Privacy Policy

Effective Date: August 4, 2025

Hi Doctor (“we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and protect your information when you access our medical consultation platform, mobile app, or services (“Services”). This policy aligns with the Nigeria Data Protection Regulation (NDPR) and international best practices regarding the processing of personal and sensitive health information.

1. Information We Collect

1.1 Personal Information

We collect information you provide directly when using our platform:

• Full name, gender, and date of birth
• Email address and phone number
• Government-issued ID (e.g., NIN, driver’s license)
• Residential address and geographic location
• Payment information (card details are processed by third-party gateways and not stored by Hi Doctor)

1.2 Health and Medical Information

• Symptoms, diagnosis, and medical history
• Prescriptions, test results, medical images
• Doctor consultation notes and advice
• Appointment dates, follow-ups, and feedback

1.3 Automatically Collected Information

• Device type, operating system, and app version
• IP address, geolocation, and access times
• Usage logs, activity within the app, and error reports

2. Legal Basis for Processing

We rely on one or more of the following bases:

• Your explicit and informed consent
• Performance of a contract with you
• Compliance with legal obligations under Nigerian law
• Protection of vital interests (e.g., health emergencies)
• Legitimate interests (e.g., improving our platform)

3. How We Use Your Information

• Facilitate medical consultations and follow-ups
• Provide personalized health insights and recommendations
• Manage user accounts and enable appointment bookings
• Communicate important service updates
• Improve service quality, security, and performance
• Ensure legal and regulatory compliance

4. Cookies and Tracking

We may use cookies, beacons, and similar technologies to:

• Remember user preferences and login sessions
• Analyze traffic and usage behavior
• Serve relevant information or promotions

You may modify your cookie settings via your browser or device controls.

5. How We Share Your Data

We may share data with:

• Healthcare professionals: Only the doctors or specialists assigned to you
• Partner labs and pharmacies: To process orders or tests requested
• Cloud hosting providers: To securely store encrypted data
• Payment processors: To handle secure transactions
• Government regulators: Where required under law or public health directives

All third parties are bound by strict confidentiality and data processing agreements.

6. International Transfers

Some data may be processed or stored outside Nigeria, such as on cloud platforms (e.g., AWS, Firebase). In such cases, we ensure the destination country or provider offers adequate data protection aligned with NDPR requirements.

7. Data Retention

We retain data only for as long as necessary:

• To provide services and support your medical care
• To meet legal and regulatory requirements
• To resolve disputes or enforce agreements

If you deactivate your account, we will retain records as required by Nigerian health and data laws, then securely delete or anonymize the data.

8. Data Security

We implement rigorous security measures, including:

• End-to-end data encryption (in transit and at rest)
• Two-factor authentication for doctors and admins
• Role-based access control and audit logs
• Periodic penetration testing and vulnerability scans

9. Data Breach Notification

In the event of a data breach affecting your personal or health data, we will notify you and relevant authorities within 72 hours, in compliance with NDPR requirements.

10. Your Rights Under NDPR

You have the right to:

• Request access to the personal data we hold about you
• Request correction or deletion of inaccurate data
• Withdraw your consent at any time (if processing is based on consent)
• Object to processing based on legitimate interests
• Request a copy of your data in a portable format
• Lodge a complaint with the Nigeria Data Protection Commission (NDPC)

11. User Responsibilities

You are responsible for maintaining the confidentiality of your login credentials. Do not share your account or use the platform for unauthorized medical inquiries on behalf of others without consent.

12. Children’s Privacy

Hi Doctor is intended for users aged 18 and above. If medical services are required for a minor, a parent or guardian must create and manage the child’s account and consent to data usage.

13. Changes to This Policy

We may revise this Privacy Policy from time to time. Changes will be communicated via app or email, and the updated version will take effect on the stated effective date.

14. Contact Information

For questions or requests related to this policy, contact our Data Protection Officer:

Data Protection Officer
Hi Doctor
[Insert Office Address Here]
Email: privacy@hi-doctor.ng
Phone: [Insert Support Number Here]

15. Regulatory Authority

If you believe your rights have been violated, you may contact:

Nigeria Data Protection Commission (NDPC)
Website: https://ndpc.gov.ng
Email: info@ndpc.gov.ng

By using Hi Doctor, you acknowledge that you have read, understood, and agree to this Privacy Policy.