Neovestx Pte Ltd | Neovestx Solutions Private Limited | Affiliates
Last Updated: January 2026
This Privacy Policy describes how Neovestx Pte Ltd, Neovestx Solutions Private Limited, and their affiliates (“Neovestx”, “we”, “us”) process personal data in connection with our products and services, including:
Neoflow - the application you are accessing is not a Neovestx direct platform and hence terms related to Neovestx as a data processor will only apply.
This Privacy Policy applies to individual users, client organizations and their authorized users, providers and administrators, and services integrated with Meta Platforms or other third-party platforms. This policy is publicly accessible and forms part of the conditions for using Neovestx services and any Meta Platform integrations.
Neovestx shall act as the Data Controller only in cases where an individual user directly subscribes to or uses Neovestx services via a Neovestx-owned platform, and where the applicable terms and conditions explicitly identify Neovestx as the Data Controller.
Except for the limited scenarios described above, the authorized administrator or designated representative of the client organization shall be the Data Controller for all personal data processed through the relevant Neovestx product or service. In such cases, Neovestx acts solely as a Data Processor and/or technology provider and processes personal data only on documented instructions of the client organization.
Where the client organization is the Data Controller, all requests relating to personal data — including access, correction, deletion, restriction, retention, or portability — must be addressed to the authorized representative of the relevant organization.
Neovestx shall not be deemed a Data Controller solely by virtue of hosting, storing, transmitting, or processing data on behalf of a client, providing infrastructure or workflow tools, or integrating with Meta or other third-party platforms.
Personal data is processed solely for delivering and operating Neovestx services, facilitating patient–provider interactions, supporting provider workflows and decision support, sending service-related notifications, and complying with applicable legal, regulatory, and Meta Platform obligations.
Marketing or periodic communications are sent only where explicit opt-in consent has been obtained. Users may withdraw consent at any time using the unsubscribe mechanism provided. Withdrawal of consent does not affect essential or transactional communications. By accepting this Privacy Policy and the applicable terms, the user expressly opts in and consents to receive service-related communications and marketing or promotional messages from Neovestx, its affiliates, and authorized providers via WhatsApp or other messaging platforms associated with the mobile number provided. The user acknowledges that standard messaging rates may apply and that consent may be withdrawn at any time
Where Neovestx services integrate with Meta Platforms, personal data is processed strictly in accordance with Meta Platform Terms and Developer Policies. This Privacy Policy does not supersede, modify, or override Meta’s terms.
Personal data may be shared, disclosed, or made accessible strictly on a need-to-know basis and only for legitimate service-related purposes, including:
Neovestx does not disclose personal data to unrelated third parties for independent use.
Personal data is retained only for as long as necessary to fulfill the applicable service purpose or as required by law. Requests relating to retention, deletion, or correction must be directed to the applicable Data Controller.
Neovestx implements appropriate administrative, technical, and organizational safeguards consistent with industry standards and Meta requirements. No system can be guaranteed to be completely secure.
Where personal data is transferred across jurisdictions, such transfers occur under recognized legal mechanisms, including Standard Contractual Clauses and applicable international data transfer addenda.
Neovestx services are intended for use by adults only. By subscribing to, accessing, or using any Neovestx service or platform, the user represents and warrants that they are an adult under the legal definition applicable in their jurisdiction of domicile, possess full legal capacity, and are able to make independent decisions.
Where access is provided through a client organization, the user further confirms that they are a designated and authorized user of that organization and will use the services strictly in accordance with assigned roles and responsibilities.
This Privacy Policy may be updated from time to time. It is the user’s responsibility to review this Privacy Policy periodically. Neovestx shall deem continued access to or use of the services or platform as acceptance of the then-current Privacy Policy and applicable terms.
Email (mandatory): legal@neovestx.com
Written correspondence: Neovestx Pte Ltd, #02-01, 68 Circular Road, Singapore – 049422
Any written communication sent by post or courier must also be delivered via email.
When users visit Neovestx websites, certain information may be collected automatically, including IP address, browser type, device information, pages visited, and usage data. Neovestx uses cookies and similar technologies to operate websites, improve functionality, enhance user experience, and for security and analytics purposes.
