Privacy Policy

Last updated: May 28, 2026

1. Introduction

Nemet is a digital platform developed by Mythology Labs SRL, designed to facilitate organization, communication, and follow-up between mental health professionals, practices, clinics, and their patients.

This Privacy Policy describes how we collect, use, store, protect, and share personal information processed through Nemet.

Nemet is primarily intended for mental health professionals and organizations. Patients access certain features only when invited or added by a professional or institution using the platform.

At Nemet, we value and respect the privacy of our users and of the patients whose information is managed through our platform. We are committed to processing personal information responsibly, securely, and only for the purposes necessary to provide the service.

2. Roles within the platform

To understand how information is processed within Nemet, it is important to distinguish the following roles:

Client

The independent professional, practice, clinic, institution, or company that purchases or uses Nemet to manage its professional or institutional activity.

Professional user

The psychologist, psychiatrist, mental health professional, practice administrator, or other user authorized by the Client to access and use the platform.

Patient

The person invited by a Client or Professional user to use certain Nemet features, such as answering forms, recording follow-up information, or accessing information shared by their professional.

The Client and/or Professional user is responsible for the professional relationship with their patients, for the information they decide to collect, upload, or request through Nemet, and for having the authorizations, consents, or legal bases required under applicable regulations.

3. Information we collect

When using Nemet, the following types of information may be collected or processed:

Account information

Information provided when creating, configuring, or using an account, such as:

  • Name
  • Email address
  • User identifier
  • Role or type of user within the platform
  • Information about the associated professional, practice, clinic, or institution
  • Information provided by the professional who invites the patient

Information about the Client and Professional users

We may collect information necessary to manage the commercial, operational, and support relationship with professionals, practices, or institutions, including:

  • Professional contact details
  • Name of the practice, clinic, or institution
  • Billing information or information necessary for contracting
  • Subscribed plan, subscription status, and data associated with service usage
  • Support communications, commercial inquiries, or administrative requests

Patient and follow-up information

Patients may provide information related to their health or follow-up process through forms, records, or features configured by the healthcare professional. This information may include:

  • Questionnaire responses
  • Follow-up records
  • Notes or information related to the treatment process
  • Information related to prescribed medications recorded as part of the follow-up process defined by the healthcare professional
  • Other information that the professional requests or records within the platform

This information is entered by the patient, the professional, or the Client as part of the follow-up process defined by the responsible healthcare professional.

Types of data and their use

Depending on the feature used, data is used as follows:

  • Contact data, such as name and email: used for account creation, management, and access.
  • Identifiers, such as user ID: used to identify the account within the system.
  • Health and follow-up information: used to allow recording, viewing, and monitoring by the responsible healthcare professional or institution.
  • User-entered content: used as part of the follow-up record or information managed by the professional.
  • Usage data: used to improve the experience, security, and operation of the application.
  • Diagnostic data: used to detect errors, prevent failures, and improve system stability.

Technical information

The application may automatically collect limited technical information, such as:

  • Device type
  • Operating system version
  • Application version
  • Technical operation logs
  • Diagnostic information to improve the service
  • Anonymous or aggregated application usage analytics used to improve stability and usability

4. Legal basis, consent, and Client responsibility

The processing of personal data and sensitive data within Nemet may be based on different grounds depending on the type of user, the applicable jurisdiction, and the purpose of processing.

For Clients and Professional users

We process the information necessary to create accounts, provide the service, manage the commercial relationship, provide support, maintain platform security, comply with legal obligations, and improve Nemet's operation.

For patients

Patient information is processed primarily to allow the follow-up, recording, and management defined by the responsible professional or institution. The Client and/or Professional user is responsible for informing the patient and obtaining the consents, authorizations, or legal bases necessary to collect, upload, and process such data through Nemet.

Sensitive health data

Information related to mental health, form responses, follow-up records, or similar data may constitute sensitive information. Such information is processed only to provide Nemet features and under the instructions, configuration, or use of the corresponding Client or Professional user.

When applicable regulations require the express consent of the patient or user, the Client and/or Professional user is responsible for obtaining it before using Nemet to collect or manage such information.

Mythology Labs SRL does not determine the clinical content of forms, questionnaires, records, or information requested from patients by the professional. The responsible professional or institution defines what information is requested and how it is used within the framework of their professional activity.

5. How we use information

The information collected or processed through the application is used for the following purposes:

  • Create, manage, and authenticate user accounts
  • Enable communication and coordination between patients and healthcare professionals
  • Allow professionals to record, view, and monitor patient responses over time
  • Provide, maintain, and improve platform functionality
  • Manage plans, subscriptions, support, and administrative communications
  • Improve the reliability, security, and performance of the application
  • Detect, prevent, and correct technical errors or security incidents
  • Provide technical support when necessary
  • Comply with applicable legal, regulatory, or contractual obligations

Nemet does not sell personal information or share personal information with third parties for advertising purposes.

