Privacy Policy

Privacy Policy

This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

We may collect, process and retain the following types of information about you (which will be referred to as Data in this Privacy Policy) from the website or mobile app including:

  • Information which is able to personally identify you and which may be provided by you at the time of voluntary registration for the services offered by us or gathered through your use of the website/ app (including when you make enquiries through the website or app), this may include name, address, email address, date of birth, mobile number, marital status, family members or dependent, National ID card/number, username etc. In addition, this may include information about a deceased individual if it would lead to them or a member of their family be identified specifically;
  • Financial information (for example, credit card details, bank details);
  • Information related to your use of the Website/app (for example, domain name, IP address and cookies, location data);
  • Information relating to your purchase of or access to a product or service (such as records of purchase, delivery details, payment receipts etc.);
  • Any feedback or comments provided by you online;

Information which we consider to be Sensitive Personal Information concerning, including or relating to your health and which may include information:

  • About your individual health, including your medical history;
  • About your physical attributes, such as weight, height, blood pressure etc.;
  • About any disabilities that you may have or have had;
  • About any healthcare services that are being provided, or have been provided, to you;
  • Provided by you in connection with the donation, by you of any body part or any bodily substance, or derived from the testing or examination of any body part, or any bodily substance of you;
  • About you which is collected before, or in the course of, and incidental to, the provision of any healthcare services;
  • Information relating to your medical insurance coverage, should you choose to provide it for direct billing purposes;
  • Any other information you independently choose to provide to us via the app/website from time to time (for example, if you complete an enquiry form, register for a promotion or participate in a support chat service).

The site will record and track the use you make of the website through the use of, amongst other things, cookies and other monitoring tools and devices. You can choose to turn off non-essential cookies in your browser and you can delete them from your hard drive. You do not need to have cookies turned on to use the website but you will need them to use and access some parts of the app and to access personalised or secure content on the website/app. We may use essential cookies which are strictly necessary without your consent and are automatically set. You will not be able to disable these unless you change your browser or device settings. Some webpages in the website/app may not function as intended if the essential cookies are turned off. The use of essential cookies will not prejudice your rights as a data subject and no Sensitive Personal Information will be processed.

Collection of Data is mandatory unless stated otherwise. In cases where you do not provide the requested Data, then we may not be able to comply with our obligations under applicable laws and it may affect our site services available to you.

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

  • track traffic patterns to and from the Website/app (and which may include retaining details of your IP address, operating system, browser, domain and other user information (e.g. your username));
  • inform what advertising is being shown;
  • ensuring that the content of the Website/app is presented in the most effective manner for you and for the device which you are using to access the Website/app
  • to review, develop, facilitate or improve our delivery of the Website/app and the services available on the Website/app;
  • simplify the entry of your Data in certain online forms;
  • enable you to enter the Website/app and access and use certain services provided via the Website/app;
  • to contact you for follow-up purposes if a consultation session is ended due to a technical fault or for some unknown reason;
  • to respond to any queries, requests, or comments that you have submitted
  • to review, develop and improve the services which we offer;
  • to notify you about changes to the Website/app or our services, where applicable;
  • to protect the safety of members of the public and users of our services;
  • for non-personally identifiable information only, with advertisers and other third-party providers for marketing purposes;
  • with vendors, administrative service providers, technology providers, and carefully selected business associates for data validation, enhancement, information verification and suppression services;
  • for any other purpose for which the user provides consent; and
  • as necessary to comply with legal and regulatory obligations, including record keeping, and if necessary in the exercise or defence of legal claims.
  • We use Sensitive Personal Information in order to ensure that we are able to offer our services requested by you and/or provided by us to the best of our ability. We will use the Sensitive Personal Information to assist in the provision of information to you about your health or your medical records and to provide our services, including considering your Sensitive Personal Information to make recommendations and diagnoses. We will store Sensitive Personal Information in your medical records in accordance with prevailing practice in the medical industry in the relevant territory where you are based and in accordance with our legal obligations

  • We may use an SSL certificate based on the sensitiveness of the data being handled. Mostly, we would only share information, files and articles etc. We never ask for credit card details
  • We do not use vulnerability scanning and/or scanning to PCI standards
  • We do not use Malware Scanning

Our Website/app and our online services are intended for users located in the Kingdom of Saudi Arabia (KSA). We comply with all applicable data protection laws in this jurisdiction, which includes the Saudi Arabia Personal Data Protection Law as amended (the KSA PDPL).

