Ambucycle

Ambucycle

Data Privacy Policy

  1. Definitions

    Biodata: Biographical information: Personal information with regard to gender, nationality, contact information, physical location, and any other
    Controller: Means the natural or legal person, authority, organization or other agency that makes decisions individually or together with other parties regarding the purposes and means for processing Personal Data.
    GDPR: Means the General Data Protection Regulation((EU) 2016/679)
    Personal Data: Means any information identifying you or information relating to you that we can identify (directly or indirectly) from that data alone or in combination with other identifiers we possess or can reasonably access.
    Personal Data excludes anonymous data or data that has had the identity of you as an individual permanently removed.
    Processor: Means a natural or legal person, authority, organization or other agency that processes Personal Data on behalf of the Controller.
    Responsible Person: Means information security department
    Minor: Means an individual who has not attained the age of eighteen (18) years
    Consent: Means processing your Customer Information where you have signified your agreement by a statement or clear opt-in to processing for a specific purpose. Consent will only be valid if it is a freely given, specific, informed and unambiguous indication of what you want.
    Customer/User: Means any individual within the Republic of Rwanda to which we provide our services.

    2. Who We Are

      We are Ambucycle Ltd. with our registered office at Norrsken House - 1 KN 78 St Kigali specializing in emergency healthcare. This privacy notice for Ambucycle App ('Company', 'we', 'us', or 'our',), describes how and why we might collect, store, use, and/or share ('process') your information when you use our services ('Services'), such as when you:
      1. Download and use our mobile application (Ambucycle App).
        1. Engage with us in other related ways, including any sales, marketing, or events.
          Our Privacy Policy (“Privacy Policy”) helps explain our information practices, including the information we process to support our Services. For example, we talk about what information we collect and how this affects you.
          Questions or concerns?
          Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our services as this Information is required to be able to serve you. If you still have any questions or concerns, please contact us at ambucycleer@gmail.com

        2. Information We Collect

          We must receive or collect some information to operate, provide, improve, understand, customize, support, and market our Services. This also includes when you install, access, or use our Services. The types of information we receive and collect depend on how you use our Services. Information that we are collecting regarding you and used devices:
          Sensitive Information
          When necessary, with your consent or as otherwise permitted by applicable law, we process the following categories of sensitive information:
          1. Medical data. We may request access to your current or past medical information, personal description, emergency contactname and address, location, phone number and any other information you would provide to us.
            1. Application Data. If you use our application(s), we also may collect the following information if you choose to provide us with access or permission:
              1. Geolocation Information. We collect device location information if you use our location features. We may request access or permission to track location-based information from your mobile device, either continuously or while you are using our mobile application(s), for diagnostics and troubleshooting purposes such as if you are having trouble with our app's location features. We use various technologies to determine location, including IP, GPS, and information about nearby Wi-Fi access points, beacons, and cell towers.
              2. Images via devices camera access and device storage (we may request you to upload or take photos with your device's camera as an identifier. NB: If you wish to change our access or permissions, you may do so in your device's settings.
              3. Push Notifications. We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.
            This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.
            All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

            1. Information You Provide

              We may collect the following consumer information via our Mobile App, Website, and Web App. Information received directly from you and provided by filling our registration forms which are an integral part of using our Services. This may include Biodata, your photo, contact preferences, e-mail and phone.

              2. How We Use Information

                We use the information we have (subject to the choices you make) to operate, provide, improve, understand, customize, support, and market our Services. Here's how:

                1. Our Services

                  We use the information we have to operate and provide our services, including verifying your identity, identify your emergency and connect you to the nearest ambucycle, ambulance. Our app also allows you to view nearby hospitals that provide emergency services. We will also notify the emergency contact you have provided us with at the time of registration, Analyzing customer behavior, providing customer support, and improving, fixing, and customizing our services. We understand how people use our services and analyze and use the information we have to evaluate and improve our services, research, develop, and test new services and features, and conduct troubleshooting activities. We also use your information to respond to you when you contact us.

