Privacy Policy

Last updated: April 2023

Thank you for choosing to be a part of our community at Haima Health Initiative, a community of lifesavers. This Privacy Policy describes our policies and procedures on the collection, use and disclosure of your information. It tells you about your rights, including under the Nigerian Data Protection Regulation (NDPR).

We use your personal data to provide and improve the services we provide. By registering with us you agree to the collection and use of information in accordance with this Privacy Policy. Your privacy is very important to us, and we will only collect information if it has a clear business purpose as defined by the NDPR. Our staff undergo Information Governance training and only have access to the systems they need to fulfil their duties. All team and volunteers are bound by our duty of confidentiality.

WHO WE ARE

Haima Initiative Limited by Guarantee (“Haima” or “The Company”) RC 1394632 is a company limited by guarantee registered in Nigeria. Our goal is to improve voluntary blood donation and increase blood supply for patients. This includes through advocacy, logistics operations, events and associated services.

REASONS AND PURPOSES FOR PROCESSING INFORMATION

We process personal information about you so that we can provide services to the public for blood and blood components donation. We only collect information we need, for as long as required, and to a limited number of people. We only share your information for the purposes related to our mission, for example in times when a blood donor is required or during medical emergencies in your area. We do not share your information with other parties for commercial use. 

TYPES OF DATA COLLECTED

While registered with us, we ask you to provide certain personally identifiable information that can be used to contact or identify you, including health history. Personally identifiable information may include, but is not limited to:

 

  • First name and last name
  • Phone Number
  • Location
  • Data related to blood donation including your blood group, genotype, frequency and date of blood donations
  • Photos and videos of you used to promote blood donation.
  • Data of hospitals, patients, family members of patients and donors, volunteers, employees, researchers, medical professionals, and government agencies working on blood related matters. 

TRACKING TECHNOLOGIES AND COOKIES

You can use our website without providing any personal details. However, to request blood or sign up to blood donation, you must provide data to support this.

We may use Cookies and similar tracking technologies to track the activity on our service and store certain information. Tracking technologies that may be used are beacons, tags, and scripts to collect and track information and to improve and analyze our service. 

Cookies may also be used to help speed up your future activities on our websites. For example, a site can recognise that you have provided personal information to us and refrain from requesting the same information a second time.

You may disable the use of cookies, but this may limit the functionality of our websites or your access to it.

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.

USE OF YOUR PERSONAL DATA

We may use Personal Data for the following purposes:

To monitor our services, including to monitor the usage of our service.

To manage Your Account: to manage your registration as a user or beneficiary of our services. The data you provide can give you access to different functionalities including ordering blood deliveries and linking blood donors to blood requests.

To contact You: To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications.

To provide you with news, general health information, legal notices, and promotions unless you have opted not to receive such information.

To manage requests: To attend and manage your requests to us.

For business transfers: We may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our business operations, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our service users is among the assets transferred.

For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, surveys, determining the effectiveness of our campaigns, to evaluate and improve our services, marketing and your experience and to pursue our legitimate interests.

We share your personal information in the following situations:

  • With Service Providers: We may share Your personal information with service providers to monitor and analyze the use of our service and to contact you.
  • Current and past employers: To carry out work for us
  • Suppliers and service providers: To support the services we provide to the public
  • Health and Care organisations: To verify clinical and non-clinical activity such as the provision of blood products and testing services for patient care and treatment
  • Other statutory law enforcement agencies: To assist in any legal or fraudulent activity
  • Survey and research organisations: To share your information for research purposes where you have consented
  • Government regulators: To support organisational audit and investigations
  • The police: To assist with police enquiries in line with relevant legislation
  • For business transfers: We may share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • With Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates may include any other subsidiaries, joint venture partners or companies that we control or that are under common control with us.
  • With Partners: We may share your information with our partners including government regulators, hospitals, and patients as required to provide our services or fulfill requirements.
  • With Your consent: We may disclose your personal information for any other purpose with your consent.

RETENTION OF YOUR PERSONAL DATA

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws). 

We will hold your data for up to 30 years to ensure full ensure traceability of any blood donation to a hospital or patient.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our services, or we are legally obligated to retain this data for longer time periods.

TRANSFER OF YOUR PERSONAL DATA

Your information, including personal data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of your state, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Haima will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

LAW ENFORCEMENT

Under certain circumstances, the Company may be required to disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., health regulators, a court, or government agency).

SECURITY OF YOUR PERSONAL DATA

We will always hold your information securely. To prevent unauthorised access to your information, we have implemented strong controls and security safeguards at the technical and operational levels. Our website uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your Personal Data. You should see the padlock symbol in your URL address bar once you are successfully logged into the platform. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server. Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission.

The security of your personal data is important to us but remember that no method of transmission over the internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

CHILDREN’S PRIVACY

Our services do not generally address anyone under the age of 18. We do however process blood requests and deliveries for patients under 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from anyone under the age of 18 without verification of parental consent, we take steps to remove that information.

GOVERNING LAW

This privacy policy is made pursuant to the Nigeria Data Protection Regulation 2019 and other relevant Nigerian laws, regulations or international conventions applicable to Nigeria. Where any provision of this Policy is deemed inconsistent with a law, regulation or convention, such provision shall be subject to the overriding law, regulation or convention.

LINKS TO OTHER WEBSITES

Our website may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and update the “Last updated” date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

CONTACT US

Haima Health is the Data Controller for the personal data we hold and process about you. If you have any questions about this Privacy Policy, or would like to make a data request you can contact us:

By email: info@haimahealth.com

info@haimahealth.org,ng