We do not share your Personally Identifiable Information to any third parties. If required, we may share your PII details for the purpose of insurance or other relevant services, if required. However, we will take the user consent before doing the same.

The Fair Information Practices Principles form the backbone of privacy law and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information

  • We will notify you via email within 7 business days
  • We will notify the users via in-site notification within 7 business days

We will keep your Data only for as long as is necessary to respond to any queries or complaints, to improve the services that we offer to you, to comply with any legal obligations to which we may be subject, and to comply with medical good practice and regulatory requirements in relation to the retention of medical records.

To determine the appropriate retention period for Data, we consider the amount, nature, and sensitivity of the Data, the potential risk of harm from unauthorised use or disclosure of your Data, the purposes for which we process your Data and whether we can achieve such purposes through other means, and the applicable legal requirements.

When your Data is no longer required, we will ensure it is securely deleted or annoymised.

If you are residing in the Kingdom of Saudi Arabia and order physical goods from us, such as through our online pharmacy, we will only retain the Data related to the transaction for as long as necessary, taking into account the nature of the transaction, unless we are required to retain the Data longer by law.

Also, refer to the data retention advice of Ministry of Health, Saudi Arabia, wherein, the ministry advices to retain the customer/patients’ data for a period of atleast five years.

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders
  • Send you additional information related to your product and/or service
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred

  • Not use false or misleading subjects or email addresses
  • Identify the message as an advertisement in some reasonable way
  • Include the physical address of our business or site headquarters
  • Monitor third-party email marketing services for compliance, if one is used
  • Honour opt-out/unsubscribe requests quickly
  • Allow users to unsubscribe by using the link at the bottom of each email

  • Users must commit to keeping all obtained data and information, such as usernames and passwords for institution accounts and applications, confidential. Providing this information to an unauthorized person is a violation and the user bears full responsibility for the consequences.
  • Do not save your username and password when using public devices.
  • It is recommended to create a strong and unique password for your account on the application.
  • Avoid using easily guessable passwords that contain readily accessible personal information.
  • It is recommended to change your password periodically.

  • Make sure to connect securely when accessing our applications.
  • It is recommended to use an encrypted connection over HTTPS protocol to protect your personal data.

We recommend enabling two-factor authentication (2FA) if available, as this feature adds an extra layer of security when logging in and protects your account from hacking.

Make sure to install the latest security updates for your devices and software used. Security patches are released regularly, and installing them helps protect you.

Be cautious when opening unusual or suspicious emails. Some emails may contain links or files infected with malware. Before opening them, verify the source and ensure its authenticity.

Before using any web application, make sure to read its related privacy policy. Learn how data is collected, used, and shared. Make sure you agree to the practices followed before proceeding.

If you are using a web application that requires entering personal data or sensitive information, make sure that the data is stored and transmitted securely.

Be cautious when using web applications on public devices such as library computers or public internet.

We are working hard to ensure your safety and security on our electronic platform. However, please note that you are responsible for your personal behavior when using the application.

We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.

If at any time you would like to unsubscribe from receiving future emails, you can email us at info@rh.med.sa.

If there are any questions regarding this privacy policy, you may contact us using the information below:

Riyadh Hospital, King Abdullah Rd, Al Mughrizat, Riyadh 12481

Email : info@rh.med.sa

Contact Numbers : +966 (011) 5215555; +966 55 466 4361