configuration: For dynamic feature management and A/B testing.
- Secure Payment Processors: For secure payment processing. No card data stored on our servers.
- Real-Time Services: For real-time queue updates and notifications.
- WhatsApp: For sending service-related notifications with opt-in consent.
- AI Platform: For powering the Aurora AI health assistant chatbot.
5.2 BPJS Kesehatan Integration
Hyu! acts as a technical bridge to BPJS Kesehatan's system for:
- Patient registration for BPJS participants
- Insurance eligibility verification
- Queue management and appointment scheduling for BPJS-covered services
We only transmit data required by BPJS for these specific operations. We do not store BPJS authentication credentials in plain text.
5.3 SatuSehat / FHIR Integration (Future)
Hyu! is built with industry health data standards for future interoperability with Indonesia's national health platform. When enabled, health data exchange will occur only with your explicit consent.
6. Your Rights and Control
We respect your privacy rights under Indonesia's Personal Data Protection Law (UU PDP) and applicable international standards. You have the following rights regarding your data:
| Right | Description | How to Exercise |
|---|---|---|
| Right to Access | View all personal and health data stored in your account | Profile page in app or contact us |
| Right to Rectification | Update inaccurate or outdated information | Edit profile in app settings |
| Right to Deletion | Request deletion of your account and associated data | Contact support; data removed within 30 days (subject to legal holds) |
| Right to Restrict Processing | Limit how we use your data | Adjust privacy settings in app |
| Right to Data Portability | Export your health history in standard formats | JSON/CSV export via app settings |
| Right to Withdraw Consent | Revoke permissions granted (camera, location, health data) | Device settings |
| Right to Opt Out | Disable non-essential communications or ad personalization | Notification settings or cookie preferences |
| Right to Object | Object to processing of your data for specific purposes | Contact our Data Protection Officer |
7. Data Retention
We retain your data only as long as necessary to provide our services and comply with legal obligations:
- Active accounts: Retained until you request deletion or after 3 years of inactivity
- Deleted accounts: Soft-deleted for 30 days (recovery window), then permanently purged
- Health data (MCU, lab results): Retained per Indonesian health record retention laws
- Transaction records: Retained for 5 years for tax and audit compliance
- Logs and diagnostics: Up to 1 year for troubleshooting
- Backup archives: Encrypted and retained per data retention policies; purged within 90 days of deletion
- Chat/AI interaction logs: Anonymized after 90 days
8. Children's Privacy
Hyu! is not intended for children under 13 years of age. We do not knowingly collect personal data from minors without verifiable parental consent. If you believe a child has provided us with personal data without parental consent, please contact us immediately so we can delete the information.
For users aged 13-17, accounts must be created and managed by a parent or legal guardian under the "Family Member" profile feature.
9. International Data Transfers
Your data is primarily stored and processed on servers located in Indonesia. If you access Hyu! from outside Indonesia, your data may be processed in jurisdictions with equivalent data protection standards. We ensure appropriate safeguards, including Standard Contractual Clauses (SCCs) where applicable, for any cross-border data transfers to third-party service providers.
By using our Service, you consent to the transfer of your data to our servers in Indonesia and to third-party service providers located in other jurisdictions, as described in this policy.
10. Cookies and Tracking Technologies
We use cookies, local storage, and similar technologies to enhance your experience, authenticate sessions, and analyze usage. For detailed information about the types of cookies we use, why we use them, and how you can manage your preferences, please see our dedicated Cookies Policy.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in technology, regulations, or our services. When we make material changes:
- We will update the "Last Updated" date at the top of this page
- We will notify you via in-app notification, email (if you have provided one), or a prominent notice on our website
- We will seek your renewed consent where required by applicable law
Continued use of Hyu! after the effective date of any changes constitutes your acceptance of the revised policy. We encourage you to review this page periodically.
12. Contact Us
If you have any questions, requests, or complaints regarding your privacy or this policy, or wish to exercise any of your data protection rights, please contact our Data Protection Officer:
CMH Group - Data Protection Office
Email: info@cmhgroup.id
Web: hyu.cmhgroup.id
Address: Surabaya, East Java, Indonesia
"Thank you for trusting Hyu! with your health journey." - Hyu! Team