1. ABOUT THIS PRIVACY POLICY
Smart Salem Medical Center Limited, Smart Salem Medical Center LLC, and Smart Salem Medical Center 3 FZ LLC (collectively “Smart Salem”, “we” or “us”) value your privacy. Smart Salem Medical Center Limited is required to comply with Dubai International Financial Centre (“DIFC”) Data Protection Law, DIFC Law No. 5 of 2020 (the “DP Law”). Smart Salem upholds the same standard required by these laws across all of their Dubai companies. Please read this Privacy Policy (“Policy”) carefully, as it contains important information on who we are, how and why we collect, store, use, and share your personal data when you use our services. It also explains your rights in relation to your personal data and how to contact us if you have a complaint.

2. WHO WE ARE
Smart Salem is the data controller responsible for your personal data. Our contact details can be found at the bottom of this Policy.

3. THE TYPES OF PERSONAL DATA WE COLLECT
3.1 We may collect and process the following kinds of personal data about you (which may include special categories of personal data) from the sources identified below, including but not limited to our app, our website, or when you visit us at one of our on-site health centers or clinics. While most of the personal data we collect comes directly from you, some of it may come from third parties such as other healthcare providers, clinics, labs, or medical professionals.

(a) Information you give us or we request from you at Smart Salem:
(i) Contact details necessary for registration, such as your email, billing address, contact phone numbers, residential address, and P.O Box.
(ii) Demographic information such as your age, gender, and nationality.
(iii) Feedback and rating information, such as survey feedback.
(iv) Payment information collected by our payment gateway provider for transaction facilitation (credit/debit card details).
(v) Identity information, such as your first and last name, date of birth, gender, passport number, and ID number.
(vi) Special categories of personal data, including health details (e.g., medical history, diagnosis, health insurance, symptoms, treatments, medications, consultations, and procedures).

(b) Information we collect about you online or over the phone:
(i) Account history related to test results/services purchases.
(ii) Calls, emails, or live chat conversations with our support team.
(iii) Technical information, such as:
– Tracking information (IP address, device identifier, location data, browser type, etc.).
– Browser history and performance information.
– Help and troubleshooting information.
– Device make and model, language, time-zone, and location settings.

4. PURPOSE AND LEGAL GROUNDS FOR PROCESSING PERSONAL DATA
4.1 We will collect, store, and process your personal data for the following purposes:
(a) For the purpose of our legitimate interests
This includes processing personal data for:
(i) On-boarding of new customers.
(ii) Provision of services.
(iii) Improvement of products and services.
(iv) Marketing purposes.
(v) Prevention or settlement of disputes.
(vi) Disclosure to processors acting on our behalf.

(b) For the execution of a contract
This includes any contract signed or to be signed for specific purposes, such as being contacted by us or using our online services.

(c) For compliance with legal and/or regulatory obligations
This includes compliance with requests from regulatory authorities such as MOHAP, DHA, GDFRA, etc.

5. HOW LONG THE PERSONAL DATA MAY BE HELD
5.1 Information may be held at Smart Salem’s offices subject to applicable laws. We will keep your personal data for the duration of our services and at least 25 years after each health service provision, extendable based on clinical or health implications.

6. INFORMATION ON COOKIES
6.1 The website/app uses “Cookies” to enable sign-in and personalise your online experience. These may track your activity across devices. You can manage Cookies via browser settings, but rejecting Cookies may reduce functionality.

7. SHARING OF PERSONAL DATA
7.1 We may share your personal data with:
(a) Our employees.
(b) Third-party clinics, labs, or healthcare providers.
(c) Referral services (e.g., hospitals, pharmacists).
(d) CRM and marketing services providers.
(e) Other companies in our group.

8. TRANSFER OF PERSONAL DATA
8.1 Personal data may be transferred outside the DIFC to other jurisdictions, subject to appropriate safeguards in compliance with applicable laws.

9. YOUR RIGHTS
9.1 You have the right to:
(a) Access and accuracy: Request copies of your data or request rectification.
(b) Rectification/Erasure: Request rectification, erasure, or restriction of your data.
(c) Object: Object to data processing in certain circumstances.
(d) Complaints: Lodge complaints with applicable authorities.
(e) Withdraw consent: Withdraw consent, though this may affect ongoing services.
(f) Data portability: Receive data in a structured format.
(g) Non-discrimination: Exercise your rights without being discriminated against.

10. AUTOMATED DECISION MAKING
10.1 We may collect usage information through technologies like web beacons, cookies, and embedded scripts.

11. INFORMATION SECURITY
We have implemented administrative, technical, and physical measures to protect your personal data.

12. RECORDING OF TELEPHONE CONVERSATIONS AND VIDEO SURVEILLANCE
12.1 Telephone conversations may be recorded for commercial transaction evidence.
12.2 Video surveillance is used in and around our offices for security reasons.

13. CHANGES TO THIS PRIVACY NOTICE
We may update this notice from time to time. Changes are effective after posting on our website.

14. CONTACT DETAILS
For any questions about this notice or your personal data, contact us via our website or at contact@smartsalem.ae, or call +971 (0)4 22 00 212.
Our Data Protection Officer can be contacted at: neil.bezuidenhout@smartsalem.ae.