MyItura LTD Privacy Policy
Last updated: Sat, 18 Jul 2026
Introduction
This Privacy Policy explains how MyItura (“company,” "we," "us," or "our") collects, uses, and safeguards your personal information when you use our services (the "App"). We are committed to ensuring the protection of your privacy and complying with the requirements of the Nigerian Data Protection Act (NDPA) and the Nigerian Data Protection Regulation (NDPR). By using the app, you consent to the practises described in this privacy policy. By providing the data subject’s personal information or the personal information of a beneficiary from the data subject’s policy, the data subject acknowledges that MyItura may only use the information in the manner specified in this privacy policy.
Data Controller
MyItura acts as the data controller for the personal information processed through the mobile app, and you can contact us at info@myitura.com for further data protection-related inquiries.
Information We Collect
We collect information you provide us, and we also automatically collect information when you visit, use, or interact with our services. By providing any of this information to us, you expressly agree to our collection, use, storage, and disclosure of such information as described in this policy. We may collect the following categories of personal information when you use our web application or mobile app:
- Personal identifiable information, including but not limited to, name, date of birth, gender, height, weight, phone number, computer’s internet protocol (IP) address, phone identification and operating system, location, email address, house address, blood type, and user-generated content (e.g., messages, notes);
- Medical information, including but not limited to, alcohol consumption, diabetes status, blood pressure, blood sugar, cholesterol, and smoking status;
- Information necessary for financial processes such as billing, including but not limited to credit or debit card information, city, and state.
- Other sensitive personal data required to render our services.
Also, the web applications and mobile app utilise third-party services that may gather information capable of identifying you.
How We Use Personal Information
We may use personal information for the following purposes:
- To provide, administer, maintain, and/or analyse our services;
- To improve our services and conduct research;
- Automated decision making;
- To communicate with you;
- To provide health information and recommendations based on the data you provide;
- To develop new programs and services;
- To prevent fraud, criminal activity, or misuses of our services, and to protect the security of our IT systems, infrastructure, and networks;
- To carry out business transfers; and
- To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.
To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.
Lawful Basis for Processing
We process your personal information based on one or more of the following lawful bases as required by the NDPR where:
- You have given us explicit consent to processing your personal data;
- Processing is necessary for the performance of a contract to which you are the party, or, in cases where you requested us to process yours before entering a contract;
- Processing is necessary for compliance with our legal obligation to which we are the subject;
- Processing is necessary to protect your vital interests or those of another natural person;
- Processing is necessary for the performance of a task carried out in the public interest or the exercise of official authority laid upon us as controllers;
Disclosure Of Personal Information to Third Party Service Providers
We may engage data processors who process your data on our behalf in compliance with NDPR requirements. We may also disclose your data to comply with legal obligations or respond to lawful requests from government authorities. However, we can only share your personal information with third parties in accordance with the NDPR, which requires data processing by a third party to be governed by a written contract between the data controller and the third party. This contract requires all such third-party service providers to respect the security of your personal data and treat it in accordance with the law.
Data Subject Rights
Under the NDPA, you have the following rights regarding your personal information:
- The right to obtain confirmation as to whether MyItura processes personal data about you and, where that is the case, obtain access to your personal data processed by us as well as other information;
- The right to request rectification of personal data in cases of inaccuracy of information;
- The right to request that we erase or delete your personal data, subject to legal requirements;
- The right to access your personal data and how we will use and share your personal data;
- The right to request a copy of your data in a structured, commonly used, and machine-readable format;
- The right to restrict the processing of personal data in certain circumstances. This includes where you are disputing the accuracy of personal data, when you raise an objection to the processing of your data, if the processing of personal data is unlawful, or if the personal data is no longer required by us but you require it to establish, exercise, or defend a legal claim;
- The right to object to the processing of your personal data where you know or have grounds to assume that such processing impacts your fundamental rights and freedoms. Also, you have the right to object to the processing at any time when we are processing your personal data for direct marketing purposes. We may demonstrate that we are processing your data due to legitimate grounds overruling your rights and freedoms in certain circumstances as provided by the NDPA; and
- The right to withdraw consent where consent has previously been given. When this right is exercised, we will cease to carry out the activities that you previously consented to, unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose, in which case we will inform you of this condition.