                  1. Safety and Security

                    We verify accounts and activity and promote safety and security on and off our services, such as by investigating suspicious activity or violations of our Terms, and ensure our services are being used legally.

                    1. Communications About Our Services

                      We use the information we have to communicate with you about our services and features and let you know about our terms and policies and other important updates. We may provide you with marketing for our services.

                      1. Measurement, Analytics, and Other Business Services

                        We help you when you use our service to measure the effectiveness and distribution of your finances and understand how you interact with our services. We may process your information as part of our efforts to keep our services safe and secure.

                        1. Information You and We Share

                          You share your information as you use and communicate through our services, and we share your information to help us operate, provide, improve, understand, customize, support, and market our services. We may share or transfer your information in connection with ambulance service providers and hospitals nearby.

                          1. Your Contacts and Others

                            Users and businesses with whom you communicate may store or reshare your information (including your phone number or messages) with others on and off our services. You can choose whom you communicate with and certain information you share within the scope of our services.

                          2. Where We Store Your Data and Security

                            The data that we collect from you may be transferred to, and stored at, a destination outside your country of origin or residence (as applicable). It may also be processed by staff operating outside your country of origin or residence (as applicable), who work for us or for one of our suppliers. Our staff members may be engaged in the fulfillment of your requests on our Service Platforms.
                            Data stored outside Rwanda may be subject to the laws of the country in which it is stored. By submitting your personal data, you agree to the collection, transfer, storing, or processing of your personal data in the manner set out above. We will take all steps reasonably necessary to ensure that your data is treated, stored, and processed securely and in accordance with these Terms and Conditions.
                            Where we have given you (or where you have chosen) a password that enables you to access certain parts of our services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
                            Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our services, any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
                            We implement and maintain appropriate safeguards to protect personal data, considering, in particular, the risks to you, presented by unauthorized or unlawful processing or accidental loss, destruction of, or damage to their personal data.
                            Safeguarding will include the use of encryption and pseudonymization where appropriate. It also includes protecting confidentiality (i.e. that only those who need to know and are authorized to use personal data have access to it), integrity, and availability of the personal data. We regularly evaluate and test the effectiveness of those safeguards to ensure the security of our processing of personal data.

                            2. Cookies and Tracking

                              We may use mobile tracking technologies and/or website cookies to distinguish you from other users of the App, Web Site, or Service Sites. This helps us to provide you with a good experience when you use the App or browse any of the Service Sites and also allows us to improve the App and Website. For example, we use cookies:
                              To understand which of our FAQs are most popular and to show you relevant content related to our Services;
                              To remember your choices, such as your language preferences, and otherwise to customize our Services for you; and
                              To rank the FAQs on our website based on popularity, understand mobile versus desktop users of our web-based Services, or understand popularity and effectiveness of certain of our web pages.

                              2. How You Exercise Your Rights

                                Under the General Data Protection Regulation or other applicable local laws, you have the right to access, rectify, port, and erase your information, as well as the right to restrict and object to certain processing of your information. This includes the right to object to our processing of your information for direct marketing and the right to object to our processing of your information where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party. You can access or port your information via a request to ambucycleer@gmail.com. You can access tools to rectify, update, and erase your information directly in-app as described in the Managing and Deleting Your Information section (13). If we process your information based on our legitimate interests or those of a third party, or in the public interest, you can object to this processing, and we will cease processing your information unless the processing is based on compelling legitimate grounds or is needed for legal reasons. You can also object to our processing of your information and learn more about your options for restricting the way we use your information by visiting https://ambucycleltd.com/privacy-policy. Where we use your information for direct marketing for our own Services, you can always object and opt out of future marketing messages using the unsubscribe link in such communications.
                                Depending on the circumstances, you have a right to know: whether we collect and use your personal information; the categories of personal information that we collect; the purposes for which the collected personal information is used; whether we sell your personal information to third parties; the categories of personal information that we sold or disclosed for a business purpose; the categories of third parties to whom the personal information was sold or disclosed for a business purpose; and the business or commercial purpose for collecting or selling personal information.
                                In accordance with applicable law, we are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request. Depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g. phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate.
                                We will only use the personal information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.
                                Other privacy rights
                                You may object to the processing of your personal information. You may request correction of your personal data if it is incorrect or no longer relevant, or ask to restrict the processing of the information. You can designate an authorized agent to make a request under the CCPA on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with the CCPA.
                                You may request to opt out from future selling of your personal information to third parties. Upon receiving an opt-out request, we will act upon the request as soon as feasibly possible, but no later than fifteen (15) days from the date of the request submission.
                                To exercise these rights, you can contact us by referring to the contact details at the bottom of this document. If you have a complaint about how we handle your data, we would like to hear from you.

