Our Privacy Policy

This Privacy Policy describes our policies and procedures on the collection, use and disclosure of your information when you use the Service and it tells you about Your privacy rights and how the law protects You. We use your Personal data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy is for MedappKonsult Users and Affiliates.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

● "Account" means a unique account created for you to access our Service or parts of our Service.

● "Application" means the software program provided by the organization downloaded by you on any electronic device, named Mak

● "Cookies" are small files that are placed on your computer, mobile device or any other device by a

website, containing the details of your browsing history on that website among its many uses.

● "Device" means any device that can access the Service such as a computer, a cell phone or a digital tablet.

● "Personal Data" is any information that relates to an identified or identifiable individual.

● "Services" refers to the activities the App and/or Website will be providing.

● "Usage Data" refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

“Users” means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Personal Data

● Email address

● First name and last name

● Phone number

● Address, State, Province, ZIP/Postal code, City

● Information regarding your location

We use this information to provide features of our Service, to improve and customize Our Service.

The information may be uploaded to the organization's server and/or a Service Provider's server or it may be simply stored on your device.

HEALTH AND MEDICAL INFORMATION

We collect and process the following health-related data:
Medical Information:
  • Medical history and current health conditions
  • Symptoms and health concerns reported during consultations
  • Allergies and adverse reactions
  • Current medications and prescriptions
  • Vital signs (blood pressure, weight, temperature, etc.)
  • Lab test results and medical reports
  • Consultation notes and treatment plans
  • Diagnostic information
  • Physical therapy progress and records
  • Mental health information (for psychotherapy services)
How We Use Health Data:
  • Providing telemedicine consultations with licensed doctors
  • Maintaining your medical records
  • Coordinating care between healthcare providers
  • Emergency medical services and ambulance dispatch
  • Home healthcare services (physiotherapy, geriatric care)
  • Laboratory test coordination and results delivery
  • Prescription management
Health Data Sharing:
We share your health information ONLY with:
  • Licensed doctors providing your consultation
  • Healthcare professionals delivering your care
  • Laboratory services processing your tests
  • Pharmacies fulfilling your prescriptions
  • Emergency services when ambulance assistance is requested
  • As required by Nigerian medical and health regulations

Above is based on Standard Regulatory Practices of countries
worldwide and as required by Nigerian medical and health regulations
(where medappkonsult as an organisation was registered)

Legal Basis for Processing Health Data:
  • Your explicit consent
  • Medical diagnosis and healthcare provision
  • Compliance with Nigerian medical regulations
Health Data Retention:

Medical records for adults are retained between 5 - 15 years
internationally, while electronic ones can be longer. For this service
our Online Medical recordings will be retained between 7 and 10 years
(depending on the client's medical condition) especially as required by
Nigerian medical regulations, even if the account had been summarily
deleted on client's request. After this period, data will then be securely
destroyed.

