إبحث عن أطباء، تخصصات، عيادات...

Privacy Notice

Last Updated: June 2025

1. Introduction

HeliumDoc, a product of Helium Health and its affiliates (collectively or individually as applicable, referred to as “HeliumDoc”, "We", "Us", or "Our") offer users a platform or website or service to quickly access the services of top healthcare providers in Africa (including Nigeria, Kenya, and Uganda and the respective Gulf Cooperation Council (“GCC”) member states, namely Qatar, Saudi Arabia, Kuwait and the United Arab Emirates (“UAE”).

This Privacy Notice (the or this “Notice”) governs your use of Our website https://www.heliumdoc.com/ (the “Website” or “Platform”, and any other software, online platform, website, mobile or tablet application or domain used to provide Our services (collectively the “Services"). We provide this Notice because you have a right to know what information We collect, why We collect it, how it is protected, processed, used, and the circumstances under which it may be disclosed.

For the purposes of this Notice, "User" “End-User” “Patient”, “You”, or “Your” refers to any individual accessing or using the “Website” or “Platform” or “Services”).

In this Notice, “Data” means Your personal data, anonymized data, pseudonymised data, and any other/all variations or forms of Your data that We process.

2. Terms of Use

You are required to comply with the provisions of Our Terms of Use in relation to the information provided.

3. Your Data that We Process

Personal Data is any information about an individual that can be used to identify that individual directly or indirectly. While using the Website, We may request Your personal information from You in order to contact or identify You, and some information may be collected automatically in order for Our Website to function properly. We also collect Personal Data from third-party sources or through Your use of Our Services, such as when You sign-up or register for any of Our Services. We obtain the following information:

Health Care Providers/SpecialistsPatientsAll visitors
Full name of the person signing upFull name of the patientSearch queries
Name of the health care facilityEmail address of the patientThe IP address used to connect your device to the internet for identification purposes
Country of ResidencePhone numberLogin email address and password
Email addressAgeName of the internet service provider (ISP)
Phone numberHealth or Medical history/records/information/statusDate and time of visit
Full names of medical professionalsHome addressWeb pages visited, duration, and frequency of visits
Medical qualificationCountryBrowsing Behaviour
Type of facilityGenderDevice ID
LocationLanguage
Financial detailsFinancial details
Criminal history/records
Sexual history
Data (used for AI model training and system improvement)

4. Sensitive Personal Data

Sensitive Personal Data includes Data pertaining to religious or other beliefs, sexual orientation, health, race, ethnicity, political views, trade union membership, criminal records, and any other sensitive personal information. We will only process Sensitive Personal Data (health data) of Patients on behalf of health care providers with the Patients' express consent or in order to fulfil the healthcare facilities and care provider’s obligation to provide care services.

5. Cookies and Tracking Technologies

Cookies are tools used to automatically collect information from You when You visit Our website. We use cookies, and information about their usage is specified in Our Cookies and Tracking Technologies Notice.

6. Purposes and Lawful Bases for Processing Data

We are required to process Your Data under at least one of these lawful bases, as specified under the relevant data protection laws:

  • Legitimate interest: Processing Your Data is necessary for Our legitimate interests or the legitimate interests of a third-party, provided Your rights and interests do not outweigh those interests.
  • Consent: You have given explicit consent for Us to process Your Data for a specific purpose.
  • Contract: If the Data processing is necessary for a contract with Us or because We have asked You to take specific steps before entering that contract.
  • Legal obligation: If the processing of Your Data is necessary where there is a statutory obligation on Us.
  • Public Health: We may process data to support initiatives aimed at preventing disease, protecting health and promoting well-being of the general public.

We process your data (including, but not limited to, your personal data, anonymized data, pseudonymised data, and any other variations or forms of your data) for any or all of the following purposes:

Purpose of ProcessingLawful Bases
  • To administer Our Services.
  • To help Us develop, improve, customise or restructure Our Services.
  • To inform You whenever there are changes to Our terms of business or Services.
  • To share Personal Data with third-parties service providers that provide Services on our behalf.
Legitimate interest, contract
  • To send marketing or promotional messages to You about Our new products, services and other offerings.
  • To install non-strictly necessary cookies on Your device.
  • To manage Personal/Sensitive Data of Patients.
  • To promote Our products and Services by gathering and analysing survey responses, insights and testimonials.
  • To securely train Artificial Intelligence models and enhance computer systems for advancing healthcare technologies and developing improved tools for diagnosis, treatment, and healthcare delivery, including through the use of patient data.
Consent
  • Enhancing Our products or Services.
  • Collecting, analysing, sharing, and additional processing of your data for statistical purposes, market insights, and internal or external reporting.
  • Supporting Our business objectives, (such as potential collaborations, partnerships, or other opportunities) including, but not limited to, collecting, analysing, sharing, and any additional processing of Your data for the following activities:
    • generating marketing, data-driven insights and data analytics;
    • marketing enhancement of HeliumDoc or Helium Health’s products or services;
    • purposes related to Helium Doc’s or Helium Health’s legitimate interests;
    • statistical purposes, market research and analytics;
    • supporting HeliumDoc or Helium Health’s business interests, legitimate interests, and other interests.
  • To take statistical data and analytics for Our internal use.
  • To send You service-related messages.
  • To analyse site usage and provide, maintain, and improve the content and functionality of the site.
  • To contact/communicate with You/your staff/your representatives for the purpose of improving and enhancing the quality of your customer experience and for patient support.
Legitimate interest
  • Supporting our business objectives, (such as potential collaborations, partnerships, or other opportunities) including, but not limited to, collecting, analysing, sharing, and additional processing of your data for the following activities:
    • enabling system learning and innovation in healthcare tools and medical research, clinical research, and other forms of research or initiatives;
    • the overall advancement of healthcare in Africa and the rest of the world;
    • clinical trials and studies aimed at improving healthcare outcomes and advancing medical knowledge, amongst other objectives.
Public Health
  • To secure Your Data and prevent fraud.
Legitimate interest, legal obligation
  • To manage Your account.
  • To enforce Our terms of Service and any terms and conditions of any other agreements for our Services.
  • To recommend and match You with a patient.
  • To recommend Your expert services to potential clients/Patients.
  • To address Your inquiries, process Your registration, and complete Your transactions.
  • To enable an easy payment system.
Contract
  • To share Data with Our affiliates and partners.
Contract, consent
  • To fulfil Our Know Your Customer (KYC) obligation.
  • To interact with regulatory authorities or other public authorities concerning you.
Legal obligation

7. Your Rights as a Data Subject

Depending on Your location and subject to the applicable law(s), You are vested with certain rights as a Data subject. They include the right to:

  1. Access Personal Data We hold about You by requesting a copy of the Personal Data we hold about You;
  2. To request information about the disclosure of your Personal Data and to whom it is disclosed;
  3. Rectify such information/Data where You believe it to be inaccurate;
  4. Restrict the processing of Your Data in certain circumstances;
  5. Object to the processing of Your Data where We intend to process such Data for marketing purposes;
  6. Where feasible, receive all Personal Data You have provided to Us in a structured, commonly used, and machine-readable format and transmit the information to another Data controller or processor;
  7. Request the erasure of Your Data (also known as the right to be forgotten);
  8. Withdraw Your consent to the processing of Your Data including any AI-related processing;
  9. Not be subjected to a decision based solely on automated processing or profiling; and
  10. Lodge a complaint with a relevant authority where You have reason to believe that We have violated the term(s) of this Privacy Notice. (You may complain or seek redress from Us within thirty (30) days from when You first detected the alleged violation).

You may seek to exercise any of the above rights at any time by sending Us an email at heliumdocprivacy@heliumhealth.com.

In the event of a complaint, Users may direct such a complaint to Us or to the appropriate supervisory authority in their respective country. See clause 12 of this Privacy Notice on jurisdiction-specific provisions for more details.

8. Who do We Share Your Data With?

We share Your Data with the following third-parties and affiliates:

Third PartiesPurpose of data sharing
Google AnalyticsWe use various Google APIs and services for our Website’s operation. Read Google’s Privacy Notice here.
Google Tag ManagerWe use Google Tag Manager to centrally manage all users tracking codes. Read their Privacy Notice here.
Google Ad ServicesWe use Google Ad Services to help promote our business and sell our products and services. Read Google Ads’ Privacy Notice here.
MixpanelWe use Mixpanel for product analytics and to engage users. Read Mixpanel’s Privacy Notice here.
StripeWe use Stripe to enable users to make financial transactions. Read Sripe's Privacy Notice here.
WixWe use Wix to help us create and manage our online presence. Read their Privacy Notice here.
ZapierWe use Zapier for automation. Read Zapier’s Privacy Notice here.
Google CloudThis is used to protect your Data from fraudulent activity, spam, and abuse. Read Google’s Privacy Notice here.
InfobipWe use their cloud communications platform to enable us to communicate with you. Read their Privacy Notice here.
AWSWe use AWS for cloud computing. Read their Privacy Notice here.
MailchimpWe use their service to send users marketing emails. Read Mailchimp's privacy Notice here.
HotjarWe use it to analyse how users interact with our website. Read Hotjar’s Privacy Notice here.
MetaWe use their service to measure ad impressions and provide advertising and site analytics services. Read Meta’s Privacy Notice here.
Tingg by CellulantWe use their service to process payments for African countries such as Kenya. Read Tingg’s Privacy Notice here.
TermiiTermii helps us use messaging channels to verify and authenticate transactions. Read Termii’s Privacy Notice here.
Financial Institution(s)We collaborate with various financial institutions to develop and market our product, and we may only use this information to market-related products unless the customer has given consent for other uses.
Legal and Regulatory AuthorityWe may disclose your personal information if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect any person's safety, or to address fraud, security, or technical issues.
Service ProvidersWe will share your Data with service providers in order for them to provide services to us, such as payment processing service providers, or to conduct Data processing on our behalf, or for Data verification, centralisation, or logistics purposes. This includes cloud computing providers, AI model developers, and data analytics partners who process data strictly under our instructions and under robust contractual safeguards.
HeliumDoc’s AffiliatesWe share Data with other HeliumDoc affiliated entities, including Meddy QSTP-LLC, Meddy Technologies-FZE, One Global Medical Technology Limited, and Helium Health Limited. When we share Data with these entities, it is for purposes identified in this Privacy Notice.
HeliumDoc’s PartnersWe collaborate with other health organisations to conduct medical research and surveys aimed at improving healthcare delivery. With your explicit consent, We may share Your Data with these partners for research purposes.
Collaborative PartnersWe collaborate with other businesses/partners to support our legitimate business objectives and may share Your Data with these partners to achieve these objectives.

9. Retention of Your Data

The Data and any other information We collect from You will be stored for as long as necessary to fulfil the purposes described in this Notice.

However, We will also retain Your Data subject to relevant provisions of the applicable laws, resolve disputes, prevent fraud and abuse, and enforce our legal agreements and policies.

In addition, We delete your Data for targeted marketing purposes once You unsubscribe from Our marketing communications.

Please note that Your Data may be retained for a longer period, notwithstanding Your request to remove it, where there is a legal requirement on Us to do so.

10. How Your Data is Stored and Secured

We are very particular about preserving Your privacy and protecting Your Data. We deploy reasonable and appropriate technical and organisational measures to keep Your Data safe. However, we cannot completely guarantee the security of any information You transmit via Our Website, as the internet is not an entirely secure place. Nevertheless, We are committed to doing Our best to protect You.

We protect Your Data using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure, and alteration.

Where there is an actual or suspected Data breach capable of causing harm to Your rights and freedoms, We will notify You without undue delay and use our best effort to remedy the breach promptly.

11. International Transfer of Data

As a multinational with a presence in multiple countries, We may transfer Your Data outside Our country of operation or where You are resident. We sometimes transfer Data internationally using third-party providers when We offer Our Services. We ensure any cross-border Data transfers adhere to all necessary Data protection laws and regulations. This means that before transferring Your Data, We either confirm that the recipient country has robust Data protection law(s) or, if not, employ specific contractual terms and other appropriate safeguards to protect Your Data. In cases where the destination country might not meet stringent Data protection standards, We will leverage the relevant Data transfer mechanism, seek authorisation from the regulator, or obtain Your consent before proceeding and inform You of any risks. Wherever Your Data is processed globally, We ensure the consistent application of the protections outlined in this Notice. Should You wish to learn more about how We ensure Data protection during these transfers, details will be provided upon request.

Data used for analytical purposes is transferred to secure data centres or trusted partners. These transfers are conducted under legally approved mechanisms, ensuring a level of protection commensurate with applicable data protection laws and regulations. We also use a tamper-proof, append-only audit trail to record all data access, consent, and withdrawal actions in accordance with our accountability obligations.

12. Jurisdiction-Specific Provisions

Nigeria: The Nigeria Data Protection Act 2023 (“NDPA”) provides for the rights of Data subjects, including the right to access, object to processing, restrict processing, data portability, not to be subject to automated processing, erasure, rectification, withdraw consent to processing and the right to lodge a complaint with the supervisory authority. You can contact Our Data Protection Officer (“DPO”) at heliumdocprivacy@heliumhealth.com at any time to exercise any of these rights. In the case of a complaint, You can contact the supervisory authority at info@ndpc.gov.ng.

Kenya: Data is processed in Kenya according to the Data Protection Act and the Data Protection Regulations. The legal framework provides for the rights of Data subjects, which We respect. We also ensure that Our processing is in accordance with the relevant law. You can contact Our Data Protection Officer (“DPO”) at heliumdocprivacy@heliumhealth.com for any inquiries or to exercise Your rights. In case You have a complaint, feel free to contact the supervisory authority at policy@odpc.ke.

Uganda: Uganda’s Data Protection and Privacy Act and its Data Protection and Privacy Regulations regulate the processing of Personal Data in the country and any international transfer of data. It provides for the rights of data subjects, such as the right to erasure, blocking, destruction, access, rectification, prevention of processing, appeal to a decision to continue processing, and automated processing. If You wish to exercise Your rights, You can contact Our Data Protection Officer (“DPO”) at heliumdocprivacy@heliumhealth.com. Data subjects can lodge any complaint with the supervisory authority at info@pdpo.go.ug.

Saudi Arabia: The relevant law is the Saudi Arabia Personal Data Protection Law (“PDPL”), which provides for Your rights as a data subject. Although the law does not provide for the right to object to processing, restrict processing, or demand not to be subject to automated decision making, You have the right to information, access, data portability, rectification, and destruction of Your Data. You can contact our Data Protection Officer (“DPO”) at heliumdocprivacy@heliumhealth.com to exercise any of these rights. Alternatively, You can lodge a complaint directly with the supervisory authority, the Saudi Data and Artificial Intelligence info@sdaia.gov.sa.

Kuwait: The Data Privacy Protection Regulation (“DPPR”) provides for Your rights as a data subject using Our services in Kuwait. We process Your Data only based on Your consent and in accordance with the principles of lawful processing as provided under the regulations. We will not transfer Your Data outside Kuwait unless You have consented to such a transfer. You can contact our Data Protection Officer (“DPO”) at heliumdocprivacy@heliumhealth.com to learn more about how we process Your Data or lodge a complaint with the Supervisory Authority at info@citra.gov.kw.

The United Arab Emirates: We process Data in the United Arab Emirates (“UAE”) according to the Federal Law on the Protection of Data. You can get in touch with Us to exercise Your rights under the data protection law by contacting Our Data Protection Officer (“DPO”)at heliumdocprivacy@heliumhealth.com.

Qatar: The applicable law is the Qatar Data Privacy Protection Law (“PDPPL”), which provides for the rights of data subjects and imposes obligations on us to ensure the security of Your Data. You can contact our Data Protection Officer (“DPO”)at heliumdocprivacy@heliumhealth.com to exercise Your rights and file any complaints. You can also lodge a complaint with the supervisory authority at cdp@motc.gov.qa.

13. Marketing and Communications

We only send marketing communications to You with Your consent, which You provide by opting to use the Website/Platform/Service. You can opt-out of our marketing or object to further processing by clicking on the 'unsubscribe' button at the bottom of the page.

14. Complaints

If You are concerned about an alleged breach of data protection law or any other regulation by Us, You can contact the Data Protection Officer (“DPO”) at heliumdocprivacy@heliumhealth.com The DPO will investigate Your complaint and provide information about how it is handled.

Please be informed that You may complain to the relevant data protection supervisory authority if Your complaints are not satisfactorily addressed.

15. Changes to this Notice

We update Our Privacy Notice from time to time. We will notify Our Users when we make a change, and visitors will know this by checking the last date of update on this page whenever they visit.

16. Contact Us

If You have any questions relating to this Notice, Your rights under this Notice, or are not satisfied with how We manage Your Personal Data, kindly reach out to our Data Protection Officer at heliumdocprivacy@heliumhealth.com or email us at contact@heliumdoc.com

التخصصات
طبيب أمراض النساء والولادةأطباء الامراض الجلديةطبيب أسنانطبيب أطفال
المناطق
أبو هامورالوعبدحيلالهلال
إقرأ عنا
وظائفالمدونةاتصل بناالشروط والأحكامسياسة الخصوصية
للعيادات
إضافة طبيبتطبيقات مصغرةوظائف طبية في قطرعيادات