Helium Credit Privacy Notice
One Global Medical Technology Ltd (“We”, “Us”, or “Our”) is a healthcare technology company transitioning Africa’s healthcare to a data-driven system through the provision of software products and services. Our HeliumCredit product offers quick, collateral-free loans to healthcare facilities (the “Facilities”).
This Privacy Notice (“Notice”) guides your use of HeliumCredit. We provide this Notice because you have a right to know what information we collect, why we collect it, how it is protected and used, and the circumstances under which it may be disclosed.
- The data we process
Personal data means any information about an individual from which that person can be directly or indirectly identified. We do not consider personal data to include information made anonymous so that it does not identify a specific user.
In connection with our services, we collect personal and financial information from you while you use our products and services and when you create an account or sign in to our website. We ask you to provide us with certain personal data to contact or identify you, and some automatically for our website to function effectively. We also collect personal data when you provide feedback and/or report a problem.
We obtain the following information from you or through third parties:
email address and password
Amount of loan needed and purpose
|The domain name of the Internet service provider (ISP)
Date and time of your visits
Web pages visited, duration and frequency of visit
The IP address used to connect your device to the
internet for identification purposes
|Financial information (including, but not limited to, ATM card details, Bank Verification Number (BVN), etc.)
Transactional data (information relating to payment)
- Cookies and tracking technologies
- Lawful bases for processing data
We are required to process your data on at least one of these lawful bases:
- Legitimate interest: Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided the legitimate interest does not outweigh the data subject’s rights.
- Consent: You have given explicit consent for us to process your data for a specific purpose.
- Contract: If your data processing is necessary for a contract you have with us or because we have asked you to take specific steps before entering into that contract.
- Legal obligation: If the processing of your data is necessary where there is a statutory obligation on us.
- Purpose of processing your data and the lawful basis
|Purpose of Processing
|● To administer our business
● To enforce our terms of service and any terms and conditions of any other agreements for our services
● To run a credit check on you
● To send you service-related messages
● To manage your account
● To provide credit-related services to you
● To communicate with you and for customer support
● To track your repayment schedule
|● To help us develop, improve, customise or restructure our services
● To take statistical data and analytics for our internal use
● To analyse site usage and provide, maintain, and improve the content and functionality of the site
|● To install non-strictly necessary cookies on your device
● To send marketing or promotional messages to you
|● To secure your data and prevent fraud
|Legitimate interest, legal obligation.
|● To fulfil our Know Your Customer (KYC) obligation
● To fulfil legal requirements where needed
● Providing your credit information to the Credit Bureau
- Your rights as a data subject
You are vested with certain rights as a data subject. They include the right to:
- access personal data we hold about you by requesting a copy of the personal data we hold about you;
- rectify such information where you believe it to be inaccurate;
- restrict the processing of your data in certain circumstances;
- object to the processing of your data where we intend to process such data for marketing purposes;
- where feasible, receive all personal data you have provided to us—in a structured, commonly used, and machine-readable format—and transmit the information to another data controller;
- request the erasure of your data (also known as the right to be forgotten);
- withdraw your consent to the processing of your data;
- not be subjected to a decision based solely on automated processing or profiling; and
- lodge a complaint with the regulatory authority where you have reason to believe that we have violated this Privacy Notice’s term(s). (You may complain or seek redress from us within 30 days from when you first detected the alleged violation.)
You may seek to exercise any of the above rights at any time by sending us an email at firstname.lastname@example.org
- Who do we disclose your data to?
We may share your data with the following third parties:
|Purpose of data sharing
|We use CookieYes to customise our cookie banner, record user consent and manage all our cookie compliance needs. You can read their privacy notice here.
|We use Google Tag Manager and Google Maps, to maximise our online tracking and location services. Read their privacy notice here.
|To communicate with users on the website and provide customer service support. Read their privacy notice here.
|We collaborate with various financial institutions to develop and market our product, and we may only use this information to market-related products unless the customer has given consent for other uses.
|Legal and Regulatory Authority
|We may disclose your personal information if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect any person’s safety or to address fraud, security, or technical issues.
|We will share your personal data with service providers for them to provide services to us, such as payment processing service providers, to conduct data processing on our behalf, or for data verification, centralisation, or logistics purposes.
- Retention of your data
The personal data we process will be stored for as long as necessary to fulfil the purposes described in this Notice. However, we will also retain data subject to relevant provisions of applicable laws, resolve disputes, prevent fraud and abuse, and enforce our legal agreements and policies. In addition, we delete your data for targeted marketing purposes once you unsubscribe from our marketing communications.
Please note that your data may be retained for a longer period, notwithstanding your request to remove it, where there is a legal requirement to do so.
- Security of data
We prioritise your privacy and use advanced measures to protect your data. While no online platform is entirely foolproof, we are dedicated to safeguarding your information against loss, misuse, and unauthorised access. If a significant breach occurs, we will promptly inform you and act swiftly to address it.
- International transfer of data
We transfer personal data outside our country of operation. We ensure any cross-border data transfers adhere to all necessary data protection regulations. This means that before transferring personal data, we either confirm that the recipient country has robust data protection laws or, if not, employ specific contractual terms and other appropriate safeguards to protect the data. In cases where the destination country might not meet stringent data protection standards, we will leverage the relevant data transfer mechanism, seek authorisation from the regulator, or obtain your consent before proceeding and inform you of any risks. Should you wish to learn more about how we ensure data protection during these transfers, details will be provided upon request.
- Marketing and communications
We only send marketing communications to you with your consent. You can opt-out of our marketing or object to further processing by clicking on the ‘unsubscribe’ button at the bottom of the page.
If you have any inquiries or complaints, please contact our Data Protection Officer (DPO) at email@example.com. Our DPO will examine your concerns and update you on the resolution process.
- Changes to this notice
We update our privacy notice occasionally. We will notify our users when we make a change, and visitors will know this by checking the last date of the update on this page whenever they visit.
- Contact Us
If you have any questions relating to this Notice, your rights under this Notice, or are not satisfied with how we manage your personal data, kindly reach out to our Data Protection Officer at firstname.lastname@example.org .