1. Introduction

Welcome to StellaSync. Your privacy is of utmost importance to us at StellaSync. We are committed to protecting the privacy and security of our users' personal and medical information. StellaSync LTD owns and maintains StellaSync. This privacy policy (“Policy”) applies to all users of StellaSync and describes how StellaSync and our parent companies, subsidiaries, and affiliated companies (“StellaSync,” “we,” “us,” and/or “our”) may collect, use, disclose, and safeguard your information about you (“you” and “your” refers to the user of the Web site, “website”) that we obtain through www.stellasync.com and mobile applications that link to this Policy (collectively, the “Sites”) when you use our electronic medical records (EMR) and hospital management system (HMS) services.

Your healthcare provider may also have their own privacy practices and/or policies that govern its collection and use of your data. Please be aware that we cannot oversee or take responsibility for your healthcare provider's privacy practices or how other entities handle your information. We strongly advise you to carefully review their privacy policies.

By using StellaSync, you acknowledge that you have read, understood, and agreed to accept the practices, guidelines, and/or policies set forth in this Privacy Policy, whether you are using the Services, creating an account with us, visiting our Platform, or otherwise gaining access to the Services. You also give us your consent to collect, use, disclose, and/or process your personal information as set forth in this Privacy Policy. Please avoid using our services or accessing our Platform if you do not consent to the processing of your personal information, as this privacy policy outlines. Thank you for entrusting us with your personal information.

2. Information StellaSync Collect

We may collect the following kinds of information when you use the StellaSync Services:

Information You Provide to Us

We may collect your personal information (such as name, email address, phone number, address, date of birth, medical history and records etc.) when you provide it to us across our Services. This includes when you:

  • When you Sign up for an email newsletter, use our Services to send someone a message, register for our Services, fill out a form, use our online services (via our websites or applications) etc.
  • Add a file to our services, such as a document, a picture, or another data file.
  • Contact us by email, telephone or other means
  • When you attain one of our training workshops or webinars for individuals or groups.
  • Users enter other health-related data into our system.

Additionally, we collect information on your behalf when you grant us permission to access or import data from another user, a third party, or another service. other information you enter on or submit to our Services are just a few examples of the information we may collect about you.

Information We Collect Automatically

Automatic data collection occurs whenever you visit, use, or engage with our Services in any way, this includes receiving emails through our Services. We collect this information to improve and operate our Services in a variety of ways, including:

  • Preserving user preferences and data.
  • Ensuring that session settings and activity remain intact.
  • Users' authentication.
  • Enable the security and support features.
  • Adjust how informational messages, media, advertisements, and other content are delivered.
  • Examine how our Services, including all of its features and content, are used and how well they work.

Device Information:

When you interact with our Services, we may collect information about the device you use to access our site. This information includes your IP address, device ID or unique identifier, device type, computer, operating system, and connection information that your device sends to us.

Cookies and Related Technologies:

StellaSync and our partners—namely, affiliates, analytics, or service providers—use cookies, web beacons, pixels, and related technologies to provide functionality and identify you across different services and devices. This information includes statistics on page views, traffic to and from the sites, referral URLs, ad data, IP addresses, standard web log information, and anonymous information collected through cookies and web beacons.

At the individual browser level, users can control the use of cookies. To opt out of cookies, check your web browser to change your cookie settings or email support@stellasync.com. If you remove or decide not to accept cookies from us, you may still be able to use the website, but your access to some features or areas may be limited.

2.5 Payment and Billing Information:

When you use StellaSync services that require payment, we may collect certain billing and payment information, such as the account information for your credit or debit card or other information. In order to submit your credit card information, you understand and agree to the sharing of your information with third-party payment processors and other third-party services (including, but not limited to, vendors who provide fraud detection services to us and other third parties).

We exclusively use your payment and billing information to process payments and manage billing-related activities. Specifically, we use this information to:

  • Process transactions and payments for services rendered.
  • Send you billing statements and payment receipts/invoices.
  • Manage your account and payment preferences.
  • Verify your identity and prevent fraudulent transactions.
  • Provide customer support for payment and billing inquiries.