                                2. Controls for Do-Not-Track Features

                                  Do-Not-Track (‘DNT') are features or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no, uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

                                  2. Managing and Deleting Your Information

                                    We store information until it is no longer necessary to provide our services, or until your account is deleted, whichever comes first. All information you provide to us is stored on our secure servers. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
                                    We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
                                    Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
                                    Length of data retention is a case-by-case determination that depends on things like the nature of the information, why it is collected and processed, and relevant legal or operational retention needs.

                                    2. Update to Our Policy

                                      We will notify you before we make changes to this Privacy Policy and give you the opportunity to review the revised Privacy Policy before you choose to continue using our Services.

                                      2. Contact Information

                                        If you have questions about our Privacy Policy, please contact us ambucycleer@gmail.com or write us here:
                                        Ambucycle Ltd.
                                        1 KN 78 St.
                                        Kigali, Rwanda

                                        2. How We Process Information

                                          Under European law, companies must have a legal basis to process data. You have particular rights available to you depending on which legal basis we use, and we've explained these below. You should know that no matter what legal basis applies, you always have the right to request access to, rectification of, and erasure of your data under the General Data Protection Regulation (the “GDPR”).
                                          For all people who have legal capacity to enter into an enforceable contract, we process data as necessary to perform our contracts with you (the Terms of Service, the “Terms”). We describe the contractual services for which this data processing is necessary in Our Services section of the Terms and in the additional informational resources accessible from our Terms. The core data uses necessary to provide our contractual services are:
                                          1. To provide, improve, customize, and support our Services as described in “Our Services”;
                                            1. To promote safety and security;
                                              1. To transfer, transmit, store, or process your data outside the EEA, including to within the United States and other countries; and
                                                1. To communicate with you, for example, on Service-related issues.
                                                  We'll use the data we have to provide these services; if you choose not to provide certain data, the quality of your experience using Ambucycle may be impacted.
                                                  When we process data you provide to us as necessary to perform our contracts with you, you have the right to port it under the GDPR. To exercise your rights, visit How You Exercise Your Rights section of the Privacy Policy.
                                                  The other legal bases we rely on in certain instances when processing your data are:

                                                  1. Your Consent

                                                    For collecting and using information you allow us to receive through the device-based settings when you enable them (such as access to your GPS location, camera, or photos), so we can provide the features and services described when you enable the settings. When we process data you provide to us based on your consent, you have the right to withdraw your consent at any time and to port that data you provide to us, under the GDPR. To exercise your rights, visit your device-based settings, your in app-based settings like your in-app location control, and the How You Exercise Your Rights section of the Privacy Policy.

                                                    1. Our legitimate interests or the legitimate interests of a third party, where not outweighed by your interests or fundamental rights and freedoms (“legitimate interests”):

                                                      For people under the age of majority (under 18, in most EU countries) who have a limited ability to enter into an enforceable contract only, we may be unable to process personal data on the grounds of contractual necessity. Nevertheless, when such a person uses our Services, it is in our legitimate interests:
                                                      1. To provide, improve, customize, and support our Services as described in Our Services;
                                                      2. To promote safety and security; and
                                                      3. To communicate with you, for example, on Service-related issues.

