Get Therapy

Privacy Policy

How we handle your data

Welcome to Orius Medical Limited (accessible via https://oriusmedical.com). We are committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital mental health services in accordance with the laws of the Federal Republic of Nigeria.

Introduction and scope

Orius Medical Limited (“Orius”, “we”, “us”, or “our”) operates as a Data Controller. This policy applies to all users, clients, patients, and healthcare providers who interact with our platform. By using our services, you consent to the practices described in this policy.

Legal framework

Our data processing activities are governed by:

  • The Nigeria Data Protection Act (NDPA) 2023.
  • The NDPA General Application and Implementation Directive (GAID) 2025.
  • Section 37 of the 1999 Constitution of the Federal Republic of Nigeria, which guarantees the right to privacy.
  • ​Relevant healthcare regulations regarding medical confidentiality and record-keeping in Nigeria.

Information we collect

Due to the nature of our services, we collect both Personal Data and Sensitive Personal Data (as defined under the NDPA).

  • Identity Data: Full name, date of birth, gender, and government-issued identification.
  • Contact Data: Email address, telephone number, and residential address.
  • Health and Medical Data: Clinical notes, mental health history, diagnoses, prescriptions, and therapy session summaries.
  • Financial Data: Payment details (processed through authorised third-party payment gateways compliant with Nigerian financial regulations).
  • Technical Data: IP address, browser type, and usage patterns on our website.

Lawful basis for processing

Under the NDPA 2023, we process your data based on the following legal grounds:

  1. Consent: Your explicit, informed, and freely given consent to process your health data for tele-consultations.
  2. Contractual Necessity: To fulfil our agreement to provide you with mental health services.
  3. Legal Obligation: To comply with Nigerian medical record-keeping laws and anti-money laundering (AML) requirements.
  4. Vital Interest: In emergency situations where your life or safety is at risk and you are unable to provide consent.

How we use your information

We utilise your data to:

  • ​Provide clinical assessments and mental health treatments.
  • ​Facilitate secure communication between patients and practitioners.
  • ​Process payments for services rendered.
  • ​Improve our platform through internal audits and data analytics (using anonymised data).
  • ​Comply with statutory reporting to Nigerian health authorities where required.

Data security and retention

We implement robust technical and organisational measures to prevent unauthorised access, including:

  • End-to-End Encryption: For all clinical communications and data storage.
  • Access Controls: Restricting data access to only authorised medical personnel.
  • Retention: We retain your medical records for the minimum period required by Nigerian healthcare regulations (typically 10 years for clinical records), after which they are securely deleted or irreversibly anonymised.

Your data subject rights

Under the NDPA 2023, you have the following rights:

  • Right to Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To correct inaccurate or incomplete information.
  • Right to Erasure (‘Right to be Forgotten’): To request deletion of your data, subject to legal retention requirements.
  • Right to Withdraw Consent: You may withdraw your consent for data processing at any time.
  • Right to Data Portability: To receive your data in a structured, commonly used format.
  • Right to Lodge a Complaint: You have the right to report grievances to the Nigeria Data Protection Commission (NDPC).

Third party disclosures

We do not sell your data. We only share information with:

  • Licensed Healthcare Practitioners: Directly involved in your care.
  • Regulatory Bodies: If mandated by Nigerian law.
  • Service Providers: Secure cloud hosting and payment processors who are strictly bound by NDPA-compliant Data Processing Agreements (DPAs).

International data transfers

Should any data be processed outside Nigeria, we ensure that the recipient country has “Adequate Protection” laws as determined by the NDPC, or we implement Standard Contractual Clauses to ensure your rights remain protected.

Cookies

Our website uses cookies to enhance user experience. You can manage your cookie preferences through your browser settings.

Contact us

If you have any questions regarding this Privacy Policy or wish to exercise your data rights, please contact us:

WhatsApp: +234 915 048 1078

Email: orius@oriusmedical.com

Website: https://oriusmedical.com

Address: Orius HQ, Airport Road, Lugbe, FCT.

Orius 2.0_20260305_035203_0000

Empowering Africans for optimal wellbeing and productivity via therapy and mental health training.

Services

Company

Connect With Us

oriusmedical@gmail.com

+234 915 0481 078

©2026 Orius Medical Limited. All Rights Reserved.