Legal
Privacy Policy
Last updated 30 June 2026
The short version
CareGrid EA is a directory and appointment-coordination service. We collect the minimum information needed to help you find care and request appointments. We are not a medical-records system — we do not store clinical or diagnostic records.
What we collect
- Account details you provide: name, email, phone, and password (stored only as a secure hash).
- Booking context: the facility, service, preferred time, and an optional short note you write.
- Limited technical data (device, approximate IP) used for security, rate-limiting, and fraud prevention.
How we use it
To create and secure your account, route your appointment request to the facility you choose, show you relevant verified facilities, and keep the service safe. We do not sell your personal data.
Who we share it with
When you request an appointment, the booking details are shared with that facility so it can respond. Verified service providers (e.g. email/SMS delivery, hosting) process data on our behalf under contract. We disclose information when required by law.
Payments
CareGrid does not process patient payments online. Any deposit or fee is arranged directly between you and the facility. We record the payment status a facility reports, not your card or mobile-money credentials.
Security & retention
Sessions use signed cookies and production secrets; privileged actions require step-up verification. We keep data only as long as needed for the service and legal obligations, then delete or anonymise it.
Your choices
You can access, correct, or request deletion of your account data, and end active sessions from your security settings. Contact us to exercise any of these rights.
Emergencies
CareGrid is not an emergency service. In a life-threatening emergency, call 999 / 112 or go to the nearest emergency department. See our Terms.
Contact
Questions about this policy or your data: privacy@caregrid.africa.