This Privacy policy issued by ST. RAPHAEL DIVINE MERCY SPECIALIST HOSPITAL (hereinafter referred to as “SRDMSH”) of Ijede Road, Ikorodu, Lagos State, Nigeria, constitutes our commitment to your privacy on our administrative records, websites, social media platforms and premises.
1. Your Privacy Rights
1.1 This Privacy Policy describes your privacy rights regarding our collection, use, storage, sharing and protection of your personal information. It applies to SRDMSH website and all database, applications, services, tools and physical contact with us, regardless of how you access or use them.
1.2 If you have created a username, identification code, password or any other piece of information as part of our access security measures, you must treat such information as confidential, and you must not disclose it to any third party.
1.3 We reserve the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of this privacy policy.
1.4 If you know or suspect that anyone other than you knows your security details, you must promptly notify us at complaints@srdmsh.com.
2. Consent
2.1 You accept this privacy policy when you give consent upon access to our platforms, or use our services, content, features, technologies or functions offered on our website, digital platforms or visit any of our offices for official or non-official purposes (collectively “SRDMSH Services”). This privacy policy governs the use of SRDMSH Services and intervention projects by our users and stakeholders, unless otherwise agreed through a written contract. We may amend this privacy policy at any time by posting a revised version on our website, or placing such notice at conspicuous points at our office facilities. The revised version will be effective 7 days after publication.
3. Your Personal Information
3.1 When you use SRDMSH Services, we collect information sent to us by your computer, mobile phone or other electronic access device. The automatically collected information includes but is not limited to data about the pages you access, computer IP address, device ID or unique identifier, device type, geo-location information, computer and connection information, mobile network information, statistics on page views, traffic to and from the sites, referral URL, ad data, standard web log data, still and moving images.
3.2 We may also collect information you provide us including but not limited to information on web form, survey responses account update information, email address, phone number, organisation you represent, official position, correspondence with SRDMSH support services, and telecommunication with SRDMSH. We may also collect information about your transactions, enquiries and your activities on our platform or premises. 3.3 We may also use information provided by third parties like social media sites. Information about you provided by other sites are not controlled by SRDMSH and we are, therefore, not liable for how such third parties use your information.
4. What we do with your personal information
4.1 The purpose of our collecting your personal information is to give you efficient, enjoyable and secure service. We may use your information to:
4.1.1 Provide SRDMSH Services and support;
4.1.2 Process applications and send notices about your transactions to requisite parties;
4.1.3 Verify your identity;
4.1.4 Resolve disputes, collect outstanding medical bills, and troubleshoot problems;
4.1.5 Manage risk, or to detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities;
4.1.6 Detect, prevent or remediate violation of laws, regulations, standards, guidelines and frameworks;
4.1.7 Improve SRDMSH Services by implementing aggregate customer or user preferences;
4.1.8 Measure the performance of SRDMSH Services and improve content, technology and layout;
4.1.9 Track information breach and remediate such identified breaches;
4.1.10 Manage and protect our information technology and physical infrastructure; or
4.1.11 Contact you at any time through your provided telephone number, email address or other contact details.
5. Cookies
5.1 Cookies are small files placed on your computer’s hard drive that enables the website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences in order to present contents, options or functions that are specific to you. Like most interactive websites, our website uses cookies to enable the tracking of your activity for the duration of a session. Our website uses only encrypted session cookies which are erased either after a predefined timeout period or once the user logs out of the platform and closes the browser. Session cookies do not collect information from the user’s computer. They will typically store information in the form of a session identification that does not personally identify the user.
6. How we protect your personal information
6.1 We store and process your personal information on our computers in Nigeria. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centres, and information access authorisation controls.
7. How We Share your personal information within SRDMSH and with Other Users
7.1 During your interaction with our website or premises, we may provide or share your personal information such as your name, contact details, or other details you provide us with our business partners and third parties, whether private or public sector operators who also provide services to us including IT service providers, cloud service providers, data storage providers, professional advisors, IT consultants carrying out testing and development work on our business technology systems, and companies that we use to serve you marketing or advertising online.
7.2 We may also share your personal information with third parties to comply with an order under the law for the time being in force; at the request of government authorities conducting an investigation; to verify or enforce our contractual rights or other applicable policies; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, visitors to the Platform, our business or the public.
7.3 We work with third parties, especially government agencies to perform SRDMSH Services and implement its mandate. In doing so, a third party may share information about you with us, such as your email address or mobile phone number.
7.4 You accept that your pictures and testimonials on all social media platforms about SRDMSH can be used for limited promotional purposes by us. This does not include your trademark or copyrighted materials.7.5 From time to time we may send you relevant information such as news items, enforcement notice, statutorily mandated notices and essential information to aid the implementation of our mandate. We may also share your personal information in compliance with national or international laws; crime prevention and risk management agencies and service providers.
8. Security
8.1 We will always hold your information securely. To prevent unauthorised access to your information, we have implemented strong controls and security safeguards at the technical and operational levels. Our website uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your Personal Data. You should see the padlock symbol in your URL address bar once you are successfully logged into the platform. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server. Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission.
8.2 SRDMSH has also taken measures to comply with global Information Security Management Systems. We, have, therefore, have put in place digital and physical security measures to limit or eliminate possibilities of data privacy breach incidents.
9. Data Confidentiality Rights
9. Your information is regarded as confidential and will not be divulged to any third party, except under legal and/or regulatory conditions. You have the right to request sight of, and copies of any and all information we keep on you, if such requests are made in compliance with the Freedom of Information Act and other relevant enactments. While SRDMSH is responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorised officers of the Agency.
10. Links to Other Websites and Premises
10.1 Certain transaction processing channels may require links to other websites or organisations other than ours. Please note that SRDMSH is not responsible and has no control over websites outside its domain. We do not monitor or review the content of other party’s websites which are linked from our website or media platforms.
10.2 Opinions expressed or materials appearing on such websites are not necessarily shared or endorsed by us, and SRDMSH should not be regarded as the publisher of such opinions or materials.
10.3 Please be aware that we are not responsible for the privacy practices, or content of these sites.
10.4 We encourage our users to be aware of when they leave our site and to read the privacy statements of these sites. You should evaluate the security and trustworthiness of any other site connected to this site or accessed through this site yourself, before disclosing any personal information to them.
10.5 SRDMSH will not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.
11. Governing Law
11.1 This privacy policy is made pursuant to the Nigerian Data Protection Regulation (NDPR) 2019 and other relevant Nigerian laws, regulations, or international conventions applicable to Nigeria. Where any provision of this Policy is deemed inconsistent with a law, regulation, or convention, such provision shall be subject to the overriding law, regulation, or convention.