Privacy Policy

Effective Date: June 30, 2025

At Dr. Ogbara Foundation Clinic, we value your privacy and are committed to protecting your personal data in accordance with the Nigeria Data Protection Regulation (NDPR) and relevant healthcare regulations. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website or interact with our services.

1. Information We Collect

We may collect the following types of personal information:

• Contact Information: Full name, phone number, email address.
• Appointment Details: Preferred date/time, medical concern or symptoms.
• Health Records: Information you voluntarily provide relating to past or ongoing medical conditions, medications, allergies, and health history relevant to your appointment or care.
• Technical Data: IP address, device type, and browser type, collected via security and analytics tools (e.g., Cloudflare).

2. How We Use Your Data

We use your personal data for the following purposes:

• To process appointment bookings and respond to inquiries.
• To deliver healthcare services and maintain accurate medical records.
• To improve website performance, functionality, and security.
• To comply with regulatory and legal obligations.

3. Data Security

We implement robust technical and organizational measures to protect your data, including:

• End-to-end encryption (HTTPS)
• Strict access controls and authentication
• Secure hosting via Cloudflare infrastructure
• Regular internal audits and breach response procedures
• Staff training on data privacy and security

4. Data Retention

We retain your medical records and personal data for a minimum of 10 years, in accordance with Nigerian health data regulations and professional medical practice standards. After this period, data is securely deleted or anonymized unless otherwise required by law.

5. Third-Party Services

We use trusted third-party providers under NDPR-compliant Data Processing Agreements (DPAs), including:

• EmailJS: To securely process appointment and contact form submissions.
• Cloudflare: For secure content delivery, traffic protection, and DDoS mitigation.

These providers are contractually required to process your data securely and only on our instructions.

6. Your Rights

Under the NDPR, you have the right to:

• Access and request a copy of your data
• Request correction of inaccurate information
• Request deletion of data (unless medical or legal retention rules apply)
• Withdraw consent (where applicable)
• Object to non-essential processing

Withdrawal of consent may affect our ability to provide certain services, such as appointment scheduling or follow-up.

7. Children's Privacy

Our services are intended for individuals above the age of 18. If a child under 18 requires medical attention, consent must be provided by a parent or legal guardian.

8. Data Breach Notification

In the unlikely event of a data breach, we will promptly notify the Nigerian Data Protection Bureau (NDPB) and affected individuals in accordance with NDPR guidelines.

9. International Data Transfers

If any personal data is transferred outside Nigeria (e.g., through EmailJS or Cloudflare), it will be protected through appropriate legal safeguards, including standard contractual clauses or similar instruments.

10. Contact Us

For questions, requests, or concerns about your data or this policy, you may contact us at:

• Email: drogbarafoundationclinic@gmail.com
• Phone: +234 902 066 9305
• Address: 222 Lagos Road, Owutu, Agric, Ikorodu, Lagos, Nigeria

We reserve the right to update this Privacy Policy. Please check back periodically for updates.