healthtracka.com is provided by Healthtracka (“Healthtracka”).
At Healthtracka, we value your privacy, and we are committed to safeguarding your personal information. All personal data that you provide us will be protected and kept confidential among our affiliates, representatives, and privies.
Throughout the website, the terms “we”, “us” and “our” refer to Healthtracka.
Your use of our services, and any dispute over privacy is subject to this Policy and our Terms of Service, including its applicable limitations on damages and the resolution of disputes. Our Terms of Service are incorporated by reference into this Policy.
Our website and services are not directed at you if we are prohibited by any law of any jurisdiction from making the information on our website available to you and is not intended for any use that would be contrary to local law or regulation.
Where processing of your personal data is based on consent, we shall obtain the requisite consent at the time of collection of the personal information. In this regard, you consent to the processing of your personal information when you access our website, or use our services, content, features, technologies or functions offered on our website or other digital platforms. You can withdraw your consent at any time but such withdrawal will not affect the lawfulness of the processing of your data based on consent given before its withdrawal.
Where your personal data is to be processed for a different purpose that is incompatible with the purpose or purposes for which that personal data was originally collected that was not disclosed to you when you first provided your consent, we will obtain your consent to the new purpose or purposes.
You affirm that you are over 18 years old and have the right to contract in your own name, and that you have read the above authorisation and fully understand its contents.
Individuals under 18 years old are only allowed to sign up for our services or provide us with their information when an adult above the age of 18 is signing contracts in their stead.
The Data Protection Legislation sets out the following principles with which anyone handling personal data must comply. We, our employees, agents, contractors and third-party service providers comply with the following principles when collecting or processing your personal data. All personal data must be:
In providing our educational services to you, we collect certain non-personal and personal data about you. Our policy is to keep this information confidential and strictly safeguarded, and to use or disclose it only as needed to provide services to you, or as permitted or required by the Data Protection Legislation.
There are two categories of information we collect. We collect a variety of information from our users and visitors to our website. As described below, some information is automatically collected when you visit our website, and some you provide to us when filling out a form or communicating with us.
We primarily collect your personal data to ensure that we provide the most efficient diagnostic service to you, monitor the use and improve our website and other legitimate interests. Your information will solely be used and disclosed for the following purposes:
Employees, agents, contractors, or other parties working on behalf of Healthtracka shall collect your personal data only to the extent required for the performance of their job duties and only in accordance with this policy. Excessive personal data must not be collected.
Employees, agents, contractors, or other parties working on behalf of Healthtracka shall process your personal data only when the performance of their job duties requires it. Your personal data held by Healthtracka cannot be processed for any unrelated reasons.
Your personal data must be accurate and kept up to date. In this regard, Healthtracka shall ensure that any data it collects and/or processes is accurate and not misleading in a way that could be harmful to you; make efforts to keep your personal data updated where reasonable and applicable; and make timely efforts to correct or erase your personal data when inaccuracies are discovered.
Healthtracka shall not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed. In the case of your health data, the purpose for which the data was collected is to provide you with our diagnostic services. Unless Healthtracka receives a valid request to erase your health data, the data is retained permanently. This allows your record of test information and samples to be maintained. If the data were deleted, we would have no record of your test information and samples to be maintained.
Other information which may be automatically collected from you when you visit our website include domain name of your internet service provider, the internet protocol address used to connect the computer to the internet, the average time spent on our website, pages viewed, information searched for, access times, your geographical location, operating system, referral source, and other relevant statistics.
We may also collect information from you using cookies and other analytical tools especially when you use our products and services. More details are provided below in our section on Cookies.
Your information is regarded as confidential and will not be divulged to any third party, except under legal and/or regulatory conditions. You have the right to request copies of any and all information we keep on you, if such requests are made in compliance with applicable laws and other relevant enactments. While we are responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of Healthtracka.
We will not sell, publish, or disclose to third parties your personal data collected on our website, through our servers or otherwise obtained by us, other than to provide our services and as set forth in this policy. We may share generic aggregated demographic information not linked to any personally identifiable information regarding visitors and users with our business partners, trusted affiliates, professional advisers and advertisers for the purposes outlined above. We may share your information with these third parties for those limited purposes if you have given us your permission and in compliance with the Data Protection Legislation.
