Helium Credit Privacy Notice

  1. Introduction

One Global Medical Technology Ltd (“We”, “Us”, or “Our”) is a healthcare technology company transitioning Africa’s healthcare to a data-driven system through the provision of software products and services. Our HeliumCredit product offers quick, collateral-free loans to healthcare facilities (the “Facilities”).

This Privacy Notice (“Notice”) guides your use of HeliumCredit. We provide this Notice because you have a right to know what information we collect, why we collect it, how it is protected and used, and the circumstances under which it may be disclosed.

  1. Terms of Use

You are required to comply with the provisions of our Terms of Use in relation to the information provided.

  1. The data we process

Personal data means any information about an individual from which that person can be directly or indirectly identified. We do not consider personal data to include information made anonymous so that it does not identify a specific user.

In connection with our services, we collect personal and financial information from you while you use our products and services and when you create an account or sign in to our website. We ask you to provide us with certain personal data to contact or identify you, and some automatically for our website to function effectively. We also collect personal data when you provide feedback and/or report a problem.

We obtain the following information from you or through third parties:

Service UsersAll Visitors
Full name

email address and password

Phone number

Residential address

Amount of loan needed and purpose

Loan history
The domain name of the Internet service provider (ISP)

Date and time of your visits

Web pages visited, duration and frequency of visit

The IP address used to connect your device to the
internet for identification purposes
Financial information (including, but not limited to, ATM card details, Bank Verification Number (BVN), etc.)

Transactional data (information relating to payment)
  1. Cookies and tracking technologies

We use cookies and other tracking technologies, and information about their usage is specified in our Cookie and Tracking Technologies Notice.

  1. Lawful bases for processing data

We are required to process your data on at least one of these lawful bases:

  1. Legitimate interest: Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided the legitimate interest does not outweigh the data subject’s rights.
  2. Consent: You have given explicit consent for us to process your data for a specific purpose.
  3. Contract: If your data processing is necessary for a contract you have with us or because we have asked you to take specific steps before entering into that contract.
  4. Legal obligation: If the processing of your data is necessary where there is a statutory obligation on us.
  1. Purpose of processing your data and the lawful basis
 Purpose of Processing Lawful Bases
● To administer our business
● To enforce our terms of service and any terms and conditions of any other agreements for our services
● To run a credit check on you
● To send you service-related messages
● To manage your account
● To provide credit-related services to you
● To communicate with you and for customer support
● To track your repayment schedule
 Contract  
● To help us develop, improve, customise or restructure our services
● To take statistical data and analytics for our internal use
● To analyse site usage and provide, maintain, and improve the content and functionality of the site
 Legitimate interest
● To install non-strictly necessary cookies on your device
● To send marketing or promotional messages to you
 Consent
● To secure your data and prevent fraud Legitimate interest, legal obligation.
● To fulfil our Know Your Customer (KYC) obligation
● To fulfil legal requirements where needed
● Providing your credit information to the Credit Bureau
 Legal obligation
  1. Your rights as a data subject

You are vested with certain rights as a data subject. They include the right to:

  1. access personal data we hold about you by requesting a copy of the personal data we hold about you;
  2. rectify such information where you believe it to be inaccurate;
  3. restrict the processing of your data in certain circumstances;
  4. object to the processing of your data where we intend to process such data for marketing purposes;
  5. where feasible, receive all personal data you have provided to us—in a structured, commonly used, and machine-readable format—and transmit the information to another data controller;
  6. request the erasure of your data (also known as the right to be forgotten);
  7. withdraw your consent to the processing of your data;
  8. not be subjected to a decision based solely on automated processing or profiling; and
  9. lodge a complaint with the regulatory authority where you have reason to believe that we have violated this Privacy Notice’s term(s). (You may complain or seek redress from us within 30 days from when you first detected the alleged violation.)

You may seek to exercise any of the above rights at any time by sending us an email at dataprivacy@heliumhealth.com

  1. Who do we disclose your data to?

We may share your data with the following third parties:

Third PartiesPurpose of data sharing
CookieYesWe use CookieYes to customise our cookie banner, record user consent and manage all our cookie compliance needs. You can read their privacy notice here.
GoogleWe use Google Tag Manager and Google Maps, to maximise our online tracking and location services. Read their privacy notice here.
IntercomTo communicate with users on the website and provide customer service support. Read their privacy notice here.
Financial Institution(s)We collaborate with various financial institutions to develop and market our product, and we may only use this information to market-related products unless the customer has given consent for other uses.
Legal and Regulatory AuthorityWe may disclose your personal information if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect any person’s safety or to address fraud, security, or technical issues.
Service ProvidersWe will share your personal data with service providers for them to provide services to us, such as payment processing service providers, to conduct data processing on our behalf, or for data verification, centralisation, or logistics purposes.
  1. Retention of your data

The personal data we process will be stored for as long as necessary to fulfil the purposes described in this Notice. However, we will also retain data subject to relevant provisions of applicable laws, resolve disputes, prevent fraud and abuse, and enforce our legal agreements and policies. In addition, we delete your data for targeted marketing purposes once you unsubscribe from our marketing communications.

Please note that your data may be retained for a longer period, notwithstanding your request to remove it, where there is a legal requirement to do so.

  1. Security of data

We prioritise your privacy and use advanced measures to protect your data. While no online platform is entirely foolproof, we are dedicated to safeguarding your information against loss, misuse, and unauthorised access. If a significant breach occurs, we will promptly inform you and act swiftly to address it.

  1. International transfer of data

We transfer personal data outside our country of operation. We ensure any cross-border data transfers adhere to all necessary data protection regulations. This means that before transferring personal data, we either confirm that the recipient country has robust data protection laws or, if not, employ specific contractual terms and other appropriate safeguards to protect the data. In cases where the destination country might not meet stringent data protection standards, we will leverage the relevant data transfer mechanism, seek authorisation from the regulator, or obtain your consent before proceeding and inform you of any risks. Should you wish to learn more about how we ensure data protection during these transfers, details will be provided upon request.

  1. Marketing and communications

We only send marketing communications to you with your consent. You can opt-out of our marketing or object to further processing by clicking on the ‘unsubscribe’ button at the bottom of the page.

  1. Complaints

If you have any inquiries or complaints, please contact our Data Protection Officer (DPO) at dataprivacy@heliumhealth.com. Our DPO will examine your concerns and update you on the resolution process.

  1. Changes to this notice

We update our privacy notice occasionally. We will notify our users when we make a change, and visitors will know this by checking the last date of the update on this page whenever they visit.

  1. Contact Us

If you have any questions relating to this Notice, your rights under this Notice, or are not satisfied with how we manage your personal data, kindly reach out to our Data Protection Officer at dataprivacy@heliumhealth.com .