Last revised: September, 2020
1.1.2 We offer an online communication platform for Healthcare Providers and their patients (or their patients’ parents or legal guardians, as may be applicable from time to time) (“Patient Users“) to connect via the Site through the use of interactive video, audio and other telecommunications technology. The Site facilitates communication between Patient Users and Healthcare Providers, and for the avoidance of doubt we are not involved in, nor have any influence over, the content of the medical or healthcare assessments conducted and advice provided by Healthcare Providers to Patient Users.
184.108.40.206 What is Personal Information?
220.127.116.11 What processing activities does this Policy apply to?
18.104.22.168 Personal Information That We Collect
22.214.171.124 How We Use and Share Your Information
126.96.36.199.1 Cross-border Transfers of Personal Information
188.8.131.52.2 Security of Your Information
184.108.40.206.3 Data Integrity and Retention
220.127.116.11 Access to Your Information and Choices
18.104.22.168 Your rights in relation to Personal Information
22.214.171.124.1 Questions and How Contact Us
1.2 Scope; Third Party Sites.
2. What is Personal Information?
2.1 For the purpose of this Policy, “Personal Information” means information relating to an identifiable, living, natural person and, where applicable, an identifiable existing juristic person, including but not limited to –
2.1.1 Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
2.1.2 information relating to the education or the medical, financial, criminal or employment history of the person;
2.1.3 any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
2.1.4 the personal opinions, views or preferences of the person;
2.1.5 correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
2.1.6 the views or opinions of another individual about the person; and
2.1.7 the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
2.2. For the purpose of this Policy, reference to Personal Information throughout this Policy includes Special Personal Information. “Special Personal Information” means:
2.2.1 religious or philosophical beliefs;
2.2.2 race or ethnic origin;
2.2.3 trade union membership;
2.2.4 political persuasion;
2.2.5 health or sex life;
2.2.6 biometric information;
2.2.7 criminal behaviour to the extent that such information relates to the alleged commission by a data subject of an offence or any proceedings in respect of any offence allegedly committed by a data subject or the disposal of such proceedings.
3. What Processing Activities Does This Policy Apply To?
3.1 For the purpose of this Policy, “Processing” means any operation or activity or set of operations concerning Personal Information, including but not limited to, the collection, receipt, recording, organisation, collation, storage, updating, modification, retrieval, retention, alteration, use, disclosure, access, transfer, distribution, linking, merging, degradation, erasure or destruction.
3.2 This Policy will only apply to the Processing of Personal Information entered in a record by or for any entity in the Direct Health Group by making use of automated or non-automated means. Personal Information processed by non-automated means will form part of this Policy if the records so created form part of a filing system or are intended to form part thereof.
3.3 For the purpose of this Policy, a “record” means any writing on any material. It also includes information produced, recorded or stored by means of a tape-recorder, computer equipment or other device, as well as any label, marking, map, book, plan, graph, drawing, or photograph, film, negative, tape or other device in which one or more visual images are embodied.
3.4 For the purpose of this Policy, “automated means” means any equipment capable of operating automatically in response to instructions given for the purpose of processing information.
3.5 For the purpose of this Policy, a “data subject” means the person to whom Personal Information relates.
4. Personal Information We Collect
4.1 Personal Information You Provide to Us
We collect Personal Information you provide to us, for example when you register, create or modify your account via our Mobile applications, purchase products or services from us, request information from us, contact customer support, or otherwise communicate with us. This information may include:
4.1.3 Billing address
4.1.4 Email address
4.1.5 Telephone number
4.1.6 Date of birth
4.1.7 Medical practice numbers and registration details (for purposes of verifying you are a registered health professional with the relevant registered databases)
4.1.8 Photos, files, videos, chat messages and other communications between physicians and patients (but does not include the content of such communications)
4.1.9 patient lists which you provide us with (containing basic contact details of patients which you have obtained the specific consent to send marketing communications to)
4.1.10 information that we may ask you for if you enter any competition or promotion featured on our Site or if you report a problem with our Site and/or our Services;
4.1.11 if you contact us, we may keep a record of that correspondence;
4.1.12 we may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
4.1.13 details of transactions you carry out through our Site and of the fulfilment of any contract you enter into with us; and
4.1.14 details of your visits to our Site(including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise) and the resources that you access.
