Infinity Medical Concierge (Refuah Medical Services Proprietary Limited)
Last updated: 24 February 2026
This Privacy Policy explains how Infinity Medical Concierge collects, accesses, uses, stores, shares, and protects Personal Information and Health Data when you use our platform, including our mobile app, patient portal and wearable monitoring services.
For purposes of this Privacy Policy:
Personal Information has the meaning set out in POPIA and includes information relating to an identifiable person.
Special Personal Information includes health-related information as contemplated in POPIA.
Health Data means health and fitness related data obtained from your wearable device(s), supported health apps and, where applicable, Android Health Connect.
Processing means any operation concerning Personal Information (including collection, receipt, recording, storage, updating, retrieval, use, sharing, and deletion).
Platform includes our mobile app, call centre, patient portal and health information storage system.
Service Providers are third parties who process data on our behalf to help provide the Platform and services.
Infinity Medical Concierge is the Responsible Party for Processing your Personal Information when you use our Platform.
If you have questions or requests, contact us at: concierge@infinity-mc.com (or the contact details listed on our Contact Us page).
We collect and access different categories of data depending on the services you use.
- Contact details (for example name, email, phone number)
- Account identifiers and membership information
- Communications with us (for example call centre or support)
- Device and app information (for example app version, device identifiers, crash logs)
If you connect wearables or Health Connect and grant permission, we may access and collect the following Health Data types (subject to what you enable in Health Connect and what your device provides):
- Sleep sessions and sleep duration
- Sleep stages where available
- Respiratory rate
- Oxygen saturation
- Height
- Weight
- Derived measures such as BMI (calculated from height and weight)
- Heart rate
- Resting heart rate
- Steps
- Distance
- Floors climbed
- Exercise and workouts
- Active calories burned
- Total calories burned
If you grant the Android permission android.permission.ACTIVITY_RECOGNITION, we may detect and record physical activity signals (for example walking, running, cycling and movement trends) as provided via the ROOK SDK, to support our wellness monitoring features. This data is not used for advertising.
If you enable background syncing and grant Health Connect background access, we may periodically read Health Data (for example daily) so your summaries and insights stay up to date without requiring you to open the app.
We use Personal Information and Health Data to:
- Provide the Platform and member services
- Display your health summaries (Sleep, Body and Physical summaries)
- Monitor wellness trends and generate personalised insights, alerts and recommendations
- Support proactive outreach when patterns may indicate a potential health concern
- Maintain security, prevent fraud, and troubleshoot issues
- Comply with legal obligations
We process your Personal Information and Special Personal Information:
- With your consent (including explicit consent for Health Data where required), and
- Where necessary to provide the services you request, and
- Where required to comply with law.
You can withdraw consent at any time by disconnecting Health Connect, disabling background sync, or contacting us. Withdrawal may limit the services we can provide.
We do not sell your Personal Information or Health Data.
We may share limited data with Service Providers and partners strictly to provide services to you, including:
We use ROOK as a third-party platform to connect to and retrieve Health Data from your wearables and supported health apps, and to provide it to Infinity Medical Concierge.
We may use OpenAI to analyse Health Data to support monitoring services, including identifying causes for concern and generating insights and notifications. Where possible, we limit the personal identifiers shared with analytics providers and apply safeguards appropriate to the service.
Where you authorise access, your Health Data and related information may be accessible to healthcare professionals involved in your care through our Platform and associated services. In emergencies, authorised personnel may access relevant health records to assist in care.
We may disclose information if required by law, court order, or to protect rights, safety, and security.
Your data may be processed or stored in jurisdictions outside South Africa where our Service Providers operate. Where we transfer data internationally, we take reasonable steps to ensure appropriate protections are in place.
We retain Personal Information and Health Data for as long as necessary to:
- Provide services to you
- Maintain continuity of your membership record
- Comply with legal, regulatory, and contractual obligations
- Resolve disputes and enforce our agreements
When data is no longer required, we delete it or de-identify it, unless we must retain it for lawful purposes.
We take reasonable technical and organisational measures to protect your Personal Information and Health Data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. No system can be guaranteed 100 percent secure, but we continually work to improve protections.
You can control which Health Data types you share and can revoke access at any time in Android Health Connect settings. We also aim to provide a “Manage access” link in-app to take you to Health Connect permission management.
You can disable background sync in the app. If disabled, your Health Data may only update when you open the app or manually sync.
Subject to applicable law, you may request access to, correction of, deletion of, or a copy of your Personal Information and Health Data by contacting us.
Our services are intended for adults and membership-based users. If we learn that we have collected Personal Information from a child without appropriate authorisation, we will take steps to delete it.
We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the Platform or via other reasonable means. Continued use of the Platform after an update indicates acceptance of the revised policy.
For privacy questions or requests, contact: concierge@infinity-mc.com.
© 2025 Infinity Medical Concierge. All rights reserved.
