Privacy Policy

1. Information We Collect

1.1 Personal Information

• Name, email address, phone number
• Date of birth, gender
• Address and location data
• Profile photo (optional)
• Government-issued ID (for doctor verification)

1.2 Medical Information

• Medical history and conditions
• Prescriptions and medications
• Lab results and medical reports
• Consultation records
• Health vitals and measurements

1.3 Usage Data

• Device information and IP address
• Browser type and version
• Pages visited and time spent
• Search queries and interactions

2. How We Use Your Information

• Provide Services: Facilitate consultations, manage appointments, process payments
• Improve Platform: Analyze usage patterns, fix bugs, develop new features
• Communication: Send appointment reminders, prescription notifications, platform updates
• Security: Prevent fraud, ensure platform safety, verify user identity
• Legal Compliance: Meet regulatory requirements, respond to legal requests

3. Data Security

We implement industry-standard security measures to protect your data:

• End-to-end encryption for sensitive data
• Secure HTTPS connections
• Regular security audits and updates
• Access controls and authentication
• Secure cloud storage (Supabase)
• HIPAA-compliant data handling practices

4. Data Sharing

We do not sell your personal information. We may share data with:

• Healthcare Providers: Doctors you consult with
• Service Providers: Payment processors (Paystack), email services (Resend), SMS providers (Termii/Twilio)
• Legal Authorities: When required by law or to protect rights and safety
• Business Transfers: In case of merger, acquisition, or asset sale

5. Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correct: Update inaccurate or incomplete information
• Delete: Request deletion of your account and data
• Export: Download your medical records in standard format
• Restrict: Limit how we use your data
• Object: Opt-out of marketing communications
• Withdraw Consent: Revoke permissions at any time

To exercise these rights, contact us at privacy@mydoc.com.ng

6. Data Retention

We retain your data for as long as necessary to provide services and comply with legal obligations:

• Active Accounts: While account is active
• Medical Records: Minimum 7 years (Nigerian healthcare regulations)
• Financial Records: 7 years (tax and audit requirements)
• Inactive Accounts: 3 years after last activity, then anonymized

7. Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze platform performance
• Provide personalized experience
• Track marketing effectiveness

You can control cookies through your browser settings.

8. Children's Privacy

Our services are not intended for children under 18. We do not knowingly collect data from minors. If you are a parent/guardian and believe your child has provided us with information, please contact us immediately.

9. International Data Transfers

Your data is primarily stored in Nigeria. If transferred internationally, we ensure adequate protection through standard contractual clauses and compliance with data protection regulations.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification. Continued use after changes constitutes acceptance.

11. Contact Us

For privacy concerns or data requests:

• Email: privacy@mydoc.com.ng
• Phone: +234 800 123 4567
• Address: Data Protection Officer, T21 Consultancy Services Limited (RC 1906039), Lagos, Nigeria