At RamaCare Polyclinic, we take your privacy and data security seriously. This policy explains how we collect, use, store, and protect your information in compliance with UAE Personal Data Protection Law (PDPL), DHA, and MOHAP regulations.

🔹 1. Information We Collect

We collect personal, medical, and administrative data necessary to provide safe and effective healthcare:

Personal Information

  • Name, date of birth, gender, contact details (phone, email, address)

  • Emergency contact information

Medical Information

  • Medical history, diagnoses, lab tests, prescriptions, imaging results

  • Photos or videos for treatment documentation (if applicable)

Financial Information

  • Payment details for services, invoices, and insurance processing

Digital/Online Data

  • IP addresses, website usage data, cookies, and submitted online forms

🔹 2. How We Use Your Data

We use your data strictly for:

  • Providing medical and aesthetic treatments safely

  • Appointment scheduling, billing, and payment processing

  • Compliance with UAE healthcare regulations

  • Communicating treatment updates or clinic announcements

  • Research, quality improvement, and operational purposes (anonymized)

🔹 3. Legal Basis for Processing

We process personal data only when:

  • Required for medical treatment or healthcare service delivery

  • Necessary to comply with UAE law or DHA/MOHAP regulations

  • Required for contractual obligations such as payment processing

  • Explicit consent is given for marketing or promotional communications

🔹 4. Sharing Your Information

Your information is never sold. We may share data only in these circumstances:

  • Regulatory authorities (DHA, MOHAP) when legally required

  • Service providers (labs, payment gateways, IT systems) under confidentiality agreements

  • Medical emergencies when necessary for urgent care

🔹 5. Patient Rights

You have the right to:

  • Access your personal and medical data

  • Request correction of inaccurate or incomplete information

  • Request deletion of personal data where legally permitted

  • Withdraw consent for non-mandatory processing

  • Opt-out of marketing communications

Submit requests to: query@ramacarepolyclinic.com  Response will be provided within 30 days.

🔹 6. Data Security & Retention

  • Records are stored securely in compliance with DHA and PDPL standards

  • Access is limited to authorized personnel only

  • Medical and financial records are retained for minimum 5 years

  • Expired or obsolete data is securely deleted or anonymized

🔹 7. Cookies & Website Analytics

  • We use cookies to improve website experience and collect anonymized analytics

  • No personal data is collected from cookies without submission via forms

  • Patients can disable cookies in browser settings (may affect functionality)

🔹 8. Transfers & Third-Party Services

  • Data processed by third-party providers (payment gateways, insurance platforms) follows their privacy policies

  • All third-party contracts include strict data protection clauses

🔹 9. Marketing Communications

  • You will only receive marketing messages if explicit consent is provided

  • Consent can be withdrawn anytime via query@ramacarepolyclinic.com

🔹 10. Policy Updates

  • This Privacy Policy may be updated periodically to comply with legal or operational requirements

  • The latest version is always available on our website