Khairo Diet Clinic is committed to protecting your privacy and handling your personal information with transparency and care. This Data Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Information We Collect

Personal Information: We collect your full name, email address, phone number, date of birth or age, gender, and billing and payment information. Please note that payment information is processed securely by our payment partners and is not stored by us.

Health Information: To provide effective nutrition care, we collect medical history including diagnoses, medications, and surgeries. We also collect dietary habits and preferences, lifestyle information such as exercise and sleep patterns, body measurements and composition data, laboratory results including HbA1c and lipid profiles, and metabolic test results from resting metabolic rate and body composition analysis.

Technical Information: When you visit our website, we automatically collect your IP address, browser type and version, device information, pages visited and time spent on each page, and referring website addresses. We use cookies and similar technologies to collect this information as detailed in our Cookie Policy.

Communication Information: We keep records of emails, messages, and calls exchanged with you. We may also collect feedback and survey responses, and with your explicit consent, client testimonials.

How We Use Your Information

We use your information to provide nutrition consultations and personalized diet plans, which is necessary for the performance of our contract with you. We also use your information to schedule and manage appointments, communicate service updates and reminders, and process payments and issue receipts, all of which are necessary for our contractual relationship.

We use your information to improve our services and website based on our legitimate business interests. We may also use your information to comply with legal and regulatory obligations, to send educational content and newsletters where you have given your consent to receive such communications, and to respond to inquiries and support requests.

Legal Basis for Processing

We process your personal information based on consent where you have given explicit permission, such as for receiving marketing emails. We process information based on contract where processing is necessary for the services you have requested. Where we need to comply with Nigerian law, we process information based on legal obligation. We also process information based on legitimate interests where processing is necessary for our legitimate business interests, provided your rights do not override these interests.

How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share information with payment processors to process payments securely, and these partners are required to maintain PCI-DSS compliance and access only the minimum data necessary.

We may share information with IT service providers for website hosting and email delivery, and we have data processing agreements in place with these providers to ensure your information is protected.

With your explicit consent, we may share relevant health information with healthcare partners such as your physician to ensure coordinated care. We may also disclose information to legal or regulatory authorities when required by applicable law.

In the event of a merger, acquisition, or sale of our business, your information may be transferred to the new entity, which will be bound by confidentiality obligations consistent with this policy.

Data Security

We implement appropriate technical and organizational measures to protect your information. These include secure servers and encrypted connections using SSL technology, access controls restricted to authorized personnel only, regular security assessments, and pseudonymization where appropriate.

While we strive to protect your information, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but will notify you of any data breach in accordance with applicable laws.

Data Retention

We retain your information only as long as necessary. Client records including consultations and diet plans are retained for seven years after your last interaction to comply with legal and liability requirements. Payment records are retained for seven years to meet tax and compliance obligations. Marketing preferences are retained until you withdraw your consent. Website usage data is retained for twenty-six months for analytics purposes. After the applicable retention period, your information will be securely deleted or anonymised.

Your Rights

Depending on your location, you may have the right to access a copy of the information we hold about you. You may request correction of inaccurate or incomplete information. You may request deletion of your information, subject to our legal obligations. You may request restriction of how we process your information, or receive your information in a structured, commonly used format for portability. You may object to processing based on legitimate interests, and you may withdraw consent for marketing communications at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within thirty days.

Cookies and Tracking Technologies

Our website uses cookies to enhance user experience and analyze traffic. Cookies are small text files stored on your device that help us remember your preferences and understand how you interact with our site. You can control cookies through your browser settings. Please note that disabling cookies may affect the functionality of our website. For more details, please refer to our Cookie Policy available on our website.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children’s Privacy

Our services are not directed to individuals under eighteen years of age. We do not knowingly collect personal information from minors. If you believe a minor has provided us with information without parental consent, please contact us immediately, and we will take steps to delete such information.

International Data Transfers

Your information may be transferred to and processed in countries outside Nigeria. When we transfer data internationally, we ensure appropriate safeguards are in place through data transfer agreements that require the recipient to protect your information to standards comparable to those required by Nigerian law.

Changes to This Policy

We may update this policy periodically to reflect changes in our practices or legal requirements. Changes will be posted on this page with an updated “Last Updated” date. If we make significant changes, we will notify you via email or through a notice on our website.

Contact Information

If you have questions, concerns, or wish to exercise your rights regarding your personal information, please contact our Data Protection Contact at [email protected], by phone or WhatsApp at 0803 990 4595, or by mail at 15 Modupe Johnson Crescent, Surulere, Lagos 101241, Nigeria.

Thank you for trusting Khairo Diet Clinic with your health and personal information.