One Global Medical Technology Ltd (“Helium Health”, “We”, “Us”, or “Our”) is a Medtech company established to transform Africa’s healthcare sector by providing cutting-edge technology solutions for all healthcare stakeholders in emerging markets. Various services are provided by our team to healthcare specialists and patients.
This Privacy Notice (“Notice”) governs your use of our website https://www.heliumhealth.com/ (‘the Website”), and any other software, online platform, website, mobile or tablet application or domains used to provide our services, including but not limited to Helium EMR, HeliumPay, HeliumCredit, Helium Cover, Helium Care Provision, and MyHelium (referred to as the “Services”). We provide this Notice because you have a right to know what information we collect, why we collect it, how it is protected and used, and the circumstances under which it may be disclosed.
- Your data that we process
Personal data is any information about an individual that can be used to identify that person directly or indirectly. For example, while using the website, we may request personal information from you in order to contact or identify you, and some information may be collected automatically in order for our website to function properly. We also collect personal data from third-party sources or through your use of our services. We obtain the following information:
|Health Care Providers/Specialists||Patients||All visitors|
|Full name of the person registering|
Name of the health care facility
Country of Residence
Full name of medical professionals
Type of facility
|Full name of the patient|
Email address of the patient
Country Gender Language
The IP address used to connect your device to the internet for identification purposes;
Login email address and password;
Name of the internet service provider (ISP);
Date and time of visit;
Web pages visited, duration, and frequency of visits
- Sensitive Personal Data
Sensitive personal data includes data pertaining to religious or other beliefs, sexual orientation, health, race, ethnicity, political views, trade union membership, criminal records, and any other sensitive personal information. We will only process sensitive personal data (health data) of patients on behalf of health care providers with the patients’ express consent or in order to fulfil the healthcare facility’s and care provider’s obligation to provide care service.
- Lawful Bases for processing data
We are required to process your data under at least one of these lawful bases:
- Legitimate interest: Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided your rights and interests do not outweigh those interests.
- Consent: You have given explicit consent for us to process your data for a specific purpose.
- Contract: If the data processing is necessary for a contract with us or because we have asked you to take specific steps before entering that contract.
- Legal obligation: If the processing of your data is necessary where there is a statutory obligation on us.
- Purpose of Processing Your Data and the Lawful Bases
We collect your data:
|Purpose of Processing||Lawful Bases|
|To administer our businessTo help us to develop, improve, customise or restructure our servicesTo enforce our terms of service and any terms and conditions of any other agreements for our services.||Legitimate interest, contract|
|To send marketing or promotional messages to youTo install non-strictly necessary cookies on your deviceTo manage personal/sensitive data of patients.||Consent|
|To take statistical data and analytics for our use internally To send you service-related messagesTo analyse Site usage and provide, maintain and improve the content and functionality of the Site||Legitimate interest|
|To secure your data and prevent fraud||Legitimate interest, legal obligation|
|To manage your account.To communicate with you and for patient support.To recommend and match you with a patient.To recommend your expert services to potential clients/patients.To address your inquiries, process your registration, and complete your transactions.To enable an easy and effective payment system.||Contract|
|To inform you whenever there are changes to our terms of business or services||Legal obligation, contract|
|To fulfil our Know Your Customer (KYC) obligation.To interact with regulatory authorities or other public authorities concerning you||Legal obligation|
- Your Rights as a Data Subject
The law vests you with certain rights as a data subject. They include the right to:
- access personal data we hold about you by requesting a copy of the personal data we hold about you;
- rectify such information where you believe it to be inaccurate;
- restrict the processing of your data in certain circumstances;
- object to the processing of your data where we intend to process such data for marketing purposes;
- where feasible, receive all personal data you have provided to us—in a structured, commonly used, and machine-readable format—and transmit the information to another data controller;
- request the erasure of your data (also known as the right to be forgotten);
- withdraw your consent to the processing of your data; and
- lodge a complaint with a relevant authority where you have reason to believe that we have violated the term(s) of this Privacy Notice. (You may complain or seek redress from us within 30 days from when you first detected the alleged violation).
You may seek to exercise any of the above rights at any time by sending us an email at email@example.com.
