Last updated: 12 April 2026
BASEERA (“we”, “us”, or “our”) operates the outbreak intelligence platform available at baseera.health. This Privacy Policy explains how we collect, use, protect, and share information when you use our Service.
BASEERA is designed for humanitarian and public-health response in low-resource settings. We take the privacy of patients, field workers, and organizations seriously, and we follow the principle of data minimization: we only collect what is necessary to support outbreak response.
When you sign up, we collect your name, email address, organization name, and role (Admin, Coordinator, Field Collector, or Viewer). Authentication is handled by Supabase Auth.
When you use BASEERA as part of an outbreak response, you may enter data about cases, contacts, water sources, community alerts, and events. This data may include personally identifiable health information about patients and contacts. This information is stored in an encrypted database (Supabase PostgreSQL) with row-level security enforcing organization-scoped access.
We automatically collect standard server logs (IP address, browser user agent, timestamps) for security and debugging. We do not use tracking cookies or third-party analytics that identify individual users.
We do not sell your data, use it for advertising, or share it with third parties except as described in this policy.
We share information only with:
All data is transmitted over HTTPS and stored in an encrypted database. Access is controlled by row-level security policies that enforce organization-scoped permissions. Passwords are hashed using industry-standard algorithms. We follow the principle of least privilege for administrative access.
Active accounts retain data indefinitely. If you delete your account or organization, all associated data is permanently deleted within 30 days. You may request an export of your organization's data at any time by emailing support.
Depending on your jurisdiction (GDPR, CCPA, etc.), you may have rights to access, correct, delete, or export your personal data. To exercise any of these rights, email hello@baseera.health.
BASEERA is used to track disease outbreaks that may include identifiable health information about patients. Organizations using BASEERA are responsible for obtaining appropriate consent and following applicable health privacy regulations in their jurisdiction (e.g., national health laws, WHO guidelines, humanitarian data protection principles).
We recommend that users follow the principles of the IASC Operational Guidance on Data Responsibility in Humanitarian Action.
BASEERA is intended for professional use by health workers and public-health officials. We do not knowingly collect information from children under 16 directly through the Service. Patient records may include minors as subjects of case reports — this is handled through organizational consent processes, not direct collection from children.
We may update this Privacy Policy. We will notify users of material changes via email and by posting the new policy on this page with an updated date.
For questions about this Privacy Policy or our data practices:
hello@baseera.health