The information we collect or that you provide on or through our Sites or by using our services includes:
How we use your data
Data that may personally identify you, including your name, postal address, billing address, shipping address, e-mail address, home, work and mobile telephone numbers, age, date of birth, social security number, insurance policy number, physical characteristics that may personally identify you, sexual orientation, IP address, bank account number, credit or debit card number (for payment purposes only), national origin, ancestry, veteran or military status, medical conditions, race, citizenship, information about any physical or mental disabilities you may have, information related to your religious or philosophical beliefs, political opinions, information regarding your gender at birth and how you currently express your gender identity, information related to your sex life, such as pregnancy, child birth and related medical conditions, any history of criminal convictions, biometric information (such as fingerprints, exercise data, psychological characteristics, face prints, gait patterns, genetics, behavioral characteristics, voice, sleep data, and iris/retina scans), and genetic information (including familial genetic information) (collectively, “Personal Data”);Information that you provide by filling in forms on our Sites, such as appointment request forms or product ordering forms. It also includes information you provide when you register to use our Sites, purchase products, or use services available through the Sites or facilities. We may also ask you for information when you report a problem with our Sites. Some forms collect sensitive information, such as health information, necessary for us to provide our services to you;.Records and copies of your correspondence (including email addresses), if you contact us;Your responses to surveys that we might ask you to complete for research, development, and marketing purposes; andDetails of transactions you carry out through our Sites and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Sites.
You also may provide information to be published or displayed (hereinafter, “Posted”) on public areas of the Sites or transmitted to other users of the Sites or third parties (collectively, “User Contributions”). Your User Contributions are Posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Sites with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
Information we collect automatically:
We collect information about you automatically as you navigate through or use our Sites. Information collected automatically may include usage details, IP addresses, session replay and recording technology (recording your movements, clicks, etc. on our Sites), and information collected through cookies, web beacons, pixels tags, and other tracking technologies
As you navigate through and interact with our Sites, we may use automatic data collection technologies (such as session replay and tracking technologies referred to above) to collect certain information about your equipment, browsing actions, and patterns, specifically:
Usage Details. Details of your visits to our Sites, such as traffic data, location, logs, referring/exit pages, date and time of your visit to or use of our Sites, error information, clickstream data, and other communication data and the resources that you access and use on or in the Sites.Device Information. Information about your computer, mobile device, and Internet connection, specifically your IP address, operating system, browser type, and App version information.Location Data. Information about your location collected through Geolocation technology. However, the Cosmicforge platform can collect and use geolocation information only for the limited purpose of facilitating check-in to your scheduled appointment upon arrival. You may disable this functionality on your mobile device by removing permission for the Platform to use location services at any time.The technologies we use for this automatic data collection may include:
Cookies (or browser cookies). We and our service providers may use cookies, web beacons, and other technologies to receive and store certain types of information whenever you interact with our Sites through your computer or mobile device. A cookie is a small file or piece of data sent from a website and stored on the hard drive of your computer or mobile device. On your computer, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting you may be unable to access or use certain parts of our Sites. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website or use our App.Pixels and Web Beacons. Pages on our Sites, or our e-mails, may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related Sites statistics (for example, recording the popularity of certain Sites content and verifying system and server integrity). For example, we use Tealium, Inc. (“Tealium”), to understand how users interact with our Sites. We use this information to assist us in improving our user experience.Google Analytics. We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to collect certain information relating to your use of our Sites. Google Analytics uses cookies, which are text files placed on your computer, to help our Sites analyze how users use the Sites. You can find out more about how Google uses data when you visit our Sites by visiting “How Google uses information from sites or apps that use our services” . we may also use Google Analytics Advertising Features or other advertising networks to provide you with interest-based advertising based on your online activity.Do Not Track Signals. Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals. However, we do not track your online activities on or across third party websites or other online services for any purpose, including advertising, unless you specifically opt-in to a program or campaign that authorizes such tracking.
Surveys
We occasionally survey visitors to our site. The information from these surveys is used in aggregated, de-identified form to help us understand the needs of our visitors so that we can improve our site. The information may be shared with third parties with whom we have a business relationship. We generally do not ask for information in surveys that would personally identify you; if we do request contact information for follow-up, you may decline to provide it. If survey respondents provide personal information (such as an email address) in a survey, it is shared only with those people who need to see it to respond to the question or request, or with third parties who perform data management services for our site. Those third parties have agreed to keep all data from surveys confidential.
How we use the information we collect
In addition to the uses described above, we use the information we collect for things like:
Optimizing the performance and user experience of our sites;Operating, evaluating, and improving our business;Providing healthcare servicesDelivering or installing productsMarketing and advertising products and services, including by inferring your interests from your interactions with our websites and newsletters and tailoring advertisements, newsletters, and offers to you (both on our websites and on other websites) based on your interactions with us in our stores and online interests;Sending you email newsletters;Conducting research and analysis;Communicating with you about your account, special events, and surveys; andEstablishing and managing your accounts with us.Estimate our audience size and usage patterns;Improve our product and services offering;store information about your preferences, allowing us to customize our Sites according to your individual interests; andrecognize and/or authenticate you when you return to our Sites.Data Protection
We will never share your information with any third parties these includes Medical records. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sharing your personal information
We may share the information we collect about you with third parties who we have engaged to help us provide the Site, as well as the products and services available through our Site. Your Personal Data may be disclosed to affiliates, contractors, service providers, and other third parties we use to support our business; any such use of Personal Data that includes protected health information and any authorization you have provided.