Your Health Data Rights:
  • Access your complete medical records
  • Request corrections to inaccurate information
  • Download your health data
  • Withdraw consent (may limit services)
  • File complaints with the Nigeria Data Protection Commission
PHOTOS, VIDEOS, AND AUDIO
We collect:
  • Photos: Profile pictures, medical condition images for remote diagnosis, document uploads (prescriptions, medical records, ID verification)
  • Videos: Video consultations with doctors, educational health content viewing
  • Audio: Phone consultations, video call audio, voice messages to doctors
Recording of Video and Audio Consultations
Video and audio consultations may be recorded for:
  • Medical record keeping
  • Quality assurance
  • Training purposes (with your explicit consent)
  • Legal compliance
You will be notified before any recording begins and may decline recording. Declining recording may affect service quality or availability.
COMMUNICATIONS AND MESSAGES
We collect and store:
  • Chat messages with doctors and healthcare providers
  • SMS messages (appointment reminders, OTP verification)
  • Email communications
  • In-app notifications
  • Support messages
Medical communications are retained as part of your medical record for 10 years.
LOCATION INFORMATION
Approximate Location (City / Region)
  • Used to connect you with nearby doctors and healthcare providers
  • Verify you are in Nigeria (our service area)
  • Determine service availability in your area
  • Show regional health information
Precise Location (GPS Coordinates)
Precise location data is collected ONLY when:
  • You request ambulance services
  • You request home healthcare services for provider navigation
This data is used for:
  • Emergency response coordination and ambulance dispatch
  • Sharing with ambulance services to locate you quickly
You can control location permissions through your device settings. Disabling precise location will prevent the use of ambulance and home visit services.
SHARING YOUR PERSONAL DATA
We share your data with the following third parties:
Healthcare Service Providers
  • Licensed doctors for consultations
  • Laboratories for test processing
  • Pharmacies for prescription fulfillment
  • Ambulance services for emergency response
  • Home healthcare workers (physiotherapists, nurses, geriatric care providers)
  • Mental health professionals for therapy services
We require all third parties to:
  • Use your data only for specified purposes
  • Protect your data with appropriate security measures
  • Comply with applicable data protection laws
  • Delete or return your data when no longer needed
We DO NOT:
  • Sell your personal or health data
  • Share data for advertising purposes
  • Use health data for marketing
ACCOUNT AND DATA DELETION
You can request deletion of your account and data by:
What Gets Deleted:
  • Personal information (name, email, phone – deleted within 30 days)
  • Profile data and photos
  • Chat messages and communications
What We Must Retain (Legal Requirements):
  • Medical records: Retained for 10 years (Nigerian medical record retention law)
  • Prescription records: Retained as required by pharmacy regulations
After the legal retention period, all data is permanently and securely destroyed.
SECURITY OF YOUR PERSONAL DATA
We implement comprehensive security measures:
Data Encryption
  • Data in transit is encrypted using TLS/SSL
  • Health data is encrypted at rest
  • Video consultations use end-to-end encryption
Access Controls
  • Authorized healthcare providers only
  • Two-factor authentication (OTP verification)
  • Regular security audits and monitoring
  • Role-based employee access restrictions
While we use commercially acceptable measures to protect your data, no method of transmission over the internet is 100% secure.
Data Breach Notification
In the event of a data breach, we will notify you within 72 hours via email and in-app notification, in compliance with the Nigeria Data Protection Act 2023.
CHILDREN'S PRIVACY AND AGE RESTRICTIONS
Our service is ONLY for users aged 18 and above. We do not knowingly collect information from anyone under 18.
If you are under 18:
  • You may not create an account
  • You may not use medical consultation services
  • You should not provide any personal information
If we discover that someone under 18 has provided personal information, we will immediately delete it and terminate the account.
Parental / Guardian Accounts
Parents or legal guardians may use the service on behalf of minors, but the account must be in the adult’s name and they are responsible for all information provided.
If you believe we have collected information from someone under 18, contact us at: https://www.medappkonsult.com/contact-us.php
We comply with the Nigeria Data Protection Act 2023 (NDPA) and regulations issued by the Nigeria Data Protection Commission (NDPC).
Your Rights Under NDPA
  • Right to access personal data
  • Right to rectification
  • Right to erasure (subject to legal retention)
  • Right to data portability
  • Right to object to processing
  • Right to restrict processing
  • Right to lodge a complaint with NDPC
Data Protection Officer
  • Email: admin@whitecarnationltd.com
Filing Complaints
  • Nigeria Data Protection Commission (NDPC)
  • Website: https://ndpc.gov.ng
  • Email: info@ndpc.gov.ng
TWO-FACTOR AUTHENTICATION AND OTP
We use One-Time Password (OTP) verification via Email for:
  • Account creation and verification
  • Login authentication
  • Password confirmation
  • Confirming critical actions
OTP codes are temporary and deleted within 24 hours. Your phone number is retained permanently for authentication purposes.
TELEMEDICINE SERVICES SPECIFIC TERMS
Medical Consultation Data:
All consultations (video, phone, chat) with doctors are considered medical consultations and are subject to doctor-patient confidentiality.
Medical Record Access:
  • You can access your complete medical records at any time
  • Doctors treating you can access relevant medical history
  • Emergency services may access critical health information
Consultation Recording:
Video and audio consultations may be recorded with your explicit consent for:
  • Medical documentation
  • Quality assurance
  • Training purposes (anonymized)
  • Legal compliance
You will be notified before recording and can decline recording (though this may limit service availability).
INTERNATIONAL DATA TRANSFERS
Your data may be transferred to servers outside Nigeria where our cloud provider operates.
When transferring data internationally, we ensure:
  • Adequate data protection safeguards
  • Compliance with NDPA transfer requirements
  • Contractual obligations with service providers
  • Encryption during transfer and storage
By using our service, you consent to international data transfers.

Third-Party Links

Our app contain links to third-party websites. When you click on these links, you will be redirected outside of our app to external websites that are not operated or controlled by us.

We Do Not Control

  • The content of third-party websites
  • The privacy policies or data handling practices of external sites
  • The security measures implemented by third-party websites
  • The accuracy or reliability of information on external sites

Your Responsibility

  • Review the privacy policy of each website you visit
  • Understand that external sites may collect your personal data
  • Acknowledge that we cannot protect your data once you leave our app
We are not responsible for the privacy practices, security, or content of any third-party websites linked through our app.