1. Introduction

Healthy Medicine ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your data in compliance with the Protection of Personal Information Act (POPIA) of South Africa and, where applicable, the General Data Protection Regulation (GDPR).

By using our services, website, or booking a consultation, you consent to the data practices described in this policy.

2. Information Officer

We have appointed an Information Officer who is responsible for overseeing questions in relation to this privacy policy. If you have any questions, please contact us at:

• Email: wellness@healthymedicine.co.za
• Website: https://healthymedicine.co.za

3. Information We Collect

We may collect and process the following categories of personal information:

• Identity Data: First name, last name, title, date of birth.
• Contact Data: Email address, telephone number, billing address, physical address.
• Health Data (Special Personal Information): Medical history, current symptoms, dietary habits, lifestyle information, and consultation notes. We collect this sensitive data only with your explicit consent and for the specific purpose of providing health and wellness services.
• Technical Data: IP address, browser type, time zone setting, and location data when you visit our website.
• Transaction Data: Details about payments and services you have purchased from us.

4. How We Use Your Information

We use your personal information for the following purposes:

• To Provide Services: To conduct health assessments, create personalized wellness plans, and schedule consultations.
• Communication: To send appointment reminders, respond to your inquiries, and provide support.
• Billing: To process payments and manage your account.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

5. Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., health assessment).
• Contract: Processing is necessary for a contract we have with you (e.g., providing a consultation).
• Legal Obligation: Processing is necessary for compliance with a legal obligation (e.g., keeping medical records).

6. Data Security

We have implemented appropriate technical and organizational security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorized way. We limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal information on our instructions and are subject to a duty of confidentiality.

7. Data Retention

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. By law, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for a certain period after they cease being customers for tax purposes.

8. Your Rights

Under POPIA and GDPR, you have the following rights regarding your personal information:

• Right of Access: You can request a copy of the personal information we hold about you.
• Right to Correction: You can request correction of inaccurate or incomplete data.
• Right to Deletion: You can request the deletion of your personal information where there is no good reason for us to continue processing it.
• Right to Object: You can object to the processing of your personal information.
• Right to Withdraw Consent: Where we are relying on consent to process your personal information, you have the right to withdraw this consent at any time.

To exercise any of these rights, please contact us at wellness@healthymedicine.co.za.

9. International Transfers

We may use third-party service providers (e.g., cloud storage, booking systems like Cal.com, payment processors like Yoco) that may store data outside of South Africa. We ensure that these providers adhere to strict data protection standards that are at least as stringent as POPIA.

10. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies.

11. Complaints

You have the right to make a complaint at any time to the Information Regulator (South Africa). We would, however, appreciate the chance to deal with your concerns before you approach the Regulator, so please contact us in the first instance.

Information Regulator (South Africa):

• Website: https://inforegulator.org.za/
• Email: POPIAComplaints@inforegulator.org.za