These third parties may save your payment card information for future use with our services. We do not retain your payment card information, nor do we hold any control or responsibility over it. Our use of third-party services is subject to their contractual obligations to protect the privacy and security of your payment card information.

Information We Collect from Other Sources:

For any reason outlined in this policy, we may receive, search for, or proactively collect information about you from other sources and combine it with information we already have about you. From time to time, we may obtain business contact information you make publicly available, including from third parties, for our marketing purposes.

3. How StellaSync Use Collected Information

Subject to your consent, we may use your personal information for the following business purposes, where required by law:

To Provide and Improve Our Services

  • Manage patient records and healthcare information.
  • Facilitate appointment scheduling and reminders.
  • Process billing and payments.
  • Enhance the functionality of our platform, incorporate new features, and enhance the overall user experience.
  • Provide customer support and services.
  • Authenticate user accounts

To Communicate with You

  • Send you updates, security alerts, and support messages.
  • Respond to your questions and requests, or ask for feedback on our services.
  • Facilitate communication between healthcare providers.

For Compliance and Protection

  • Comply with legal and regulatory obligations
  • Protect against fraudulent, unauthorized, or illegal activities.
  • Unless a verified adult guarantor registers services, we do not collect information from children or minors

4. How StellaSync Share Your Information

We share personal information with:

4.1 With Your Consent:

We may share your information with third parties if you have given us your explicit consent to do so.

4.2 With Healthcare Providers:

To ensure proper medical treatment and support, we may share your information with healthcare professionals, government agencies, and relevant entities involved in your care.

If an account administrator has administrative privileges over your account, they will have access to your account information.

For example, if you choose to utilize our services in "one-on-one" interactions between a patient and a clinician or between a provider and another healthcare professional.

4.3 With Service Providers:

We may share your information with third-party service providers who perform services on our behalf, such as payment processing, data analysis, customer support marketing (including but not limited to advertising, attribution, deep-linking, direct-mail, mobile marketing, optimization, and retargeting), performance monitoring, and hosting. These providers are bound by contractual obligations to maintain your information's confidentiality and limit its use to the purposes we disclose to them.

4.4 For Legal Reasons:

We may disclose your information if required to do so by law or in response to valid requests by legal and regulatory authorities (e.g., court orders, subpoenas).

We aim to detect, halt, probe, or address instances of fraud, illegal activity, or violations of our terms and conditions.

Our services may sell, merge, transfer, exchange, reorganize, or dispose of all or a portion of their business, including assets and shares. If such a transaction takes place, this policy, as later updated, will continue to apply to the acquiring company's use of your information.

5. How StellaSync Allow Users to Share Information

5.1 One-on-One Communications:

Users can use our services to facilitate one-on-one conversations. For examples :

  • Sending a prescription to a pharmacist
  • Sending another user a notification or appointment confirmation.
  • Making a recommendation to another medical professional.
  • Submitting a test request to a medical lab or radiology.
  • Communicating with a patient.

In a one-on-one communication, users share information with one another or with a person or entity. This can involve disclosing contact details and other personally sensitive information, depending on the message.

5.2 Records:

You should be aware that this policy only applies to the data you provide when using our services. This policy does not apply if you communicate or exchange information with another user in person or through a channel other than our services. You should be selective in who you share your records and other information with because our services allow users to share information you share with them. Despite the fact that our services handle such transmissions, we are not liable for the behavior of those with whom you share your records and other information.

5.3 Directories:

Healthcare facilities have the option to have their contact and directory information listed in one or more of our professional directories of healthcare providers, which users and/or the general public can view. These directories offer profile details, including contact and specialization details, along with additional tools to assist users and the general public in locating and connecting with the listed individuals.

You might be required to provide personally identifiable information in addition to other information if you use our services to try to get in touch with or book an appointment with a provider listed in one of our directories.