If you would like to exercise any of these rights, please contact us at our email address, info@myitura.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request and speed up our response.
Data Security
We implement commercially reasonable technical, administrative, and organizational measures to protect personal information both online and offline from loss, misuse, unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error-free and we cannot guarantee absolute security. Therefore, you should take special care in deciding what information you send to us via the service or email. Without limitation, we are also not responsible for the actions of hackers and other unauthorized third parties that breach our reasonable security procedures. Thus, we will do our best to ensure the secure transmission of data to and from our systems.
To ensure the secure transmission of your personal data, our website employs Secure Sockets Layer/Transport Layer Security (SSL/TLS); this is evident in the padlock symbol in your URL address bar once you are successfully logged into the platform. The URL address will also begin with https://, with the “s” indicating that the page is secure. SSL encrypts communication between two points, such as your computer and the connecting server. Any data sent during the session will be encrypted before being sent and decrypted at the receiving end. This is done to ensure that data cannot be read during transmission.
Our website is scanned on a regular basis for security loopholes and known vulnerabilities to make your visit to our site as safe as possible. Information that you provide to us will be stored on our secure servers. By submitting personal information, you agree to this transfer, storage and processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
Also, we have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.
Data Retention
We will keep your personal data as long as it is necessary to fulfil the original purpose for which we collected it. This includes, but is not limited to, fulfilling our commitment to provide you with our services through the application and meeting any applicable reporting, accounting, or legal requirements.
When determining how long we will keep your personal data with us, we consider the nature, the sensitivity of personal data and its amount, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we collected your personal data and processed it, and the applicable legal requirements.
Age Of Consent
This website and the application may only be used by natural persons who can enter into legally binding contracts under the law applicable in their country of residence. By agreeing to this privacy policy, you represent that you are of legal age in your state or country of residence. Neither the website nor the application is intended for children, and we do not intentionally collect data relating to children.
Links to Other Sites
This service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Please take notice that these external sites are not operated by us. Therefore, we strongly advise you to review the privacy policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
Patient-Doctor Confidentiality
We may share medical information about you, including but not limited to your medical history, illnesses, and prescriptions, with our registered doctors, who are members of the Medical and Dental Council of Nigeria. We share your medical information and consultation history with each doctor you book a consultation or appointment with. This sharing enables them to assess health conditions, provide advice, and deliver the services that you request, all in accordance with our terms and conditions.
We guarantee that all data shared with our doctors is safeguarded with suitable and effective measures. Our doctors are obligated to uphold the oath administered by the Medical and Dental Council of Nigeria. This ensures that they maintain the confidentiality and security of the personal information entrusted to them, using it solely for its intended purposes.
We disclose every doctor’s professional information on our mobile app and web application to ensure that every patient has access to the necessary tools to thoroughly evaluate their options.
Remedies for Violation of Data Protection Policy and the Timeframe for Remedy
In the event of a violation of this policy, the data controller shall, within 15 days, redress the violation. Where the violation pertains to the disclosure of the data subject’s information without his/her consent, such information shall be retracted immediately, and confirmation of the retraction shall be sent to the data subject within 48 hours of the redress.
If a violation is attributable to any representative of the data controller, that representative will face a suitable sanction.
COMPLAINTS
You have the right to file a complaint with the Nigerian Data Protection Commission, your place of work, or the place where you believe the violation of your data privacy has occurred if you believe that the processing of your personal data breaches the relevant data protection law.
However, we would appreciate the opportunity to deal with your concerns before sending your complaint to the supervisory authority. Please don’t hesitate to reach out to us first.
Changes to this Privacy Policy
We may update this privacy policy in accordance with the NDPA and NDPR. Thus, you are advised to review this page periodically for any changes. Any changes made will be posted on this page. These changes are effective immediately after they are posted on this page.
Contact Information
If you have any questions or concerns about this privacy policy or our data practices, please contact us at info@myitura.com.
By using the mobile app or web application, you agree to the terms of this privacy policy. If you do not agree with these terms, please do not use the app or web application.
MyItura