In the event of a complaint, users may direct such a complaint to the appropriate supervisory authority in their respective country.
- Who we share your data with
The following third party is the entity we share .your data with:
|Third Parties||Purpose of data sharing|
|Google Analytics||We use various Google APIs and services for our Website’s operation. Read Google’s Privacy Notice here.|
|Hotjar||We use it to analyse how users interact with our website. Read Hotjar’s Privacy Notice here.|
|Intercom||We use their service to communicate with users and provide conversational support. Read Intercom’s Privacy Notice here.|
|Meta (Facebook)||We use their service to measure ad impressions and to provide advertising and site analytics services. Read Meta’s Privacy Notice here.|
|Financial Institution(s)||We collaborate with various financial institutions to develop and market our product, and we may only use this information to market-related products unless the customer has given consent for other uses.|
|Legal and Regulatory Authority||We may disclose your personal information if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect any person’s safety, or to address fraud, security, or technical issues.|
|Service Providers||We will share your personal data with service providers in order for them to provide services to us, such as payment processing service providers, or to conduct data processing on our behalf, or for data verification, centralisation, or logistics purposes.|
Note that if you wish to prevent your device’s operating system from sharing your personal data with Helium Health or with the third parties mentioned for profiling purposes, you can do so by setting up your device appropriately – namely, by changing the privacy settings on your device to disable/restrict any advertising tracking features. For more information on this, please see the following links:
- iOS Devices: https://support.apple.com/en-us/HT202074;
- Android Devices: https://support.google.com/ads/answer/2662922?hl=en
- Retention of your data
The data and any other information we collect from you will be stored for as long as necessary to fulfil the purposes described in this Notice.
However, we will also retain data subject to relevant provisions of applicable laws, resolve disputes, prevent fraud and abuse, and enforce our legal agreements and policies. In addition, we delete your data for targeted marketing purposes once you unsubscribe from our marketing communications.
Please note that your data may be retained for a more extended period, notwithstanding your request to remove your data, where there is a legal requirement to do so.
- How your data is stored and secured
We are very particular about preserving your privacy and protecting your data. We deploy reasonable and appropriate technical and organisational measures to keep your data safe. However, we cannot completely guarantee the security of any information you transmit via our website, as the internet is not an entirely secure place. Nevertheless, we are committed to doing our best to protect you.
We protect your data using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration.
Where there is an actual or suspected data breach capable of causing harm to your rights and freedoms, we will notify you without undue delay and use our best effort to remedy the breach promptly.
- International transfer of data
We transfer your personal information to foreign countries because we are a multinational corporation with subsidiaries in different countries. When transferring personal information to a country other than where we operate, we will take additional precautions to ensure its adequate protection.
To conduct international data transfers, we comply with applicable local laws and regulations in the countries we operate. This includes transferring data to countries deemed adequate under applicable laws, obtaining licences or approvals from the relevant authority, maintaining appropriate documentation, obtaining explicit consent, and performing contractual obligations. Furthermore, we can transfer when we have a legal obligation, need to establish or defend a legal claim, or there is a public interest obligation.
In addition, we take additional precautions for the onward transfer of data and the selection of trustworthy third parties and service providers in third countries.
Please contact us to obtain relevant information regarding your data transfers to third countries (including the appropriate transfer mechanisms).
- Marketing and communications
We only send marketing communications to you with your consent. You may opt-out of our marketing or object to further processing by clicking on the ‘unsubscribe’ button at the bottom of the page.
If you are concerned about an alleged breach of data protection law or any other regulation by us, you can contact the Data Protection Officer (DPO) at firstname.lastname@example.org. The DPO will investigate your complaint and provide information about how your complaint is handled.
Please be informed that you may complain to the relevant data protection authority if your complaints are not satisfactorily addressed.
- Changes to this Notice
We update our privacy notice from time to time. We will notify our users when we make a change, and visitors will know this by checking the last date of update on this page whenever they visit.
- Contact Us
If you have any questions relating to this Notice, your rights under this Notice, or are not satisfied with how we manage your personal data, kindly reach out to our Data Protection Officer at email@example.com or email us at firstname.lastname@example.org.
Last Updated: November 2022