The services provided by these organizations include providing IT and infrastructure support services, advertising, marketing, and payment processing services. Advertising and marketing partners may receive and use your Personal Data to assist us with our advertising and marketing efforts. In each case, we will ensure that these third parties have agreed to safeguard your data. We may use a third-party ad network provider to help present advertisements on this website.
We may provide third parties with aggregate statistics about our visitors, traffic patterns, and related site information. These data reflect site-usage patterns gathered during visits to our website each month, but they do not contain information that personally identifies you unless you have given us permission to share that information.
We may also disclose your Personal Data:
to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Cosmicforge about our Sites users are among the assets transferred;to fulfill the purpose for which you provide it;for any other purpose disclosed by us when you provide the information;with your consent;to comply with any court order, law, or legal process, including to respond to any government or regulatory request;to enforce or apply our Terms of use and other agreements, including for billing and collection purposes; andif we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Our company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.You hereby consent to the processing, transfer and storage of your information during and after the use of the PlatformCookie Policy
Our Site may use "cookies" to enhance User experience. These are for features like AI-driven analytics, personalized notifications and dynamic content delivery, including user control over cookie preferences. User's web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.
Consent to terms
By using this Site, you signify your acceptance of this policy. And also consent to Telemedicine services through Ai diagnostics, AR assistance and VR therapy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Healthcare Data Handling Policy
Personal and medical Data may be transferred or disclosed to Third Parties (Medical practitioners) including but not limited to Doctors, medical contractors, cloud service providers, hospitals (public and private) where the Third Party provides adequate safeguards to protect the Personal Data and the privacy rights of Data Subjects. Such data may also be stored using Blockchain technology. Any transfer of Personal Data must be consistent with this Policy.
There shall be an undertaking on the part of the Third parties that;
an adequate level of protection (i.e. sufficient taking into account the type of Personal Data concerned, and the purpose of the disclosure) will be provided.the supplied Personal Data will be used only in accordance with the terms of the undertaking/services, and not for any purpose not contemplated therein.all Personal Data will be returned to Cosmicforge healthnet ltd and/or destroyed at any time upon request by Cosmicforge and, unless otherwise agreed, at the expiration or termination of the service. The Third Party shall confirm to Cosmicforge in writing that it has complied with the foregoing no later than seven (7) days after receipt of the notification from Cosmicforge.sufficient security safeguards (such as encryption, storage in secure location, setting up of antivirus software and firewalls, etc.) will be implemented to prevent Personal Data Breach;None of the work will be subcontracted without Cosmicforge's prior consent.Cosmicforge will be promptly notified in the event that a Personal Data Breach occurs and that the Third Party will cooperate with Cosmicforge in taking appropriate action in response to the Personal Data Breach, including appropriate measures to limit the effects of a Personal Data Breach.It is recognized that it may not always be possible to conclude a written undertaking prior to sharing Personal Data with certain partners and in certain exigent circumstances, such as emergencies with health consequences. In such circumstances, and where transfers are necessary to protect the Vital Interests of affected persons, all steps should be taken as soon as possible after emergency, to protect the transferred Personal Data.Nothing in or relating to this Policy shall be deemed as regulating or limiting the communication by Cosmicforge of information – including Personal Data – to appropriate authorities to facilitate the proper administration of justice.Data Breach Notification Policy
In line with Nigeria Data Protection Act 2023 (the NDPA) which has defined Personal data breach as "a breach of security of a data controller or data processor leading to or likely to lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed."
Example of these breach includes but no limited to, Confidentiality breach, integrity breach (alteration of personal data), availability breach (accidental destruction, deletion of personal data by unauthorized parties)
The following steps shall be taking in the event of a Breach;
Users are allowed to use the online notification form, to notify Cosmicforge of a breachIdentification of the type of breach, its locations and recipients by data processor management. These includes personal data stored in physical or virtual storage facilities or any other form of storage.Activation of the incident response team once a security incident has occurred, to implement the incident response plan led by an assigned incident manager.investigate the data breach to ensure that the investigative evidence is appropriately handled and preserved.Collect and review any breach response documentation and analyze reports.Report to the Data controllerCommunicate the personal data breach to the data subject in plain and clear language, including advice about measures the data subject could take to mitigate effectively the possible adverse effects of the data breach and if a direct communication to the data subject would involve disproportionate effort or expense, or is otherwise not feasible, the data controller may instead make a public communication in one or more widely used media sources such that the data subject is likely to be informed. The NDPC may make a public communication about a personal data breach notified to it by the data controller if dissatisfied with the data controller's notice to data subjects.Data Breach Notification Content;
The content or style of reporting a breach notice must contain
- the name and contact details of a point of contact of the data controller, where more information can be obtained;
- a description of the likely consequences of the personal data breach; and
- a description of the measures taken or proposed to be taken to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
It is key that the contact point should be easily accessible, and allow for a quick response from the data controller or its agents to inquiries by affected data subjects, especially as every “minute” is key for personal data breach remediation.
