At Ponea, we are committed to protecting your privacy and we take great care with your Personal Data.
If you have any questions, feel free to contact us at firstname.lastname@example.org.
Personal Data” means Personal Data about a natural person who is identified or can be identified from that Personal Data (either by itself or when combined with other Personal Data).
1. What Personal Data do we collect?
Online and Offline Payment Processing Information
Information from Third-Party Sources
Information Ponea Automatically Collects When You Use The services
PONEA HEALTH; KENYA, MAURITIUS, THE NETHERLANDS.
Some Personal Data, which may include Personal Data, is automatically collected when you use our services, such as traffic data. We also may automatically collect certain data when you use the services, such as (1) IP address; (2) domain server; (3) type of device(s) used to access the services; (4) web browser(s) used to access the services; (5) referring webpage or other source through which you accessed the services; (6) geolocation Personal Data; and(7) other statistics and Personal Data associated with the interaction between your browser or device and the services.
2. How Ponea Collects Information
Ponea collects Personal Data (including Personal Data and traffic data) when you use and interact with the services, and in some cases from third party sources. Such means of collection include:
- When you use the services’ interactive tools and services, such as searching for Healthcare Providers and searching for available appointments with Healthcare Providers prior to Healthcare Provider appointments;
- When you voluntarily provide Personal Data in free-form text boxes through the services or through responses to surveys;
- If you download and install certain applications and software we make available, we may receive and collect Personal Data transmitted from your computing device for the purpose of providing you the relevant services;
- If you use a location-enabled browser or download our mobile application, we may receive Personal Data about your location and mobile device, as applicable;
- Through cookies, analytics services and other tracking technology, as
- When you use the “Contact Us” function on the Site, send us an email or otherwise contact us.
3. For what purpose do we collect the Personal Data?
We collect this data to improve services for the user.
4. Tracking Tools
We may use tools outlined below in order to provide our services to, advertise to, and to better understand users.
Web Analytics services: We may use third-party analytics services in connection with our services, including, for example, to collect your country where you are logging on, IP address, time spent on the Website or mobile applications, pages visited and other user Personal Data.
5. Who do we share this Personal Data with?
We may disclose and transfer your Personal Data in connection with such partners’ use of the services
In certain circumstances, and in order to perform the services, we may share certain Personal Data that we collect from you to select third parties, agents, contractors and service providers or partners with restrictions that they may not use your Personal Data for any other purposes and on the basis of a Non-Disclosure agreement and subject to compliance with Data Protection Laws, as described in this section:
Healthcare Providers: We may share your Personal Data with Healthcare Providers with whom you choose to schedule through the services.
We will never sell email addresses to third parties. We may share your Personal Data with our partners to customize or display our advertising.
We may share your Personal Data and/or traffic data with our partners who perform operational services (such as hosting, billing, fulfilment, data storage, security, insurance verification, web service analytics, or ad serving) and/or who make certain services, features or functionality available to our users.
We may share your Personal Data with the insurance provider you identify to us (and do so via our partners) to determine eligibility or otherwise obtain benefit plans and other insurance-related Personal Data on your behalf.
Public Information and Submissions: You agree that any Personal Data that you may reveal in a review posting, online discussion or forum is intended for the public and is not in any way private. Carefully consider whether to disclose any Personal Data in any public posting or forum. Your submissions may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
Protection of Ponea and Others: We also may need to disclose your Personal Data or any other Personal Data we collect about you if we determine in good faith that such disclosure is needed to: (1) comply with or fulfil our obligations under applicable law, regulation, court order or other legal process; (2) protect the rights, property or safety of you, Ponea or another
party; (3) enforce the Agreement or other agreements with you; or (4) respond to claims that any posting or other content violates third-party rights.
6. International Data Transfers
From time to time, Ponea may need to transfer your Personal Data outside of the country or may receive Personal Data from outside of the country as part of its service delivery. Both the receiving and disclosing parties shall ensure adequate safeguards with respect to security and protection of Personal Data are in place in compliance to Data Protection laws.
7. How secure is your Personal Data?
The security of your Personal Data is important to us. We endeavour to follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and in storage as follows;
- A firewall to prevent unauthorized external access to our system.
- Your account is protected by a password for your privacy and security. If you access your account via a third-party site or service, you may have additional or different sign-on protections via that third-party site or service. You must prevent unauthorized access to your account and Personal Data by selecting and protecting your password and/or other sign-on mechanism appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
- SSL certificates for customer-facing websites and external connections, except connections that go through a secured VPN.
- Our systems have capability to detect any data security breaches and timely appropriate action taken to remedy.
- All our employees are trained to ensure high standards in relation to data protection.
- We use best efforts to keep confidential any Personal Data collected which may be of confidential nature, with the exception of such Personal Data which:
- was already known to us prior to receiving such Personal Data from the end user.
- was received from a third party who is not subject to similar confidentiality restrictions.
- is independently developed by us; and/or
- is required to be disclosed by applicable Law.
Notwithstanding clause above, we reserve the right to disclose any Personal Data collected to any person if, in our reasonable opinion, it is:
- required by applicable Law.
- necessary to comply with a court order or other legal process.
We shall take all reasonable precautions to preserve the integrity and prevent any corruption or loss, damage or destruction of Personal Data in our possession
- Our security practices and procedures are certified and are audited on a regular basis.
- Although we make best possible efforts to transmit and store all the Personal Data in a secure operating environment that is not open to the public, there is no such thing as complete security, and we do not guarantee that there will be no unintended disclosures of any Information Collected. If We become aware that any Personal Data has been disclosed in a manner that is not in accordance with this Policy, We will use best efforts to notify you of the nature and extent of such disclosure (to the extent of our knowledge) as soon as reasonably possible and as permitted by Law.
- We store and process your Personal Data on our servers in Amazon Cloud Sevices. We maintain industry standard backup and archival systems.
- Although we make good faith efforts to store Personal Data in a secure operating environment that is not open to the public, we do not and cannot guarantee the security of your Personal Data. If at any time during or after our relationship we believe that the security of your Personal Data may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we will endeavour to notify you as promptly as possible under the circumstances. If we have your e-mail address, we may notify you by e-mail to the most recent e-mail address you have provided us in your account profile. Please keep your e-mail address in your account up to date which can be updated at any time in your account profile.
8. What Choices Do You Have When Using The Service
You can always opt not to disclose Personal Data to us, but keep in mind some Personal Data may be needed to register with us or to take advantage of some of our features.
If you are a registered user of the services, you can modify certain Personal Data or account Personal Data by logging in and accessing your account. The Personal Data you can view, update, and delete may change as the services change.
If you wish to close your account, please email us at email@example.com. Ponea will use reasonable efforts to promptly delete your account and the related Personal Data. Please note, however, that Ponea reserves the right to retain Personal Data from closed accounts, including to comply with law, prevent fraud, resolve disputes, enforce the agreement and take other actions permitted by law.
You must promptly notify us if any of your account data is lost, stolen or used without permission.
9.For how long do we keep your Personal Data? Where do we keep it? How do we keep it?
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you services. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, prevent fraud, enforce the Agreement, or as otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some Personal Data in a depersonalized or aggregated form but not in a way that would identify you personally.
10. Information Provided on Behalf of Minors and Others
If you are a parent or legal guardian of a minor, you may, in compliance with the Agreement, use the services on behalf of such minor. Any Personal Data that you provide us while using the services on behalf of your minor child will be treated as Personal Data as otherwise provided herein.
If you use the services on behalf of another person, regardless of age, you agree that Ponea may contact you for any communication made in connection with providing the services or any legally required communications. You further agree to forward or share any such communication with any person on behalf of whom you are using the services.
11. Other Web services
You may have arrived at the services from, or begun your use of the services at, a third-party web service, including a third-party web service that links to Ponea or embeds Ponea content. The presence of such links or content on third-party web services does not mean that we
PONEA HEALTH; KENYA, MAURITIUS, THE NETHERLANDS.
12. Healthcare Service Providers and Their Obligations
Ponea will share basic Personal Data on the user with the Healthcare Providers who you elect to visit for an appointment through the Service. This ensures that an appointment can be booked at your preferred time and date. These Healthcare Service Providers may need to collect additional Personal Data from you to build a medical history while carrying out their duties.
The Healthcare Provider is required to obtain consent from the patient in person during their initial consultation, to allow the Healthcare Provider to collect and store Personal Data, medical history and other Information as needed, on the patient. The Healthcare Provider will not share this Personal Data with us or anyone else without the prior approval of the patient. Ponea is in no way responsible for obtaining this approval for the Healthcare Provider and is in no way liable for any data collected by the Healthcare Provider.
13. What are your rights as a data subject?
We have mechanisms in place to ensure that you can exercise the following legal rights.
- Right to give and withdraw consent at any time
- Right to be informed of the use to which Personal Data is to be put
- Right to access your Personal Data
- Right to object to the processing of all or part of your Personal Data unless there is a compelling legitimate interest or for legal purposes
- Right to request confirmation of what Personal Data is held
- Right to request correction of any errors, omissions, out-dated, Personal Data inaccurate, incomplete or misleading personal data, and request third parties processing the personal data of the request. This will however not apply to Personal Data required for legal purposes
- Right to request cessation of use the Personal Data
- Right to request removal from any contact/mailing list
- Right to restrict use of your Personal Data
- Right to request deletion of Personal Data that is irrelevant, excessive or obtained unlawfully, and request third parties processing the Personal Data of the request. This will however not apply to Personal Data required for legal purposes
- Right to request transfer of Personal Data to another organisation
14. Review of Policy
I consent to Ponea using my personal data for providing me the services.
I am aware that I can withdraw my consent at any time by sending an email to firstname.lastname@example.org.