Effective Date: [30th of November, 2025]

MeddialCare values the privacy, data protection rights, and security of all users across our multi-vendor healthcare marketplace. This Privacy Policy explains how we collect, use, store, disclose, and protect personal and organizational information in compliance with the Nigeria Data Protection Regulation (NDPR), GDPR principles, and international privacy standards.

1. Introduction

This Privacy Policy applies to:

* Buyers (hospitals, clinics, labs, pharmacies, individuals)

* Vendors, manufacturers, and distributors

* Technicians and engineers (Meddialer)

* Financial service users (MeddialPlus)

* Visitors and users of MeddialCare digital platforms

By using MeddialCare, you agree to the practices outlined here.

2. Information We Collect

We collect information to deliver secure, efficient marketplace services.

2.1 Personal Identification Information

* Name, email, phone number

* Address and location details

* Profile and login details

2.2 Business & Vendor Information

* Company name, registration documents

* Tax identification details

* Bank and payout information

* Product inventory and listings

2.3 Transaction & Operational Data

* Order history

* Payment records

* Invoices, receipts, and procurement actions

2.4 Technical & Equipment Data

* Device diagnostics (for Meddialer services)

* Installation logs

* Repair records

2.5 Usage & Device Data

* IP address, browser type, operating system

* App usage analytics

* Cookies and tracking identifiers

2.6 Financial Information

* Payment method details (processed via secure third-party gateways)

* Financing applications (via MeddialPlus)

3. How We Use Your Information

We use collected data to provide secure and reliable services.

3.1 To Operate the Marketplace

* Processing orders, payments, and deliveries

* Vendor verification and compliance

* Facilitating communication between buyers and sellers

3.2 For Customer Support

* Responding to inquiries and resolving disputes

* Providing technical or repair assistance

3.3 For Platform Improvement

* Enhancing user experience

* Improving logistics, vendor performance, and search results

3.4 For Security & Fraud Prevention

* Monitoring suspicious activity

* Protecting accounts and preventing unauthorized use

3.5 For Legal & Regulatory Compliance

* NDPR and GDPR compliance

* Medical equipment trade regulations

* Financial reporting and auditing

4. Legal Basis for Processing

We process personal data based on:

* Consent given by the user

* Contractual necessity to provide services

* Compliance with legal obligations

* Legitimate business interests, such as fraud prevention or service enhancement

5. Cookies and Tracking Technologies

MeddialCare uses cookies to:

* Improve site functionality

* Enhance personalized recommendations

* Measure advertising performance

Users may manage cookie preferences in their browser settings.

6. Data Sharing & Disclosure

We may share information only when necessary:

6.1 With Vendors & Sellers

For order processing, delivery, after-sales service.

6.2 With Meddialer Technicians

For installations, repairs, and equipment diagnostics.

6.3 With Financial Partners (MeddialPlus)

For financing eligibility assessments.

6.4 With Logistics Providers

For order delivery and reverse pickups.

6.5 With Regulators or Law Enforcement

Only when legally required.

We do not sell personal data to third parties.

7. Data Security

We implement industry-standard measures to protect data, including:

* Encryption (in transit and at rest)

* Secure authentication and user-access controls

* Firewall and intrusion prevention systems

* Regular security audits

Despite safeguards, no system is 100% secure. Users are encouraged to keep their credentials safe.

8. Data Retention

We retain data only as long as necessary to:

* Provide services

* Meet legal requirements

* Resolve disputes

* Enforce agreements

Users may request data deletion subject to legal retention requirements.

9. User Rights

In accordance with NDPR and GDPR principles, users have the right to:

* Access personal data

* Request correction of inaccurate information

* Request deletion (“right to be forgotten”)

* Withdraw consent at any time

* Request data portability

* Object to certain processing activities

Requests may be made via the MeddialCare Support Center.

10. Children’s Privacy

MeddialCare does not knowingly collect data from individuals under (18) years without parental consent.

11. International Data Transfers

Data may be stored or processed outside Nigeria, but always under:

* Adequate protection measures

* Standard contractual clauses

* Secure data-handling practices

12. Third-Party Integrations

Some services rely on third-party partners (payments, logistics, financing). These partners have their own privacy policies, which users should review.

13. Policy Updates

This Privacy Policy may be updated to reflect:

* Platform enhancements

* Legal or regulatory changes

* New security technologies

Users will be notified of major changes via email or platform notice.

14. Contact Information

For privacy questions or data-related requests:

* Email: [privacy@meddialcare.com](mailto:privacy@meddialcare.com)

* Support Portal: [www.meddialcare.com/support](http://www.meddialcare.com/support)

* Phone: +234-813-344-3964

MeddialCare remains committed to protecting your data and ensuring a secure, transparent, and trusted healthcare marketplace across Africa.