Nemet does not use patient information for advertising, commercial profiling of patients, or data sales.

Nemet may share information with technology providers necessary to operate, secure, maintain, and improve the service, always limited to what is necessary for those purposes.

6. Data storage and security

Nemet implements industry-standard security measures to protect information stored on the platform.

These measures include:

  • Encrypted communications through HTTPS/TLS
  • Secure infrastructure and access controls based on AWS best practices
  • System isolation and role-based access controls
  • Restricted access to patient information
  • Encrypted storage of sensitive data or protection through reasonable technical controls
  • Technical monitoring to detect errors, failures, or anomalous behavior

Patient data is accessible only to the patient, the healthcare professional responsible for follow-up, users authorized by the Client, and, in limited cases, authorized technical personnel who require access to maintain, protect, or provide support for the service.

Data is stored in secure cloud infrastructure hosted on Amazon Web Services (AWS).

Depending on operational requirements, data may be processed or stored in secure data centers located in different geographic regions, including São Paulo (Brazil) and Northern Virginia (United States).

Although we apply reasonable measures to protect information, no technology system can guarantee absolute security. If a relevant security incident is detected, reasonable mitigation, investigation, and communication measures will be taken in accordance with applicable regulations.

7. Access and control of data

Users may request access, correction, update, or deletion of their personal information, subject to applicable technical, contractual, and legal limitations.

For patients, certain requests may require the intervention or validation of the professional, practice, or institution responsible for follow-up, especially when the information forms part of professional, clinical, or administrative records managed by the Client.

Requests related to personal data may be sent to: nemet@mythologylabs.com.uy

8. Data retention

Information is retained for as long as necessary to provide the service, maintain the account, comply with legal obligations, resolve disputes, provide support, prevent fraud or security incidents, and fulfill the purposes described in this Policy.

Information associated with patients may be retained while the Client or Professional user keeps their account active or while necessary to comply with applicable legal, professional, or contractual obligations.

When an account is cancelled or deleted, we may retain certain information for a reasonable period when necessary for backups, auditing, legal compliance, security, or claim resolution.

9. Third-party services and providers

To operate Nemet, we may use technology providers that process information only to the extent necessary to provide, maintain, protect, or improve the service.

These providers may include the following categories:

  • Cloud infrastructure, hosting, storage, database, and network providers, such as Amazon Web Services (AWS).
  • Authentication, security, technical monitoring, error logging, and diagnostics providers.
  • Email, notification, or transactional communication providers.
  • Technical analytics or aggregated or anonymous usage metrics providers to improve service stability and usability.
  • Payment, billing, checkout, subscription management, or tax providers, such as Paddle, when the Client purchases or pays for a subscription through those services.
  • Internal support, administration, and operational management tools necessary to respond to inquiries or maintain the service.

When payment providers such as Paddle are used, those providers may process information necessary to manage payments, taxes, billing, receipts, subscriptions, refunds, or fraud prevention, according to their own policies and terms.

We do not authorize our providers to use personal information for their own advertising or data sale purposes.

10. International data transfers

Due to the technological nature of the service and the use of cloud infrastructure providers, information may be processed or stored in countries other than the user's country of residence, including Brazil, the United States, or other jurisdictions where our providers operate.

When international data transfers take place, we will seek to apply reasonable security, confidentiality, and information protection measures in accordance with applicable regulations.

11. Children's privacy

Nemet is not intended for children under 13 years of age, unless used under the supervision of a healthcare professional, parent, legal guardian, or responsible institution, as applicable.

The application is not directed directly to children under 13 and does not intentionally collect personal information from minors without appropriate supervision.

When a professional or institution uses Nemet in relation to minors, they are responsible for having the authorizations, consents, or legal bases required under applicable regulations.

12. Changes to this policy

This Privacy Policy may be updated periodically to reflect changes to the service, operational improvements, legal requirements, or new features.

When changes are made, the updated version will be published with a new "Last updated" date. If the changes are relevant, we may notify Clients or users through reasonable means.

13. Medical disclaimer

Nemet is a digital tool designed to support organization, communication, and follow-up between mental health professionals, practices, clinics, and their patients.

The application does not provide medical, psychological, or psychiatric diagnoses, does not provide medical advice, does not recommend treatments, does not replace professional judgment, and must not be used as a substitute for consultation with a healthcare professional.

Nemet is not an emergency service. In the event of a medical, psychological, psychiatric, or risk-related emergency, the user must immediately contact local emergency services, go to a healthcare center, or contact their treating professional through the appropriate channels.

14. Contact

If you have any questions about this Privacy Policy, the processing of personal data, or the exercise of rights related to your information, you may contact:

Mythology Labs SRL
Email: soporte@mythologylabs.com.uy
Website:https://nemet.health
Address: Ramón Anador 3822 A, Montevideo, Uruguay