Privacy Policy for Medical Refill

  • Home
  • Privacy Policy
  1. Introduction

    1. Speedy Recovery Company is putting the privacy of all users on top of its priority. In Speedy Recovery we put all efforts to provide high quality services for all users, and this privacy policy is considered as part of terms of use, and it covers all type of data which are submitted and collected while using Medical Refill service.

    2. To provide our services to patients we need to collect some personal data to create their medical profiles, and we use these data only to provide our service. The acceptance of the patient to join or benefit from our services is considered as an acceptance of this policy.

    3. All users of our service should visit this policy and terms of services from time to time to make sure that they read the latest updates. Speedy Recovery will not be responsible to notify each user when it makes any updates in this document.

    4. By providing us with their personal data, patients are giving us the right to store and handle their data. Patients also giving us the right to share these data with related governmental institutions for legal issues and cases.

  2. The Security of Personal Data

    3. Speedy Recovery Company will always seek the related security measures to keep all data secured and safe. But, in case of any breach or hacking to its system, Speedy Recovery will not be responsible about the consequences of this breach.


What personal data we hold and how we get it

  • We use the following categories of personal data:
    • Personal details
      • When you register with us, you complete a form and provide us with basic information about yourself, such as your name, date of birth, physical address email address and phone number. You may also need to provide us with a copy of identification and health insurance card for ID checks to be carried out by one of our commercial partners. If you use the service through one of our partners, the partner may provide this information to us.
    • Health information
      • The main type of information we hold about you is related to your health, symptoms, lab results and medications which you are taking. This includes interactions with our services.
      • We get some of this information directly from you, when you join us and when you use our services.
      • We may also hold information about you and your health from other apps, devices and services where you have given your consent to that data being shared with us. Examples include where you decide to share information collected from a smart watch or similar device with the Platform.
    • Technical information and analytics
      • When you use the our service, we may automatically collect the following information where this is permitted by your device settings: (a) technical information, including the address used to connect your mobile phone or other device to the Internet, your login information, system and operating system type and version, browser or app version, time zone setting, operating system and platform, and your location (based on IP address); (b) information about your visit, including products and services you viewed or used; Platform response times, interaction information (such as button presses) and any phone number used to call our customer service number; and We work with partners who provide us with analytics and advertising services (for our services only and not third-party advertising). This includes helping us understand how users interact with our services, providing our advertisements on the internet, and measuring performance of our services and our adverts. Cookies and similar technologies may be used to collect this information, such as your interactions with our services. All mandatory information is marked with an asterisk. If you do not provide the mandatory information, we will not be able to process your personal data for the purposes below.

What we use your personal data for

  • The purposes for which we use your personal data and the legal grounds on which we do so are as follows.

    We obtain and use your personal details and financial details in order to establish and deliver our contract with you.

    We obtain and use your medical information because this is necessary for health purposes. This includes our digital services. Where you have provided your explicit consent, we will use your medical information (always having removed personal identifiers, such as your name, address, and contact details) to improve our healthcare products and services and our artificial intelligence system, so that we can deliver better healthcare to you and other users. This medical information (de-identified in the way described above) may include your interactions with our artificial intelligence services, such as our symptom checker. This does not involve making any decisions about you – it is only about improving our products, services and software so that we can deliver a better experience to you and other Platform users and help achieve our aim of making healthcare affordable and accessible to everyone. Strict confidentiality and data security provisions apply at all times.

    We use your email address and/or phone number to contact you with occasional updates and marketing messages where you have not opted out, based on our legitimate interest in marketing our services to you, and subject to your right to opt out at any time.

    Based on our legitimate interest in managing and planning our business, we may analyse data about your use of our products and services to, for example, troubleshoot bugs within the Platform, forecast demand of service and to understand other trends in use, including which features users use the most and find most helpful, and what features users require from us. This does not involve making any decisions about you – it is only about improving the Platform so that we can deliver better services to you. Strict confidentiality and data security provisions will apply at all times.

    Where necessary, we may need to share personal and financial details for the purposes of fraud prevention and detection. We also store your interactions with our digital services, for safety, regulatory, and compliance purposes. For example, we may need to review your information and, where necessary, make disclosures in compliance with reasonable requests by regulatory bodies, or as otherwise required by law or regulation. Where necessary for safety, regulatory and/or compliance purposes we may audit your other interactions with our services. Strict confidentiality and data security provisions will apply at all times to any such audit and access.

    We may preserve or disclose information about you to comply with the law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our services or the physical safety of any person.


Sharing your personal data with others

  • We may share your personal data with members of our corporate group, and our partners. This is to help us deliver our services to you. We may share with our commercial partners aggregated data that does not personally identify you, but which shows general trends, for example, the number of users of our service.

    Where you access our services through your health insurance provider, and where you have given your consent, we will need to let your insurance company know your name, email address, policy number, location (based on IP address), demographic information and other similar information.

    We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of our services or the physical safety of any person.

    Except as described above, we will never share your personal information with any other party without your consent.


Retention periods

  • The below is a summary of our retention policy, but we may retain records for other periods as required by law or regulation.
  • Type of record
    • Interactions with our services
  • Retention period
    • 10 Years

Data storage, security and transfers

  • We do not store your personal health data on your mobile device. We store all your personal health data on secure servers.
  • Where you have chosen a password that enables you to access certain parts of the Platform, you are responsible for keeping this password confidential. We ask you not to share the password with anyone.
  • We encrypt data transmitted to and from the Platform. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
  • Your data may be processed or stored via destinations outside the Kingdom of Saudi Arabia (KSA) where you have given your consent, but always in accordance with data protection law and subject to strict safeguards. For example, we work with third parties to use their software platforms who have servers outside KSA to send communication emails to our users

Your rights

  • As indicated above, whenever we rely on your consent to process your personal data, you have the right to withdraw your consent at any time.
  • Ask us to rectify or erase information we hold about you, subject to limitations relating to our obligation to store medical records for prescribed periods of time.
  • Ask us to restrict our processing of your personal data, or object to our processing.
  • For any concerns or if you wish to exercise your rights above, please contact us at:
  • Email: admin@speedyrecoverycompany.com