Privacy at a Glance
End-to-End Encryption
All health data is encrypted in transit and at rest using AES-256.
You Own Your Data
Export or delete your information anytime. No questions asked.
NDPR Compliant
Fully compliant with Nigerian and international data protection laws.
1. Introduction
Welcome to Glimmedic ("we," "our," or "us"). This Privacy Policy explains how we collect, use, protect, and share your personal and health information when you use our AI-powered healthcare assistant platform accessible at glimmedic.glimtalk.com.
By using Glimmedic, you agree to the practices described in this policy. If you do not agree, please do not use our services.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, phone number, professional credentials (for healthcare providers)
- Health Information: Medical history, symptoms, medications, test results, voice recordings of health queries
- Patient Management Data (Providers): Patient records, appointment schedules, treatment protocols, clinical notes
- Payment Information: Billing details for subscription services (processed securely via third-party payment processors)
2.2 Information Collected Automatically
- Usage Data: Pages viewed, features used, time spent on platform, search queries
- Device Information: IP address, browser type, operating system, device identifiers
- Location Data: General geographic location (city/country level) to improve service delivery
- Cookies and Tracking: Essential cookies for functionality, analytics cookies (with your consent)
2.3 AI Training Data
We may use anonymized, de-identified health queries to improve our AI models. All personally identifiable information is removed before any data is used for machine learning purposes.
3. How We Use Your Information
Primary Healthcare Services
- • Provide AI-powered medical information and assistance
- • Generate personalized health insights and recommendations
- • Facilitate communication between patients and healthcare providers
- • Manage appointments, medications, and treatment schedules
Platform Improvement
- • Enhance AI accuracy and response quality
- • Develop new features based on user needs
- • Conduct security monitoring and fraud prevention
- • Perform analytics to improve user experience
Communication & Support
- • Send service updates and important notifications
- • Provide customer support and respond to inquiries
- • Send educational health content (with your consent)
- • Share product updates and new features
Legal Compliance
- • Comply with NDPR, GDPR, HIPAA, and other regulations
- • Respond to legal requests and prevent fraud
- • Protect rights, property, and safety of users
- • Enforce our Terms of Service
4. Data Sharing and Disclosure
We Never Sell Your Data
Glimmedic does not and will never sell, rent, or trade your personal or health information to third parties for marketing purposes.
We May Share Information With:
Healthcare Providers (With Your Consent)
When you authorize us to share your health information with your doctor or clinic for coordinated care.
Service Providers
Trusted third-party vendors who help us operate the platform (cloud hosting, analytics, payment processing). All vendors sign strict data protection agreements.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified of any such change.
Legal Requirements
When required by law, court order, or to protect the rights and safety of Glimmedic or others.
Anonymized Research
De-identified, aggregated data may be shared with research institutions to advance medical knowledge. No individual can be identified from this data.
5. Data Security
We implement industry-leading security measures to protect your information:
Encryption
AES-256 encryption at rest, TLS 1.3 in transit. All health data is encrypted before storage.
Access Controls
Multi-factor authentication, role-based access, regular security audits.
Secure Infrastructure
ISO 27001 certified data centers, regular penetration testing, 24/7 monitoring.
Incident Response
Dedicated security team, breach notification within 72 hours, comprehensive response plan.
Important: While we use best-in-class security, no system is 100% secure. You are responsible for keeping your login credentials confidential.
6. Your Privacy Rights
Under NDPR and other privacy laws, you have the following rights:
Right to Access
Request a copy of all personal data we hold about you
Right to Rectification
Correct inaccurate or incomplete information
Right to Erasure ("Right to be Forgotten")
Request deletion of your data (subject to legal obligations)
Right to Data Portability
Export your data in a machine-readable format
Right to Restrict Processing
Limit how we use your data in certain circumstances
Right to Object
Object to processing for direct marketing or legitimate interests
Right to Withdraw Consent
Revoke previously given consent at any time
Exercise Your Rights
To exercise any of these rights, contact our Data Protection Officer:
Email: privacy@glimmedic.com
We will respond within 30 days of receiving your request.
7. Data Retention
We retain your information only as long as necessary for the purposes outlined in this policy:
Active Account Data
Retained while your account is active
Health Records (Healthcare Providers)
Retained for 7 years after last patient interaction (legal requirement)
Deleted Account Data
Purged within 90 days of account deletion (except legal hold requirements)
Anonymized Analytics
Retained indefinitely as it cannot be linked back to individuals
8. International Data Transfers
Glimmedic operates globally. Your data may be transferred to and processed in countries outside Nigeria. When this occurs, we ensure:
- Adequate protection through Standard Contractual Clauses (SCCs)
- Data processing in countries with adequate data protection laws
- Encryption and security measures regardless of data location
9. Children's Privacy
Glimmedic is not intended for children under 18. We do not knowingly collect personal information from minors without parental consent. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@glimmedic.com.
11. Third-Party Links
Our platform may contain links to external websites or services not operated by Glimmedic. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we will:
- Notify you via email (if you have an account)
- Display a prominent notice on our platform
- Update the "Last Updated" date at the top of this page
Your continued use of Glimmedic after changes are posted constitutes acceptance of the updated policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Glimmedic Data Protection Office
Website
glimmedic.glimtalk.comMailing Address
Glimmedic Healthcare Technologies
Innovation Hub, Victoria Island
Lagos, Nigeria
Data Protection Officer
dpo@glimmedic.comNDPR Compliance Contact: For matters related to the Nigeria Data Protection Regulation, you may also contact the Nigeria Data Protection Commission (NDPC) at ndpb.gov.ng
14. Regulatory Compliance
Glimmedic is committed to compliance with all applicable data protection and healthcare regulations:
🇳🇬 NDPR
Nigeria Data Protection Regulation - Full compliance
🇪🇺 GDPR
General Data Protection Regulation - For EU users
🇺🇸 HIPAA
Health Insurance Portability and Accountability Act
🌍 ISO 27001
Information Security Management certification
Questions About Your Privacy?
We're here to help. Our Data Protection team is available to answer any questions about how we handle your information.