4.2 We may also collect information (which may include Personal Information) that our users provide, such as new or deleted postings, new or deleted comments, keyword searches, and scam reports.
4.2.1 The supply of your Personal Information is voluntary, however you acknowledge that we cannot make certain Services available to you on the Site if you do not wish to supply such Personal Information.
4.2.2 We use a third-party credit card processing company for purchases, and other third party companies to monitor website traffic, which may, in some instances, store your information, including the Personal Information you submit to such third parties.
4.2.4 Where you provide us with Personal Information relating to a third party data subject (for example, your patients), you warrant that you have obtained all necessary consents from such data subject, including the data subject’s consent for you to share such Personal Information with us to process on your behalf.
4.3 Personal Information We Collect Through Your Use of our Site
4.3.1 Google Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. (“Google“) to collect certain information relating to your use of the Site. Google Analytics uses “cookies”, which are text files placed on your computer, to help the Site analyse how users use the site. You can find out more about how Google uses data when you visit our Site by visiting “How Google uses data when you use our partners’ sites or apps”, (located at www.google.com/policies/privacy/partners/).
4.3.2. Information Collected Through Cookies and Similar Technologies
4.3.3 No Information from Children Under Age 13
If you are under the age of 13, please do not attempt to register with our services (e.g. Site or Mobile Applications) or provide any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under the age of 13, we will promptly delete that information. If you believe we have collected Personal Information from a child under the age of 13, please Contact Us.
5. How We Use and Share Your Personal Information
5.1 Direct Health may Process Personal Information in order to carry out and manage the Site, to comply with its legal obligations and to pursue its legitimate business interests.
5.2 Some examples of what Direct Health may Process Personal Information include but are not limited to the following:
5.3 To Provide Products, Services, and Information.
We collect Personal Information from you in order to:
5.3.1 provide products and services that you purchase using the Site;
5.3.2 to ensure that content from our Site is presented in the most effective manner for you and for your computer or mobile device;
5.3.3 in aggregate form, for internal business purposes such as generating statistics and developing our strategic and marketing plans;
5.3.4 register and service and manage your online account and provide customer service;
5.3.5 provide information that you request from us; contact you;
5.3.6 make our product available to you.
5.3.7 to allow you to participate in interactive features of our Services, when you choose to do so;
5.3.8 to carry out any contracts that may form between us;
5.3.9 keep logs of video calls, voice calls and text messages for audit purposes (but the content of such messages will be encrypted and not accessible by us)
5.3.10 to respond to any queries you make; and
5.3.11 to notify you about changes to our Service;
5.3.12 to notify you of amounts payable for security, administrative or legal purposes, for helping us in any future dealings with you;
5.3.13 to send you promotional materials or advertisements about our products and services, as well as new features and offerings; administer surveys and provide interest-based targeted advertising to you where you have consented to be contacted for such purposes.
5.4 Sharing with Third Parties.
We may provide information, as defined in Section 4 above, to third party service providers that help us operate and manage our Site, process orders, and fulfil and deliver products and services that you purchase from us. These service providers will have access to your Personal Information in order to provide these services, but when this occurs we will ensure that there are written contracts in place with these services providers in terms of which they undertake to implement appropriate and reasonable administrative, technical and physical security measures to protect the confidentiality and security of the Personal Information.
5.6 We belong to ad networks that may use your browsing history across participating websites to show you interest-based advertisements on those websites. Currently, our Site does not recognize if your browser sends a “do not track” signal or similar mechanism to indicate you do not wish to be tracked or receive interest-based ads. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (www.aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads on our Site, but they will not be based on how you browse and shop.
5.7 Legal Proceedings.
We may share personal information with third party companies, organizations or individuals outside of Direct Health if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
5.8 Meet any applicable law, regulation, subpoena, legal process or enforceable governmental request;
5.10 Detect, prevent, or otherwise address fraud, security or technical issues;
5.11 Protect against harm to the rights, property or safety of Direct Health, our users, customers or the public as required or permitted by law including responding to claims that any content violates the rights of third-parties;.
5.12 Transfer in the Event of Sale or Change of Control.
6. Cross-Border Transfers of Personal Information
You understand that due to the global nature of the Direct Health Group’s operations, an entity in the Direct Health Group may disclose and/or transfer Personal Information to other entities within the Direct Health Group, which are based in various locations around the world. You hereby agree that your Personal Information may be transferred to, processed and accessed at a destination outside South Africa.
7. Security of Your Information
We use industry standard physical, technical and administrative security measures and safeguards to protect the confidentiality and security of your personal information. We shall endeavour to ensure the security and confidentiality of your Personal Information as far as reasonably possible against anticipated threats or hazards to the security or integrity of the Personal Information and protect as far as reasonably possible against unauthorised access to or use of such Personal Information that could result in substantial harm. However, since the Internet is not a 100% secure environment, we cannot guarantee, ensure, or warrant the security of any information you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login information. We will not be liable for security breach arising out of you sharing your password and login details. Please note that e-mails and other communications you send to us through our “Contact Us” form are not encrypted, and we strongly advise you not to communicate any confidential information through these means.
8. Data Integrity and Retention
8.1 Direct Health will take reasonable steps to ensure that the Personal Information processed is reliable for its intended use and is accurate, up to date and complete for carrying out the purpose for which it was collected and is retained by Direct Health.
8.2 Direct Health will only retain Personal Information for as long as is reasonably necessary to achieve the purpose for which the Personal Information was initially collected, unless a longer retention period is (i) required or permitted by law or (ii) reasonably required by Direct Health for lawful purposes related to its functions or activities or (iii) required by a contract between the parties thereto or (iv) the data subject has consented thereto.
8.3 In circumstances where Direct Health is no longer authorized or permitted to retain the Personal Information, such Personal Information will be destroyed or de-identified in a manner that reasonably prevents misappropriation, reconstruction or unauthorized use.
9. Access to Your Personal Information and Choices
9.1 You can access and update certain information we have relating to your account through the profile settings on the Direct Health app. If you have questions about Personal Information we have about you or need to update your Personal Information, you can Contact Us, and chat with our support team through our Support page. You can opt-out of receiving marketing and promotional e-mails from Direct Health by using the opt-out or unsubscribe feature contained in the e-mails.
9.2 You can close your online account by going to the Privacy tab in the Direct Health app. If you close your account, we will no longer use your online account information or share it with third parties. We may, however, retain a copy of the information for archival purposes, and to avoid identity theft or fraud subject to the applicable laws regarding retention of Personal Information.
10. Your Rights in Relation to Personal Information
You have the following rights in relation to your Personal Information:
10.1 to be notified that Personal Information about you is being collected unless (i) you have consented to non-compliance; (ii) non-compliance would not prejudice your legitimate interests; (iii) compliance would prejudice a lawful purpose of the collection or is not reasonably practicable in the circumstances; or (iv) non-compliance is otherwise permitted in terms of any applicable law;
10.2 to be notified that Personal Information about you has been accessed or acquired by an unauthorised person;
10.3 to establish whether Direct Health holds Personal Information about you and request access to such information by submitting the prescribed form to Direct Health. A request to access Personal Information may be refused on any grounds permissible in law;
10.4 to request the correction, destruction or deletion of your Personal Information. Direct Health shall consider your request but is not obliged to comply with such request. In the event that Direct Health does not comply with the request, and if you so request, Direct Health will take such steps that are reasonable in the circumstances to attach to your Personal Information an indication that a correction of the information was requested but has not been made;
10.5 subject to any applicable law, to object, on reasonable grounds relating to your particular situation and in the legally prescribed manner, to the Processing of your Personal Information;
10.6 to object to Direct Health Processing your Personal Information for the purpose of direct marketing by unsolicited electronic communications;
10.7 not to be subject to a decision based solely on automated processing;
10.8 to submit a complaint to the relevant regulatory body or institute civil proceedings.
12. Questions and How to Contact Us
Direct Health Africa (Proprietary) Limited
4th Floor South, Mariendahl House, Cnr of Campground and Main Roads, Newlands on Main, Newlands, 7700