Privacy Policy

At Cudo our mission is to put an accessible and affordable health service in the hands of every person on earth. We are passionate about high-quality and convenient healthcare. We are also passionate about privacy.

This policy explains how we use your personal data. We want to help you understand how we work with your data, so that you can make informed choices and be in control of your information. We invite you to spend a few moments understanding this policy. We may update this policy from time to time and, if we make any material changes, we will notify you when we do so. We will provide you with the opportunity to review such changes. By continuing to use our products and services after the changes have been made and we have notified you of them, the way we use your personal data will be subject to the terms of the updated policy.

This policy explains how we use your personal data for our healthcare services and products, including, amongst others, our Online Consultation, and our Home visit service. It also governs the use of your data through our App, or any of our websites, including the Cudo website (and any reference to our App in this policy shall also include a reference to our websites).

This policy covers:

1. Who we are;

2. What personal data we hold and how we get it;

3. What we use your personal data for;

4. Sharing your personal data;

5. Retention;

6. Data security and transfers; and

7. Your rights.

If you have any further questions about how we process your information, please don't hesitate to get in touch by contacting our Data Protection Officer:

Email: legal@cudoapp.com

1. Who we are

Our healthcare services are delivered through the Cudo app which is a product of Jon Davis Limited, a limited company registered under the laws of the Federal Republic of Nigeria (company number 1678580). Jon Davis LLC maintains full right and ownership of the technology that supports our services. The registered office and principal place of business is 6 Folorunsho street, Ogba, Lagos, Nigeria.

When this policy talks about ‘Cudo’, ‘us’ or ‘we’, it means Cudo app which is a product of Jon Davis Limited. And when we refer to “Home visit”, it means Book Now as seen on the app.

 

2. What personal data we hold and how we get it

We use the following categories of personal data:

Personal details

When you register with us, you complete forms and provide us with basic information about yourself, such as your name, date of birth, physical address and email address. You will also provide us with a copy of identification documentation for ID checks to be carried out by one of our contract staffs. You are responsible for the accuracy of the information that you provide to us.
 

Health and medical information

The main type of information we hold about you is health and medical information: information about your health, symptoms, treatments, consultations and sessions, medications and procedures. This is predominantly details of your consultations with our doctors. Your interactions with our digital services may be shared with our doctors in order to provide you with a better experience and for the purposes of providing you quality health care.

We get some of this information directly from you, when you register with us and when you use our healthcare services. If you use our Cudo Home Visit, our medical professionals will receive your medical history from engaging in conversations with you. If you use our other services (including our Online Consultation), and if you have given consent for us to do so, we will send the consultation notes that we take during your use of the Online Consultation to your mobile phone. Any correspondence we receive from you is uploaded electronically to Cudo records.

We retain minimal recordings of our consultations and interactions with you. This can include your chat, or audio-only recordings. This is in order to provide you with an easy way to check your consultations where you wish to, so that we can ensure high quality care is provided to you, and, with your consent, to allow us to learn from them to improve our services. To monitor our service quality, we may retain records of when you contact our support teams via email, phone or on our blog. Recordings are held securely in accordance with our retention policy. You can access recordings or transcripts of your consultations or interactions with us (depending on the format) for a limited time through the App or from us. Please refer to the ‘Retention Periods’ section of this policy.

Financial information

If you make any payments on the App, your credit/debit card details are processed directly by a third party processor that will store all payment information and transaction details. We will only retain details of transactions on secure servers and we will not retain your credit or debit card information.

Technical information and analytics

When you use our App or visit our website, we may automatically collect the following information where this is permitted by your device or browser settings:

We work with partners who provide us with analytics and advertising services (for our services only and not for third party advertising). This includes helping us understand how users interact with our services, providing our advertisements on the internet, and measuring performance of our services and our adverts. Cookies and similar technologies may be used to collect this information, such as your interactions with our services. Our Cookie Policy is available at: https://thinktank1.github.io/cudoapp/termsofservice.html. You can prevent the setting of cookies by adjusting the settings on your browser or your mobile phone.


3. What we use your personal data for

The purposes for which we use your personal data and the legal grounds on which we do so are as follows:

Providing you a service

Making healthcare accessible

Keeping you up to date

Other uses

4. Sharing your personal data with others

Information sharing with other healthcare providers

Anonymised information

Home Visit service

Except as described above, we will never share your personal information with any other party without your consent.

 

5. Retention periods

We retain your medical records in accordance with national best practice guidance – in particular, advice provided by the Department of Health (2006) Records management: NHIS code of practice, and summary guidance issued by the Nigeria Medical Association. The below is a summary of our retention policy, but we may retain records that do not identify you for legitimate business purposes such as managing or planning our business, or records for other periods as required by law or regulation.


 

Type of record

Retention period

GP records

GP Records retained for 10 years after death or after the patient has permanently left the country unless the patient remains in the European Union. In the case of a child, if the illness or death could have potential relevance to adult conditions or have genetic implications for the family of the deceased, the advice of clinicians should be sought as to whether to retain the records for a longer period.

Electronic patient records (EPRs) must not be destroyed, or deleted, for the foreseeable future. GP records include medical records, consultations with GPs and chatbot interactions.

Voice (audio) consultations

Retained as GP Records above.

Live chat communications with support teams

1 year after exit from Home Visit service.

Records relating to persons receiving treatment for a mental disorder within the meaning of mental health legislation

20 years after the date of the last contact; or 10 years after the patient's death if sooner.

 

6. Data storage, security and transfers

We do not store your personal health data on your mobile device. We store all your personal health data, including your primary care information, medication information and diagnostic information, on secure servers.

Where you have chosen a password that enables you to access certain parts of our App, you are responsible for keeping this password confidential. We ask you not to share the password with anyone.

We do not store any credit or debit card information. Payments are processed via a third-party payment provider that is fully compliant with Level 1 Payment Card Industry (PCI) data security standards. Any payment transactions are encrypted using SSL technology.

We encrypt data transmitted to and from the App. Once we have received your information, we will use strict procedures and security Services to try to prevent unauthorised access. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Your data may be processed or stored via destinations outside of Nigeria, but always in accordance with data protection law, including mechanisms to lawfully transfer data across borders, and subject to strict safeguards. For further information on the safeguards we take if we transfer data outside of the EEA, contact legal@Cudoapp.com.

 

7. Your rights

As indicated above, whenever we rely on your consent to process your personal data, you have the right to withdraw your consent at any time by accessing the privacy settings in the App.

You also have specific rights under the NITDA Guideline, and CCA 2015 to:

Contact us

For any questions or concerns, you can contact us by sending an email to legal@Cudoapp.com.

Contact us

For any questions or concerns, you can contact us by sending an email to legal@Cudoapp.com.