Privacy Policy

Last Updated: 26th December, 2025

1. Introduction

UbuntuCare is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect information in accordance with applicable data protection laws.

2. Information We Collect

a. Personal Information

We may collect personal identification and contact details, including:

  • National Identification Number (NIN)
  • Full name
  • Phone number
  • Email address
  • Date of birth
  • Gender
  • Residential address
  • Geolocation data (where required for service delivery, including emergency response)

b. Health Information

We collect and process health-related information necessary for healthcare delivery, including:

  • Full medical records
  • Baseline health data
  • Consultation and encounter history (online and in-person)

c. Financial Information

We collect financial and transactional data related to platform usage, including:

  • UbuntuCare wallet transactions
  • Subscription and billing records
  • Payment references and transaction identifiers

(Note: UbuntuCare does not store full debit or credit card details.)

d. Provider Information

For healthcare providers and institutions, we collect:

  • Professional licenses and certifications
  • Accreditation and practice details
  • Other information required for verification, compliance, and service delivery

3. How We Use Information

UbuntuCare uses collected information for the following purposes:

  • To facilitate and deliver healthcare services through verified providers and institutions
  • To administer health insurance subscriptions and benefit packages
  • To process wallet transactions, payments, and subscription renewals
  • To coordinate emergency services, including ambulance dispatch where applicable
  • To monitor, maintain, and improve platform functionality, security, and user experience
  • To comply with applicable legal, regulatory, and contractual obligations

All data is processed strictly for legitimate business and healthcare purposes and in accordance with applicable data protection laws.

4. Data Storage and Hosting

UbuntuCare stores and processes personal and health data on secure infrastructure that may be located within or outside the user's country of residence. Where cross-border data transfers occur, UbuntuCare ensures that appropriate technical, organizational, and legal safeguards are implemented in accordance with applicable data protection and healthcare regulations.

5. Data Sharing

UbuntuCare may share personal and health data only to the extent necessary and for legitimate purposes, including:

  • Verified healthcare providers, to enable the delivery of healthcare services
  • Licensed payment processors and financial service providers, to facilitate wallet operations, subscriptions, and payments
  • Regulatory or government authorities, where disclosure is required by applicable law, regulation, or lawful request

UbuntuCare does not sell, rent, or trade personal or health data to third parties for marketing or unrelated commercial purposes.

6. Communications

UbuntuCare may communicate with users through direct phone call from 08000009119, SMS, email, WhatsApp, in-app notifications, or similar channels for purposes including:

  • Account-related communications
  • Health reminders and care-related notifications
  • Subscription, wallet, and service updates
  • Platform announcements and administrative notices

Users may manage their communication preferences where applicable. Certain essential communications, such as security alerts, billing notices, or legally required messages, may not be subject to opt-out.

7. Data Security

UbuntuCare implements appropriate technical and organizational security measures designed to protect personal and health data against unauthorized access, loss, misuse, alteration, or disclosure. These measures include, but are not limited to:

  • Data encryption (in transit and at rest)
  • Role-based access controls
  • Secure authentication mechanisms
  • System monitoring and audit logging

While UbuntuCare takes reasonable steps to safeguard data, no electronic transmission or storage system can be guaranteed to be completely secure, and we cannot warrant absolute security.

8. User Rights

Users are entitled to the following rights with respect to their personal data:

  • Right of Access: Users may request access to the personal information we hold about them.
  • Right to Rectification: Users may request the correction of any inaccurate, incomplete, or outdated information.
  • Right to Erasure: Users may request the deletion of their personal data, subject to applicable laws, regulatory obligations, and medical record-retention requirements.

All requests regarding user rights may be submitted by contacting us at ask@ubuntucare.ng. We will respond to such requests within the timeframe required by applicable data protection laws.

9. Data Retention

We retain personal data only for as long as is reasonably necessary to deliver our services, fulfill healthcare, operational, and contractual obligations, and comply with applicable legal, regulatory, and medical record-keeping requirements. When data is no longer required, it is securely deleted or anonymized in accordance with industry best practices.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. Any material updates will be communicated through the Platform, and the revised policy will take effect upon publication.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or how your data is handled, please contact us using the details below: