1. Introduction
Umulisa Healthcare (UH) respects the privacy of your information. This Privacy Policy explains how we collect, use, disclose, and protect the information we receive from healthcare providers and organizations through our website (umulisa.co) and our services (collectively, “Services”). This policy is crafted to comply with the General Data Protection Regulation (GDPR) along with other applicable privacy laws.
2. Information We Collect
- Organizational Information: We collect information about the healthcare organizations we serve, such as contact details, service requirements, and other pertinent business information.
- Healthcare Data: As a service provider to healthcare entities, we may process patient data on behalf of our clients. This includes health data, which is considered sensitive under GDPR.
- Technical and Usage Data: We automatically collect information when you use our Services, such as IP addresses, browser types, and activity logs.
- Contact Information: By providing your contact information, including email addresses and phone numbers, you agree to receive communications from us via email, phone, and SMS. We collect this information to facilitate the services you request. Your contact information will not be shared with third-party providers and will only be used for the intended communication purposes.
3. Legal Basis for Processing
We process your information under the following legal bases:
- Consent: We may process data with explicit consent for specific purposes.
- Contractual Necessity: Processing is necessary for the performance of a service contract with the healthcare organizations we serve.
- Legal Obligation: Processing is necessary to comply with legal requirements.
- Legitimate Interests: We process data for legitimate interests pursued by BH, such as enhancing service offerings and securing our Services, provided such interests are not overridden by your interests or fundamental rights and freedoms.
4. Use of Information
We use the information collected to:
- Deliver and improve our Services.
- Manage our contractual obligations.
- Communicate effectively with clients.
- Ensure security and integrity of our data.
- Comply with legal and regulatory obligations.
5. Data Subject Rights
Under the GDPR, individuals have the right to access, correct, delete, restrict, and transfer their data. Individuals also have the right to object to certain processing activities. If you wish to exercise any of these rights, please contact us directly.
6. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
8. International Transfers
Personal data may be transferred to, and processed in, countries outside of the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards.
9. Changes to this Privacy Policy
We may update this policy periodically to reflect changes in our practices or applicable laws. We will notify you of these changes by revising the date at the top of the policy and, in some cases, we may provide you with more prominent notice.
10. Contact Information
For any questions or concerns regarding our privacy practices or if you need to exercise your data rights, please contact us at: info@umulisa.co.