Privacy Policy

Introduction

 

Magrabi Health is committed to protecting the privacy of your information. This Privacy Policy approved by the Hospital’s Administrative Board (“Privacy Policy”) applies to all personal information collected by us or provided to us, offline or online, including personal information collected or provided through our websites (“Websites”) and any mobile sites, mini-applications, and other interactive mobile features (collectively, “Our Apps”), through our official social media pages that we control (“Our Social Media Pages”), and through HTML messages that we send to you (collectively, including Social Media Pages, Apps, and Websites, “Sites”). By providing personal information to us, you agree to the terms and conditions of this Policy.

 

Scope

 

This Privacy Policy applies to the personal data collected by MAGRABI HEALTH through the provision of healthcare services and through our websites, mobile sites, and other interactive features. By providing personal information to us, you agree to the terms and conditions of this Policy.

 

Consent and Acknowledgement

 

By using our healthcare services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.

 

Consent and Acknowledgement

 

We collect and process personal data, including sensitive personal data, to provide medical care and related services. The types of personal data we collect include:

 

  • Personal Identifiable Information (PII): Full name, date of birth, gender, nationality, contact information (address, phone number, email), national ID or Iqama number, family details, and insurance information.
  • Health Information: Medical history, investigations, diagnoses, treatment plan, medications, and other healthcare-related data.
  • Financial Information: Insurance claims through healthcare providers.
  • Emergency Contact Details: Information about your designated emergency contact person.
  • Additional Information: Information collected through cookies, server log files, and other tracking technologies.

 

How Do We Collect Personal Information?

 

We and our service providers may collect personal information in a variety of ways, including:

 

  • On the Sites: We may collect personal information on the Sites, for example, when you sign up for a newsletter or make a reservation.
  • Offline: We may collect personal information from you when you are not connected to the Internet, for example, when you contact Call Center or visiting our hospitals and centers.
  • On your browser or device: Some information is collected by most browsers or your device automatically. We use this information for statistical purposes and to ensure the Sites work better.
  • Through server log files: Your “IP address” is a number that is automatically assigned to the computer or device you are using by your Internet service provider. Your IP address is automatically identified and recorded in server log files whenever you visit the Sites, along with the time of the visit.
  • Through your use of the Mobile App: When you download or use our Mobile App, we and our service providers may track and collect App usage data, such as the time and date the App on your device accesses our servers and the information and files downloaded to the App based on your device number.
  • Through geographic location: We may collect information about the geographic location of your device.

 

In some cases, we may use third-party payment services to make reservations and/or collect information through the Sites. In such cases, your personal information may be collected by that third party, not by us, and the collected information is subject to the privacy policy of that third party, not our privacy policy. Accordingly, we cannot control or assume responsibility for the use or disclosure of your personal information by that third party.

 

Purpose of Data Collection

 

We collect your personal data for the following purposes:

 

  • Medical Services: To provide you with medical care, including diagnosis, treatment, and follow-up services and research purposes.
  • Patient Management: To manage your healthcare records, schedule appointments, and communicate with you about your care.
  • Billing and Insurance: To process your payment information and manage insurance claims.
  • Compliance: To comply with local laws, including mandatory reporting to health authorities and other governmental entities.
  • Operational Efficiency: To enhance hospital management, conduct internal audits, and improve the quality of healthcare services.
  • Patient Communication: To notify you about your appointments, health conditions, and services available at MAGRABI HEALTH.
  • Marketing and Surveys: To send you commercial or marketing messages regarding our products or services and to use contact information from surveys for marketing purposes.
  • To respond to your inquiries and fulfill your requests, such as sending you newsletters or answering your questions and responding to your comments.
  • To send you administrative information, such as information related to the Sites and changes to our terms, conditions, and policies. Since this information may be important to your use of the Sites, you cannot opt-out of receiving these messages.
  • To complete and process your reservations and/or cancellations, deliver your orders to you, communicate with you regarding your reservations, and provide appropriate customer service to you.
  • To send you updates and announcements regarding our services, campaigns, and programs, and send you invitations to participate in special offers.
  • To enable you to communicate with and receive communications from other users through the Sites.
  • To allow you to participate in message boards, chat rooms, profile pages, web server logs (weblog), and other services where you can post information and materials (including social media pages).
  • For our business purposes, such as analyzing and managing our business, conducting market research, auditing, developing new services, enhancing our Sites, improving our Services, identifying usage trends, determining the effectiveness of our promotional campaigns, tailoring the Sites experience and content based on your past activity on the Sites, measuring customer satisfaction, and providing customer service (including troubleshooting customer issues).

