Privacy Policy

1. Introduction

At Compass, we respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website, explains how we collect, use, store, and protect your information when you use our cancer case reporting system, and tell you about your privacy rights and how the law protects you.

2. Data We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, username or similar identifier.
  • Contact Data includes email address, telephone numbers, region, district, hospital, town/village details.
  • Patient Data: Name, care giver, age, gender, phone number Location Information: Region, district, hospital, town/village.
  • Medical Information: Suspected symptoms.
  • Multimedia Data: Voice recordings, photographs.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version.

3. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Primary Purposes

  • Medical Case Processing: To facilitate cancer case referrals
  • Healthcare Coordination: To connect patients with appropriate medical specialists
  • Quality Improvement: To enhance our services and patient care outcomes

Secondary Purposes

  • Analytics: To understand app usage patterns and improve functionality
  • Support: To provide technical assistance and resolve issues
  • Compliance: To meet legal and regulatory requirements

4. Information Sharing

Authorized Recipients

  • Medical Professionals: Qualified healthcare providers involved in patient care
  • Healthcare Institutions: Hospitals and clinics participating in the referral network
  • Technical Support: Authorized personnel for system maintenance and support

Restrictions

  • We DO NOT sell your personal information to third parties
  • We DO NOT use your information for marketing purposes
  • We DO NOT share information outside the healthcare network without consent

5. Data Security

Technical Safeguards

  • Encryption: All data is encrypted in transit
  • Access Controls: Role-based access with multi-factor authentication
  • Audit Trails: Comprehensive logging of all data access and modifications
  • Regular Updates: Continuous security patches and system updates

Physical Safeguards

  • Secure Facilities: Data centers with restricted physical access
  • Environmental Controls: Climate-controlled, monitored environments
  • Backup Systems: Redundant storage with disaster recovery capabilities

6. Your Rights

Access and Control

  • View Your Data: Request copies of your personal information
  • Correct Information: Update or correct inaccurate data
  • Delete Data: Request deletion of your information (subject to legal requirements)
  • Data Portability: Receive your data in a structured, machine-readable format

Communication Preferences

  • Opt-out: Unsubscribe from non-essential communications
  • Consent Management: Withdraw consent for specific data processing activities

7. Data Retention

Retention Periods

  • Active Cases: Retained while case is being processed
  • Completed Cases: Stored for 7 years for medical and legal compliance
  • Technical Logs: Retained for 2 years for system maintenance
  • Deleted Accounts: Personal data removed within 30 days of deletion request

Legal Requirements

Some information may be retained longer to comply with:
- Medical record keeping requirements
- Legal proceedings and investigations
- Regulatory compliance obligations

8. Children's Privacy

While our service is targetted at reporting cases for children 0-18 years, the service is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information immediately.

9. Changes to This Statement

We may update this Privacy Statement periodically to reflect changes in our practices or applicable laws. We will notify users of material changes through:
- In-app notifications
- Email notifications (if provided)
- Updates posted on our website

10. Contact Information

Privacy Officer

Email: support@oncocompasscare.com
Phone: (+233) 233-350-0400
Address: OncoCompass Care Privacy Office, Cantonments, Accra, Ghana

Data Protection Authority

If you have concerns about our privacy practices, you may contact the Ghana Data Protection and Privacy Office.

11. Compliance

This Privacy Statement complies with:

  • - Ghana Data Protection and Privacy Act
  • - International healthcare data protection standards
  • - Medical confidentiality requirements

Last Updated: August 1, 2025
Version: 1.0


For questions about this Privacy Statement or our privacy practices, please contact our Privacy Officer using the information provided above.