Privacy Policy

1. Who we are

Swift Health Limited ("Swift", "we", "us", "our") is a pre-launch Health Maintenance Organisation working toward accreditation by the National Health Insurance Authority (NHIA) of Nigeria. Final regulatory framework and the company registration number will be published here once both are confirmed.

We are committed to protecting your personal information in accordance with the Nigeria Data Protection Act 2023 (NDPA) and the Nigeria Data Protection Regulation (NDPR).

2. Information we collect

We collect the following categories of information:

• Identity data: Full name, date of birth, gender, National Identification Number (NIN), photograph.
• Contact data: Phone number, email address, residential address.
• Health data: Medical history, claims records, prescriptions and lab results captured during care delivered under your Swift Lite plan.
• Financial data: Payment card details (tokenised, we do not store raw card numbers), bank account information for refunds, transaction history.
• Device data: Device type, operating system, app version, push notification token.
• Usage data: Pages visited, features used, session duration.

3. How we use your information

• To verify your identity (KYC) and prevent fraud.
• To administer your health insurance policy and process claims.
• To facilitate provider eligibility checks at the point of care.
• To send renewal reminders, claim status updates, and health tips.
• To comply with NHIA reporting requirements and legal obligations.
• To improve our services through anonymised aggregate analytics.

We will never sell your personal data to third parties or use your health data for marketing purposes without your explicit consent.

4. Legal basis for processing

• Contract performance: Processing necessary to administer your insurance policy.
• Legal obligation: NHIA regulatory reporting, AML/KYC obligations.
• Legitimate interests: Fraud prevention, network security.
• Consent: Marketing communications, optional health analytics features.

5. Data sharing

We share your data only with:

• Healthcare providers in our network, to verify your eligibility and process claims.
• Identity verification partners (Smile ID, NIMC), solely for KYC purposes.
• Payment processors (Paystack), for premium collection and claim settlements.
• NHIA, monthly statistical reports as required by regulation.
• Law enforcement, when required by a valid court order.

All third-party processors are bound by data processing agreements consistent with NDPA requirements.

6. Data retention

• Member records: 7 years after policy termination (NHIA requirement).
• Claims records: 7 years from settlement date.
• KYC documents: 5 years from the date of verification.
• Contact enquiry data: 2 years from submission.

7. Your rights

Under the NDPA 2023, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion of data we no longer have a legal basis to hold.
• Object to processing based on legitimate interests.
• Withdraw consent for marketing communications at any time.
• Lodge a complaint with the Nigeria Data Protection Commission (NDPC).

To exercise any of these rights, email privacy@getswift.health. We respond within 30 days.

8. Security

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Access to personal and health data is restricted to authorised personnel on a need-to-know basis. Ahead of launch we are putting independent security testing in place and working toward a recognised security-assurance standard (such as SOC 2) before we hold live member health data.

9. Cookies

Our website uses strictly necessary cookies for authentication and session management. We use anonymised analytics (no cross-site tracking). You can manage cookie preferences in your browser settings.

10. Contact

Data Protection Officer: privacy@getswift.health

Our registered postal address will be published here once Swift Health Limited's incorporation completes.