PRIVACY NOTICE AND INFORMED CONSENT NOTICE. CONSENT TO PROCESS PERSONAL INFORMATION IN TERMS OF THE PROTECTION OF PERSONAL INFORMATION ACT, 4 OF 2013 (POPIA)

(EMAIL, WEBSITE, AND SOCIAL MEDIA PRIVACY NOTICE)

This Privacy Policy is issued in accordance with Section 18 of the Protection of Personal Information Act, 4 of 2013 (“POPIA”). It applies to all users of www.myneohealth.co.za and forms part of our website’s Terms and Conditions. Please read this notice carefully before using our website, social media, or electronic platforms, or providing any personal information to NeoHealth. By using our services or submitting your personal information, you consent to the processing of your information as described in this policy.

1. Application of This Policy

This policy applies to all personal information processed by NeoHealth via our website, email, and social media platforms. It covers all users, including patients, clients, staff, service providers, and any third parties who interact with NeoHealth’s electronic platforms.

2. What Personal Information We Collect

We may collect and process the following types of personal information:

• Name, surname, date of birth, ID number, and gender
• Contact details (address, phone number, email)
• Medical aid or insurance details
• Medical history, clinical notes, test results, and other health-related information
• Billing and payment details
• Information you provide via our website, social media, email, or other communications
• Technical data from your use of our website (including cookies, IP address, browser type, device information, and usage analytics)
• Information received from third parties such as referring healthcare providers, hospitals, or medical aids

Personal information is collected:

• Voluntarily: When you book appointments, complete forms, communicate with us, or interact with our website and social media.
• Automatically: Through cookies and similar technologies when you use our website.
• From Third Parties: Where relevant to your care or our services.

3. Why We Collect and Use Your Information

NeoHealth processes your personal information for a variety of specific, lawful purposes, including:

• Direct Patient Care: To provide, manage, and coordinate your healthcare, including diagnosis, treatment, and referrals.
• Continuity and Quality of Care: To maintain accurate records, ensure safe and effective treatment, and facilitate communication between healthcare providers.
• Administrative and Operational Purposes: To book appointments, process billing and payments, manage accounts, and communicate with you about appointments, results, and practice updates.
• Medical Aid and Insurance: To confirm benefits, obtain authorisations, process claims, and liaise with funders as required.
• Legal and Regulatory Compliance: To comply with applicable laws, regulations, and professional standards, including reporting to health authorities or regulatory bodies where required.
• Risk Management and Security: To prevent fraud, manage risks, ensure the safety of our patients and staff, and protect the integrity of our systems.
• Quality Improvement and Research: To monitor, audit, and improve our services, conduct research using de-identified or aggregated data, and support public health initiatives (where permitted by law and ethics guidelines).
• Patient Engagement and Education: To provide you with relevant health information, reminders, and updates about our services (with your consent, and you may opt out at any time).
• Defending Legal Claims: To defend or pursue legal claims as necessary.
• Public Interest and Vital Interests: To protect public health or your vital interests in emergencies, such as outbreaks or where you are unable to provide consent.
• Business Operations: For practice management, planning, and service development.
• Security and Monitoring: To ensure the integrity and security of our electronic platforms and communications.

Some information is required by law or for us to provide healthcare services. If you do not provide this information, we may not be able to treat you or process your claims.

4. Legal Basis for Processing

We process your personal information on the following legal grounds:

• Consent: Where you have given explicit, voluntary, specific, and informed consent for specific uses.
• Contract: Where processing is necessary for the performance of a contract with you.
• Legal Obligation: Where required to comply with applicable law.
• Vital Interests: Where necessary to protect your life or health.
• Public Interest: Where processing is necessary for public health or safety.
• Legitimate Interests: For purposes such as quality improvement, research, or administrative efficiency, provided your privacy rights are protected.

5. Sharing and Disclosure

NeoHealth does not sell your personal information. We may share your information with:

• Other healthcare providers involved in your care (e.g., specialists, laboratories, hospitals)
• Medical aids, insurers, and payment processors
• Service providers (e.g., IT, billing, cloud storage) under strict confidentiality agreements
• Regulatory authorities or law enforcement, if required by law
• Research partners (using de-identified or aggregated data only, and only where permitted)
• Only with your consent or as required/permitted by law

If your information is transferred outside South Africa, we ensure that adequate protections are in place in line with POPIA.

6. Social Media and Website Use

We use social media to share general health information and practice updates. We do not discuss individual patient cases or share identifiable information on social media. Please use official channels (phone, email, in-person) for personal health matters.

Our website uses cookies and similar technologies to improve your experience and collect analytics. You can control cookies in your browser settings, but disabling them may affect site functionality.

7. Security and Retention

We use physical, electronic, and procedural safeguards to protect your information, including:

• Secured cabinets for files
• Password-protected digital systems
• Staff confidentiality agreements
• Access limited to authorised personnel

We retain your records as required by law and professional guidelines. When no longer needed, data is securely deleted or anonymised.

8. Your Rights as a Data Subject

You have the right to:

• Be notified when your information is collected or accessed
• Access your personal information
• Request correction, destruction, or deletion of your information
• Object to processing or direct marketing
• Withdraw consent at any time (where applicable)
• Lodge a complaint with the Information Regulator

To exercise your rights, please contact us at admin@myneohealth.co.za or call us on +27 44 868 0707

9. Updates to This Policy

This policy may be updated from time to time. The latest version will always be available on our website. Continued use of our website or services indicates your acceptance of any changes.

By using our website, social media, or electronic platforms, and by submitting your personal information, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal information as described herein.