MediPrime Africa ("we", "us", "our") operates mediprimeafrica.com and provides integrated healthcare solutions across Africa. We understand that privacy is fundamental — especially in the healthcare sector. This Privacy Policy describes our practices clearly and honestly, so you know exactly how we handle your information.
Who We Are — Data Controller
The data controller responsible for your personal information is:
- Company: MediPrime Africa
- Website: https://mediprimeafrica.com
- Email: contact@mediprimeafrica.com
- Offices: Nairobi (Kenya) · Dakar (Senegal) · Johannesburg (South Africa) · Casablanca (Morocco)
MediPrime Africa is a pan-African healthcare solutions company offering medical equipment, digital health infrastructure (EMR, telemedicine), laboratory solutions and healthcare consulting to hospitals, clinics and public health institutions.
Personal Data We Collect
We collect personal data through two channels: information you actively provide, and data collected automatically when you browse our website.
2.1 — Data you provide directly
| Data | When collected | Required? |
|---|---|---|
| Full name | Contact / quote request form | Yes |
| Organization / hospital name | Contact form | Yes |
| Professional email address | Contact form | Yes |
| Phone number | Contact form | Optional |
| Country | Contact form | Yes |
| Nature of request / message | Contact form (free text) | Yes |
| Desired service type | Contact form (dropdown) | Yes |
2.2 — Data collected automatically (analytics cookies only)
- IP address (anonymized)
- Browser type and version
- Pages visited and time on page
- Referral source (how you arrived on our site)
- Device type and operating system
How We Use Your Information
- Respond to your inquiry: We use your contact details to reply to your request within 24 business hours and provide relevant information about our healthcare solutions.
- Prepare a personalized quote: Your organization type, country and desired service help us tailor a relevant offer.
- Improve our website: Aggregated, anonymized analytics data helps us understand which content is most useful and optimize the user experience.
- Legal compliance: We may process data where required by applicable law or regulatory obligation.
Legal Basis for Processing
Depending on the type of processing, we rely on the following legal bases:
| Processing activity | Legal basis |
|---|---|
| Responding to your contact form inquiry | Legitimate interest / pre-contractual steps |
| Analytics cookies (Google Analytics) | Explicit consent (opt-in via cookie banner) |
| Technical / necessary cookies | Legitimate interest (website functionality) |
| Compliance with applicable law | Legal obligation |
For users in the European Economic Area or countries with GDPR-equivalent legislation (e.g. Kenya's Data Protection Act 2019, South Africa's POPIA), these bases align with the applicable regulatory requirements.
Data Sharing & Third Parties
We share your data only in the following limited cases:
| Third party | Purpose | Data shared |
|---|---|---|
| EmailJS | Routing contact form submissions to our inbox | Name, email, message, organization, phone, country |
| Google Analytics (opt-in only) | Website traffic analysis | Anonymized IP, pages visited, device type |
| Hosting provider | Website infrastructure | Server logs (access IPs, timestamps) |
All service providers are contractually obligated to process your data solely for the specified purpose and to maintain appropriate security measures. We do not transfer your data to any other party.
Data Retention
| Data type | Retention period |
|---|---|
| Contact form submissions (name, email, message, etc.) | Maximum 36 months from receipt |
| Analytics data (Google Analytics, opt-in) | 14 months (Google Analytics default) |
| Server access logs | 90 days |
| Cookie consent records | 12 months |
After these periods, data is permanently deleted or anonymized. You may also request early deletion at any time — see Section 9 (Your Rights).
Cookies & Tracking Technologies
We use two categories of cookies on mediprimeafrica.com:
| Category | Name / Provider | Purpose | Opt-out? |
|---|---|---|---|
| Strictly necessary | Session cookies | Site functionality, form submission | No — always active |
| Analytics | Google Analytics (_ga, _gid) | Traffic measurement, page analytics | Yes — requires opt-in |
| Consent record | cookieConsent (local) | Stores your cookie preference | No — necessary to respect your choice |
When you first visit our site, a consent banner allows you to Accept or Decline analytics cookies. You can change your preference at any time by clearing your browser cookies and revisiting the site, or via your browser privacy settings.
Security Measures
We implement industry-standard technical and organizational measures to protect your data from unauthorized access, loss or disclosure:
- HTTPS / TLS 1.2+: All data transmitted between your browser and our server is encrypted in transit.
- Access control: Only authorized MediPrime Africa personnel can access contact form data, on a strict need-to-know basis.
- Third-party security: EmailJS and Google Analytics are compliant with international data protection standards (SOC 2, ISO 27001).
- Incident response: In the event of a data breach that poses a risk to your rights, we commit to notifying affected individuals within 72 hours where legally required.
No method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. We encourage you to use strong passwords and secure connections when contacting us.
Your Rights
Depending on your jurisdiction (including Kenya's Data Protection Act 2019, South Africa's POPIA, and GDPR-applicable regions), you have the following rights regarding your personal data:
To exercise any of these rights, contact us at contact@mediprimeafrica.com. We will respond within 30 days. We may need to verify your identity before processing the request.
Minors
Our website and services are exclusively directed at healthcare professionals, institutions and organizations. We do not knowingly collect personal data from individuals under 18 years of age. If you believe a minor has submitted information through our site, please contact us immediately so we can delete it.
International Data Transfers
MediPrime Africa operates across multiple African countries. Your data may be accessed by our teams in Kenya, Senegal, South Africa or Morocco. When data is processed by our service providers (EmailJS, Google Analytics), it may be transferred to servers outside your country of residence.
Where such transfers occur, we ensure appropriate safeguards are in place — including Standard Contractual Clauses (SCCs) where applicable — to provide a level of protection equivalent to your local data protection laws.
Third-Party Links
Our website may contain links to external websites (LinkedIn, WhatsApp, partner organizations). Once you click these links, you leave mediprimeafrica.com and our Privacy Policy no longer applies. We encourage you to review the privacy policies of any external sites you visit. MediPrime Africa is not responsible for the privacy practices or content of third-party websites.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we do, we will:
- Update the "Last updated" date at the top of this page.
- Post the updated version on this page with a clear indication of what changed.
- For material changes, send a notification to individuals who have an ongoing relationship with us (where we hold contact details).
We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes acceptance of the updated policy.
Contact Us — Privacy Questions
If you have any questions about this Privacy Policy, wish to exercise your rights, or have a concern about how we handle your data, please reach out:
MediPrime Africa — Privacy Team
We're committed to answering all privacy-related inquiries within 30 days.
If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your country (e.g. the Office of the Data Protection Commissioner in Kenya, the Information Regulator in South Africa, or the CNDP in Morocco).