                                                    2. The legitimate interests we rely on for this processing are:

                                                      To create, provide, support, and maintain innovative Services and features that enable people under the age of majority to express themselves, communicate, discover, and engage with information and businesses relevant to their interests, build community, and utilize tools and features that promote their well-being;
                                                      To secure our platform and network, verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, and keep our Services and all of Ambucycle Products free of harmful or inappropriate content, and investigate suspicious activity or violations of our terms or policies and to protect the safety of people under the age of majority, including to prevent exploitation or other harms to which such individuals may be particularly vulnerable.

                                                      1. For all people, including those under the age of majority:

                                                        For providing measurement, analytics, and other business services where we are processing data as a controller. The legitimate interests we rely on for this processing are:
                                                        To provide accurate and reliable reporting to businesses and other partners, to ensure accurate pricing and statistics on performance, and to demonstrate the value our partners realize using our Services; and
                                                        In the interests of businesses and other partners to help them understand their customers and improve their businesses, validate our pricing models, and evaluate the effectiveness and distribution of their services and messages, and understand how people interact with them on our Services.

                                                        1. For providing marketing communications to you. The legitimate interests we rely on for this processing are:

                                                          1. To promote Ambucycle and issue direct marketing.
                                                          2. To share information with others including law enforcement and to respond to legal requests. See our Privacy Policy under Law and Protection for more information. The legitimate interests we rely on for this processing are:
                                                          3. To prevent and address fraud, unauthorized use of the Ambucycle Services, violations of our terms and policies, or other harmful or illegal activity; to protect ourselves (including our rights, property or Products), our users or others, including as part of investigations or regulatory inquiries; or to prevent death or imminent bodily harm.
                                                          4. To secure systems and fight spam, threats, abuse, or infringement activities and promote safety and security across Ambucycle Services. You have the right to object to, and seek restriction of, such processing; to exercise your rights, visit How You Exercise Your Rights section of the Privacy Policy. We will consider several factors when assessing an objection including: our users' reasonable expectations; the benefits and risks to you, us, other users, or third parties; and other available means to achieve the same purpose that maybe less invasive and do not require disproportional effort. Your objection will be upheld, and we will cease processing your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons. If you are under the age of majority in your country and have a limited ability to enter an enforceable contract, we will take particular account of the fact that you are below the age of majority and adjust our assessment of our legitimate interests and the balancing of your interests and rights accordingly.

                                                        2. Compliance with a legal obligation:

                                                          For processing data when the law requires it, including, for example, if there is a valid legal request for certain data.

                                                          1. Protection of your vital interests or those of another person:

                                                            The vital interests we rely on for this processing include protection of your life or physical integrity or that of others, and we rely on it to combat harmful conduct and promote safety and security, for example, when we are investigating reports of harmful conduct or when someone needs help.

                                                            1. Tasks carried out in the public interest:

                                                              For undertaking research and to promote safety and security, as described in more detail in our Privacy Policy under How We Use Information, where this is necessary in the public interest as laid down by European Union law or Member State law to which we are subject.
                                                              When we process your data as necessary for a task carried out in the public interest, you have the right to object to, and seek restriction of, our processing.
                                                              In evaluating an objection, we'll evaluate several factors, including: reasonable user expectations; the benefits and risks to you and third parties; and other available means to achieve the same purpose that may be less invasive and do not require disproportional effort.
                                                              Your objection will be upheld, and we will cease processing your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons.

                                                            2. Disclaimer

                                                              Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these web-sites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. Data Subject Rights Request Form
                                                              We have provided a form for our customers to exercise their Data Subject Rights in accordance with the Rwanda Data Protection and Privacy Law, No. 058/2021 of 13/10/2021. Please find the attached form below.