Where required by applicable law, users will be presented with a cookie notice or consent mechanism. Users may manage cookie preferences through browser settings or provided controls. Disabling cookies may affect website functionality.
Neovestx services, platforms, systems, notifications, outputs, analytics, workflows, decision-support features, schedules, assignments, messages, alerts, recommendations, reports, and any information generated or transmitted through the system (collectively, “System Outputs”) are provided solely as support tools intended to assist administrators, department managers, providers, and authorized personnel in operational planning, scheduling, coordination, research, and administrative decision-making.
No System Output constitutes medical, clinical, diagnostic, therapeutic, or professional advice. Neovestx does not provide healthcare services, does not practice medicine, and does not replace the professional judgment, expertise, or decision-making of qualified healthcare professionals or authorized personnel.
System Outputs must not be relied upon as the sole basis for:
Users are solely responsible for independently verifying and cross-checking all assignments, schedules, notifications, messages, and information provided through Neovestx systems against official records, hospital systems, institutional systems, or by directly confirming with the relevant authorized personnel.
Neovestx shall not be responsible or liable for any consequences arising from blind, exclusive, or unverified reliance on System Outputs, including but not limited to missed duties, incorrect assignments, operational disruptions, patient outcomes, financial loss, reputational harm, or regulatory exposure.
To the maximum extent permitted by applicable law, Neovestx expressly disclaims all liability for any loss, damage, injury, claim, or proceeding arising out of or in connection with:
Nothing in this Privacy Policy or related terms shall be construed as creating any warranty, guarantee, fiduciary duty, medical duty of care, or assumption of professional responsibility on the part of Neovestx.
By accessing or using Neovestx services, and by accepting this Privacy Policy and the applicable terms, users and client organizations expressly acknowledge, represent, and agree that:
Where Neovestx provides services to or on behalf of a client organization, the institution in which you are having an employment or part time work arrangement , the client organization acts as the Data Controller (or equivalent role under applicable law) for personal data processed through the services, except where expressly stated otherwise.
By accepting this Privacy Policy and the applicable terms on behalf of a client organization, the individual doing so represents and warrants that they are duly authorized by the client organization to act as an authorized representative or authorized personnel for the purposes of data protection, service administration, and compliance obligations.
Authorized personnel are responsible, on behalf of the client organization, for:
Neovestx does not independently determine data retention, deletion, or modification decisions in such scenarios and acts solely on documented instructions from the authorized personnel of the client organization, except where required by applicable law.
The client organization may designate one or more individuals as authorized personnel through contractual arrangements, administrative controls within the platform, or other written or electronic communication means. Neovestx is not required to publicly disclose the identity of such authorized personnel but may provide this information upon reasonable enquiry to the extent necessary to address data protection requests or legal obligations.
Users who access Neovestx services through a client organization acknowledge and agree that requests relating to their personal data must be directed to the authorized personnel of their organization and that Neovestx shall not be responsible for the organization’s internal handling of such requests.
Acceptance of this Privacy Policy by users of a client organization does not, by itself, assign data controller responsibilities to such users unless they have been expressly designated as authorized personnel by the client organization.
Where personal data is processed subject to the Singapore PDPA, Neovestx acts as a data intermediary when providing services on behalf of a client organization. Consent may be obtained expressly or deemed in accordance with applicable law.
Where processing is subject to GDPR or UK GDPR, Neovestx acts as a Data Controller or Data Processor depending on the service context. Data subject rights apply as mandated by law and must be exercised against the applicable Data Controller.
Where local data protection laws apply outside Singapore, the EEA, or the United Kingdom, mandatory local legal requirements prevail only to the extent required.
Where personal data is processed in connection with individuals located in India, the Digital Personal Data Protection Act, 2023 applies.
Where Neovestx provides services directly to individuals, Neovestx acts as a data fiduciary. Where Neovestx provides services on behalf of a client organization, the client organization acts as the data fiduciary and Neovestx acts as a data processor.
Data principals may exercise rights under the DPDP Act by contacting the applicable data fiduciary. Nothing in this Annex expands Neovestx’s obligations beyond applicable law or contract.