Your Personally Identifiable Information may be provided as necessary to the following categories of recipients: accredited laboratories, healthcare providers, pharmacies, service providers (such as couriers, communications and marketing service providers, IT-related service providers, analytics providers, legal or financial advisors, contractors and vendors), and other trusted third parties with whom we have an agreement for the protection of your information, or government/regulatory/law enforcement agencies pursuant to legally binding order.
We may disclose and transfer your Personally Identifiable Information to our accredited laboratory for the purpose of (i) accepting and processing an accepted order by us, (ii) in order to ensure the tests are analysed and (iii) to test any sample provided and make your test information available to you via mail or on our secure result dashboard on our Site and Platform. To process a request for a test and for our accredited laboratory to test the sample and send you the test information, we need to disclose personal information within and outside our company including to healthcare providers, to our accredited laboratory and our IT services providers.
We may disclose and transfer your Personally Identifiable Information to healthcare providers, such as contracted or other medical practitioners for purposes of review, quality assurance, prescribing of tests, review of results and other purposes.
We will notify you as soon as we become aware of a harmful data breach which may result in a risk of your rights and freedom.
You have the right to request an erasure of your data at any time.
We will notify you if we are transferring your data.
You may request at any time that we halt further dissemination of your data or cease to use your data.
We may disclose Personally Identifiable Information if required to do so by law or in the good faith belief that such action is necessary to (a) conform with the requirements of the law or comply with legal process served on us, or (b) act in urgent circumstances to protect the personal safety of users of our service or members of the public.
To the extent practicable and legally permitted, we will attempt to advise you prior to any such disclosure, so that you may seek a protective order or other relief limiting such disclosure.
We may engage the services of third parties in order to process your personal data. The processing by such third parties shall be governed by a written contract with Healthtracka to ensure adequate protection and security measures are put in place by the third party for the protection of your personal data in accordance with the terms of this policy and the Data Protection Regulation.
Your information may be transferred to a foreign country or international organisation for the purpose of providing our service to you. We will ensure that there are adequate data protection laws in the recipient country or organisation before transferring your information. In particular, we shall, among other things, conduct a detailed assessment of whether the said country is on the National Information Technology Development Agency (NITDA) Whitelist of Countries with adequate data protection laws or any other relevant authorities that exist and may come into existence in the jurisdictions where the company has offices.
Transfer of your personal data out of Nigeria would be in accordance with the provisions of the NDPR. We will therefore only transfer your personal data out of Nigeria on one of the following conditions:
Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Nigeria shall be provided to you upon request.
Where the recipient country is not on the White List and none of the conditions stipulated in clause 13.5.2 of this policy is met, Healthtracka will engage with NITDA and the Office of the Honourable Attorney General of the Federation (HAGF) for approval with respect to such transfer.
Subject to certain limitations and exceptions, you are entitled to the following principal rights under the Data Protection Legislation:
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures such as secure sockets layer (SSL) to safeguard and secure the information we collect online. We use encryption tools when accepting and transmitting delicate visitor information through our website. Some of the other safeguards we use are firewalls and physical access controls to our data centres, and information access authorization controls.
We shall ensure that employees who collect, access and process your personal data receive adequate data privacy and protection training in order to develop the necessary knowledge, skills and competence required to effectively manage the compliance framework under this policy and the Data Protection Legislation with regard to the protection of personal data. On an annual basis, we shall develop a capacity building plan for our employees on data privacy and protection in accordance with the Data Protection Legislation.
We will retain your information for as long as needed to provide you with our services, comply with our legal and statutory obligations or verify your information with a financial institution.
We are statutorily obligated to retain the data you provide us with in order to process transactions, ensure settlements, make refunds, identify fraud and in compliance with laws and regulatory guidelines applicable to us.
In the event where there is any accidental or unlawful destruction, processing, loss, alteration, unauthorized disclosure of, or access to your personal data, we shall:
Our website may contain links to third-party websites or services that are not owned or controlled by us.
We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. You further acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such websites or services.
We strongly advise you to read the terms and conditions and privacy policies of any third-party websites or services that you visit.
We exercise reasonable efforts to safeguard the security and confidentiality of your personal data; however, we will not be liable for unauthorised disclosure of personal data that occurs through no fault of ours.
This policy is effective as of October 6th, 2022.
Last updated: October 6th, 2022.