Home About Contact Login

Privacy Policy

Medagoras Privacy Policy

Preamble and Commitment to Data Protection
This Privacy Policy (the “Policy”) describes how Medagoras, operated by Digital Agoras Ltd ("the Company," "We," "Us," or "Our") collects, uses, processes, and shares the personal and business data of our Users ("You" or "Your") in connection with your access to and use of our B2B healthcare marketplace, platform services, and the Buy Now, Pay Later (BNPL) Credit Facility.

We are committed to protecting your privacy and handling your data transparently, in strict compliance with the Nigeria Data Protection Act (NDPA) 2023 and other applicable data protection laws. By accessing or using our services, you acknowledge that you have read, understood, and consented to the collection and processing of your data as described in this Policy.

1. Applicable Data Protection Law: The NDPA 2023

As a company operating in Nigeria, we are governed primarily by the Nigeria Data Protection Act (NDPA) 2023. We adhere to its core principles: Lawfulness, Fairness, Transparency, Purpose Limitation, Data Minimisation, Accuracy, