healthillion.com is provided by Healthillion Inc., which has offices in Nigeria, and the United States of America.
At Healthillion Inc. (“Healthillion”), we value your privacy and we are committed to safeguarding your personal information. All personal data that you provide us will be protected and kept confidential among our affiliates, representatives, and privies.
Throughout this document, the terms “we”, “us” and “our” refer to Healthillion.
This policy also sets out your rights and who you may contact for further information.
Your use of our services, and any dispute over privacy is subject to this Policy and our Terms of Service, including its applicable limitations on damages and the resolution of disputes. Our Terms of Service are incorporated by reference into this Policy.
Our website and services are not directed at you if we are prohibited by any law of any jurisdiction from making the information on our website available to you and is not intended for any use that would be contrary to local law or regulation.
3. Age Restriction
You affirm that you are over the age of 18 years and have the right to contract in your own name, and that you have read the above authorisation and fully understand its contents.
4. Information We Collect.
There are two categories of information we collect. We collect a variety of information from our users and visitors to our website. As described below, some information is automatically collected when you visit our website, and some you provide to us when filling out a form or communicating with us.
4.1. Information Collected Automatically: Whenever you visit our website, our web servers automatically collect non-personal information such as the domain name of the internet access provider, the internet protocol address used to connect the computer to the internet, the average time spent on our website, pages viewed, information searched for, access times, and other relevant statistics.
4.2. Information You Provide Us: If you provide us with personal information, by contacting us, or subscribing to our services we collect the following personal information:
4.2.1. Username and password;
4.2.2. Contact information;
4.2.3. Payment information;
4.2.4. Any other information you provide to us.
5. Using Your Personally Identifiable Information
“Personally Identifiable Information” means any information that (a) identifies or can be used to identify, contact, or locate the person to whom such information pertains, or (b) from which identification or contact information of an individual person can be derived.
We primarily collect your information to ensure that we provide the most efficient service to you, monitor the use and improve our website and other legitimate interests. Your information will solely be used and disclosed for the following purposes:
5.1. To help us verify your identity;
5.2. To carry out our obligations ensuing from any contracts entered into between you and us;
5.3. To provide you with the products, services and information you request from us;
5.4. To assist you with enquiries and improve our customer service;
5.5. To assist us in carrying out marketing analysis and customer profiling (including transactional information), conduct research, including creating statistical and testing information;
5.6. To allow us to communicate with you in any way (including e-mail, telephone, visit, and text or multimedia messages);
5.7. For our billing and account purposes;
5.8. To help prevent and detect fraud or loss;
5.9. To update our records;
5.10. To make recommendations and suggestions to you about services offered by us unless you have previously asked us not to do so;
5.11. To send you service or support messages, such as updates, security alerts, email notifications and /or newsletters;
5.12. To conduct investigations and risk assessments; and
5.13. For compliance with legal and regulatory obligations.
6. Data Accuracy
Your personal data must be accurate and kept up to date. In this regard, Healthillion shall ensure that any data it collects and/or processes is accurate and not misleading in a way that could be harmful to you; make efforts to keep your personal data updated where reasonable and applicable; and make timely efforts to correct or erase your personal data when inaccuracies are discovered.
7. Other Information We Collect
Other information which may be automatically collected from you when you visit our website include; domain name of your internet service provider, the internet protocol address used to connect the computer to the internet, the average time spent on our website, pages viewed, information searched for, access times, your geographical location, operating system, referral source, and other relevant statistics.
We may also collect information from you using cookies and other analytical tools especially when you use our products and services. More details are provided below in our section on Cookies.
8. Data Confidentiality
Your information is regarded as confidential and will not be divulged to any third party, except under legal and/or regulatory conditions. You have the right to request copies of any and all information we keep on you if such requests are made in compliance with applicable laws. While we are responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes but is not limited to, adopting, and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of Healthillion.
9.2. We may request and provide information about you from and to third parties to provide our services.
9.3. We will notify you as soon as we become aware of a harmful data breach which may result in a risk of your rights and freedom.
9.4. You have the right to request an erasure of your data at any time.
9.5. We will notify you if we are transferring your data.
9.6. You may request at any time that we halt further dissemination of your data or cease to use your data.
9.7. If you submit content in a public forum or a social media post, or use a similar feature on our website, that content is publicly visible.
9.8. We may disclose Personally Identifiable Information if required to do so by law or in the good faith belief that such action is necessary to (a) conform with the requirements of the law or comply with legal process served on us, or (b) act in urgent circumstances to protect the personal safety of users of our service or members of the public.
9.9. To the extent practicable and legally permitted, we will attempt to advise you prior to any such disclosure, so that you may seek a protective order or other relief limiting such disclosure.
- Transfer of Personal Data
- Third Party Processor
We may engage the services of third parties in order to process your personal data. The processing by such third parties shall be governed by a written contract with Healthillion Inc. to ensure adequate protection and security measures are put in place by the third party for the protection of your personal data in accordance with the terms of this policy and Data Protection Laws.
10. Transfer of Personal Data to Foreign Country
10.1. Where your personal data is to be transferred to a to a foreign country or international organisation for the purpose of providing our service to you, Healthillion shall put adequate measures in place to ensure the security of such data. In particular, Healthillion shall ensure that such transfer is in accordance with Data Protection Laws and that the foreign country receiving such data has adequate data protection laws. We will also always document the basis of such international transfers and the adequacy of data protection relied upon.
11. Your Rights
Subject to certain limitations and exceptions, you are entitled to the following principal rights:
11.1. You have the right to be notified if we are transferring your personal information.
11.2. You have the right to request an erasure of your personal information at any time.
11.3. You have the right to request that we rectify inaccurate personal information.
11.4. You may request at any time that we halt further dissemination of your data or cease to use your personal information.
11.5. You have the right to request for copies of your personal information.
11.6. You have the right to file a complaint with the Data Protection Commission if you are unsatisfied with how we process your data.
11.7. You may also withdraw your consent at any time by sending a withdrawal notification to the email provided below. Kindly note that a withdrawal of consent will not affect already processed data and we may retain your information as required by law.
12. Website Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures such as secure sockets layer (SSL) to safeguard and secure the information we collect online. We use encryption tools when accepting and transmitting delicate visitor information through our website. Some of the other safeguards we use are firewalls and physical access controls to our data centres, and information access authorization controls.
We shall ensure that employees who collect, access and process your personal data receive adequate data privacy and protection training in order to develop the necessary knowledge, skills and competence required to effectively manage the compliance framework under this policy and Data Protection Laws with regard to the protection of personal data. On an annual basis, we shall develop a capacity-building plan for our employees on data privacy and protection in accordance with Data Protection Laws.
15. The Data We Retain
We will retain your information for as long as needed to provide you with our services, comply with our legal and statutory obligations or verify your information with a financial institution.
We are obligated to retain the data you provide to us in order to process transactions, ensure settlements, make refunds, identify fraud and be in compliance with laws and regulatory guidelines applicable to us, our banking providers and credit card processors.
16. Data Breach Management Procedure
In the event where there is any accidental or unlawful destruction, processing, loss, alteration, unauthorized disclosure of or access to your personal data, we shall:
16.1. notify you within 24 hours of the occurrence of the data breach;
16.2. properly investigate the breach and take the necessary steps to mitigate such breach;
16.3. identify remediation requirements and track the resolution of such breach; and
16.4. notify the appropriate regulatory authority, where necessary.
17. Links to Third Party Websites
Our website may contain links to third-party websites or services that are not owned or controlled by us.
17.1. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. You further acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such websites or services.
17.2. We strongly advise you to read the terms and conditions and privacy policies of any third-party websites or services that you visit.
18. Limitation of Liability
We exercise reasonable efforts to safeguard the security and confidentiality of your personal data; however, we will not be liable for unauthorised disclosure of personal data that occurs through no fault of ours.
20. Contact Us
This policy is effective as of 09 October 2023
Last updated: 09 October 2023