5.4 Training / Webinars

As part of our services, we offer demo training and webinars where users can interact with other users or the broader public. Users should assume that any information they submit in one of our communities will be accessible to the general public. We strongly advise users to exercise caution when sharing any personally identifiable, health-related, or other sensitive information that could directly or indirectly link to any individual, including themselves.

6. Security of Your Information

The security of your personal information is important to us. To protect your personal data, use electronic storage and transmission with appropriate security technologies. When you enter sensitive information, such as a payment card number, on our services, we encrypt that information using secure socket layer technology (SSL). We implement appropriate technical and robust security measures to protect information, including encryption (in transit and at rest), access controls (user authentication, authorization, and access restrictions), Regular backups and disaster recovery procedures.We maintain secure servers and data centers, implement firewalls and intrusion detection systems, conduct regular security testing and vulnerability assessments, and implement organizational measures to safeguard your personal information against unauthorized access, use, alteration, and disclosure. Please be aware that while we follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security of any information stored on, sent via, or received from our services.

7. Your Privacy Rights

Users have the right to:

7.1 Access and Update:

You have the right to access and update your personal information.

7.2 Data Portability:

You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format.

7.3 Deletion:

You have the right to request the deletion of your personal information, subject to certain exceptions (e.g., where we need to retain your information to comply with legal obligations).

8. Data Retention

We retain personal information and protected health information (PHI) for as long as is necessary to provide our services and comply with legal requirements. We delete information when it is no longer necessary or upon user request (subject to legal requirements).

9. Accessing and Updating Your Information

We design our services to provide you with access to the data you submit and the necessary tools to modify it in compliance with applicable law. You can do this by logging into our services and changing your information, or by getting in touch with a customer support agent. However, please be aware of the significant restrictions listed below. Before processing your request, we may, in some cases, ask you to prove your identity.

Please be aware that you cannot access, modify, or delete another user's account's content unless you have administrative privileges under the registered medical firm.

You won't be able to view, edit, or delete information that you provided to another user or a third party through our services. You won't be able to read, modify, or delete information that another user of our services submits to identify you.

Current rules or regulations may require some users, like healthcare providers, to maintain their information on file for an extended period or permanently. In addition, we might be required to keep such information forever under separate legal or regulatory requirements. Last but not least, we keep backups of the data stored by our services for infinite amounts of time for disaster recovery and business continuity purposes.

10. Third-Party Services

This privacy policy does not apply to third-party services offered by websites, other online services, or advertisements that may be displayed on the Services or on websites to which our Services may establish connections. These third-party services have their own data collection policies. We are not responsible or liable for the privacy practices or content of these third-party sites. You should study any third-party privacy policies to understand their procedures because we have no control over how they acquire or use information.

11. Minors:

Minors under the age of eighteen should not use the sites. StellaSync does not wish to obtain any information from or about such minors through the sites. If you are under eighteen years old, do not use StellaSync services.

Without limiting the above, the StellaSync.com website does allow persons over the age of 18, such as you, parents, and guardians, to provide, share, and store personal information about others, including minors and children. Any user providing, storing, or submitting information on behalf of a child assumes full responsibility over the submission, use, and transmission of such information.

12. Transfer of Information Overseas

For one or more of the following reasons, your personal data and/or information may be transferred to, stored, or processed outside of the country in which you reside. Most of the time, we will process your personal information outside of the country because that is where our servers are. Your information will only be transferred outside of Nigeria by StellaSync in accordance with privacy laws and/or other applicable laws. Your use of the sites or the provision of any information therefore constitutes your consent to the transfer to and from, processing, usage, sharing, and storage of information about you outside of the country in which you reside, as set out in this policy.

13. Changes to This Privacy Policy

We may update this privacy policy from time to time. If we change how we use your personally identifiable information, we will notify you of any changes by email or by posting the new privacy policy on our platform and updating the effective date. Your continued use of our services after such changes constitutes your acceptance of the new privacy policy. We advise you to review it from time to time to see if there have been any modifications, additions, or updates. You should stop using our services if you disagree with any of the amendments, terms, or conditions contained in this policy.

14. Questions or Concerns

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at support@stellasync.com or call +234 (0) 810 296 5619.