 

Legal Basis for Processing Personal Data

 

Your personal data will be processed by Magrabi Health both inside and outside the Kingdom of Saudi Arabia / the Arab region, primarily for the purpose of completing the booking process or providing the services you have requested (including travel insurance coverage) and for customer service and marketing activities. We adhere to the Saudi Data Protection Law and other applicable data protection laws in the Arab countries where we operate. Your personal data is collected in a server located in your country. We process your personal data based on the following legal grounds:

 

  • Consent: We rely on your consent to process your personal data for healthcare purposes. You may withdraw your consent at any time, though this may affect the services we can provide.
  • Contractual Obligation: Processing is necessary for fulfilling the healthcare services contract between you and MAGRABI HEALTH.
  • Legal Obligation: We may process your data to comply with statutory and regulatory requirements.
  • Vital Interest: In urgent situations, we may process your data without consent to protect your health or the health of others.

 

Data Sharing and Disclosure

 

Your personal data may be shared under the following circumstances:

 

  • Healthcare Providers: With doctors, nurses, and other healthcare professionals directly involved in your care.
  • Government Authorities: With regulatory authorities when required by law.
  • Third-Party Service Providers: With entities that assist in providing healthcare services, such as diagnostic laboratories, pharmacies, or external medical consultants.
  • Insurance Companies: With your insurance provider for claims processing and coverage verification.
  • Emergency Situations: With other healthcare providers or authorities in cases where immediate medical intervention is required.
  • Marketing Partners: With partners to provide you with personalized services based on geographic location and other relevant information.

 

We ensure any data shared is subject to appropriate safeguards and do not sell or rent your personal information for marketing purposes.

 

Data Security and Protection

 

MAGRABI HEALTH implements robust security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. Our data protection measures include:

 

  • Encryption of sensitive personal data.
  • Controlled access based on roles and responsibilities.
  • Regular security audits and updates.
  • Secure storage of physical and electronic records.
  • Training for staff in data protection best practices and compliance requirements.

 

Unfortunately, we cannot guarantee that any data transmission over the Internet or any data storage system you use will be completely secure. If you have any reason to believe that your activity with us is no longer secure (for example, if you feel that your account with us has been compromised), please notify us immediately of the problem by contacting us.

 

Data Retention

 

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by applicable laws. Once the retention period has expired, we securely delete or anonymize your personal data.

 

Your Rights Under the Statutory Regulatory Framework

 

You have the following rights concerning your personal data:

 

  • Right to Access: Request access to the personal data we hold about you.
  • Right to Correction: Request correction or updates to inaccurate or outdated information.
  • Right to Deletion: Request deletion of your personal data under certain circumstances.
  • Right to Restriction: Request that we limit the processing of your personal data.
  • Right to Object: Object to the processing of your personal data based on public interest or legitimate grounds.
  • Right to Withdraw Consent: Withdraw your consent for processing your personal data at any time.

 

If you wish to exercise any of these rights, please contact us using the contact details provided below.

 

International Data Transfers

 

We may transfer your PII outside the country for processing. In such cases, we ensure any international transfer is conducted in accordance with statutory and regulatory requirements and appropriate safeguards are in place to protect your data.

 

Children’s Privacy

 

We do not knowingly collect personal data from children under 18 without parental or guardian consent. If you believe we have inadvertently collected such data, please contact us immediately to delete it.

 

Cookies

 

We use cookies, clear gifs, and log file information to store information, provide personalized content, monitor marketing effectiveness, record site analytics, and track user interactions. Most browsers accept cookies by default, but you can reset your browser to refuse cookies. Our website features may not function properly if cookies are refused.

 

Email Addresses and Mailing List

 

We collect and use email and mailing addresses for providing membership benefits, services, and communications. We may use your contact information to send marketing messages regarding our products or services.

 

Surveys

 

Our surveys may ask for contact, demographic, and other personal information. This information may be used for marketing purposes as described in the survey materials.

 

Marketing Emails and Mobile Messages

 

You can opt out of marketing emails and mobile messages by following opt-out instructions provided in those communications. We reserve the right to send transactional messages related to your account or use of our services.

 

Social Media Interactions and Third-Party Links

 

Our sites contain links to other websites and social media pages. We are not responsible for the privacy practices or content of these third-party sites. Please review their privacy policies to understand how they collect and use information.

 

Updates to this Privacy Policy

 

We may update this Privacy Policy periodically to reflect changes in our practices or legal obligations. Any changes will be communicated through our website or direct channels. The effective date of the latest version will be indicated at the top.

 

Contact Information

 

If you have any questions, concerns, or complaints regarding this Privacy Policy or our use of your personal data, please contact us at: privacy@magrabihealth.com
Updated: 1/11/2024