Privacy Policy

At KIMSHEALTH GCC, we recognize that health information is deeply personal and that trust is fundamental to the relationship between a patient and a healthcare provider. We are committed to protecting the privacy, confidentiality, and security of every individual who visits our website or uses our healthcare services. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with applicable data protection and healthcare laws across the GCC and internationally, including globally accepted privacy principles.

This Policy applies to all users of our website, including patients, attendants, caregivers, healthcare professionals, and visitors. By accessing or using our website, you acknowledge that you have read, understood, and agreed to the practices described in this Privacy Policy.

When you interact with us, we may collect personal information such as your name, age, gender, contact details, nationality, and country of residence. In the course of providing medical services, we may also collect sensitive health and medical information, including medical history, diagnostic reports, treatment records, prescriptions, and appointment details. In addition, we may collect technical information such as IP address, browser type, device details, cookies, and usage patterns to ensure the smooth functioning and security of our website. Where applicable, limited financial or insurance-related information may also be collected for billing and administrative purposes, always through secure and authorized channels.

We collect this information through patient registration forms, appointment requests, online enquiries, direct interactions with our staff, authorized healthcare partners, and through cookies or similar technologies used on our website. All information is collected lawfully, fairly, and transparently, and only to the extent necessary to serve legitimate healthcare and operational purposes.

Your personal information is used primarily to provide safe, effective, and high-quality healthcare services. This includes managing appointments, maintaining medical records, communicating about your care, responding to enquiries, processing payments, and ensuring continuity of treatment across our facilities. We may also use information to improve our services, enhance user experience, comply with legal and regulatory requirements, and conduct research or analytics using anonymized or de-identified data. Promotional or marketing communications are sent only where permitted by law and based on your consent, and you may opt out at any time.

We respect your right to make informed choices about your personal information. By providing your information, you confirm that it is shared voluntarily and with full understanding of how it will be used. You may withdraw your consent at any time by contacting us; however, please note that withdrawing consent may limit our ability to provide certain medical or administrative services where the information is essential or required by law.

In order to deliver healthcare services efficiently, your information may be shared with our group companies, affiliated hospitals and clinics, licensed doctors, laboratories, diagnostic centers, insurance providers, and trusted third-party service providers such as IT and cloud service partners. Where required, information may also be disclosed to regulatory authorities or law enforcement agencies in compliance with applicable laws. Some of these entities may be located outside your country of residence. In such cases, we ensure that appropriate contractual, technical, and organizational safeguards are in place to protect your information in line with international data protection standards.

The security of your personal information is extremely important to us. We implement robust security measures including role-based access controls, encryption, multi-factor authentication, secure servers, and continuous monitoring to protect against unauthorized access, misuse, or disclosure. While we take all reasonable and appropriate steps to safeguard your information, you acknowledge that no digital system can guarantee absolute security. Nevertheless, protecting patient confidentiality remains our highest priority.

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including the provision of healthcare services and compliance with legal, medical, and regulatory obligations. Where information is no longer required, it is securely deleted or retained in anonymized form for research, statistical, or reporting purposes.

You have the right to access your personal information and to request correction or updating of inaccurate or incomplete data. Subject to applicable laws, you may also request deletion of your information or object to certain types of processing. You may withdraw consent for non-essential data use, including marketing communications, at any time. Requests can be made by contacting us using the details provided below, and we will respond within a reasonable timeframe.

Our website uses cookies to enhance functionality, improve performance, analyze usage patterns, and ensure security. Cookies do not store personally identifiable information. You may choose to disable cookies through your browser settings; however, some features of the website may not function as intended.

Our website may contain links to third-party websites for your convenience or reference. We do not control or endorse these websites and are not responsible for their content, security, or privacy practices. We encourage you to review the privacy policies of any external websites you choose to visit.

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. Any updates will be published on this page, and continued use of the website after such updates constitutes acceptance of the revised Policy.

If you have any questions, concerns, or complaints regarding this Privacy Policy or the handling of your personal information, you may contact our Data Protection or Grievance Officer at privacy@[yourcompany].com. We are committed to addressing all concerns in a fair, transparent, and timely manner.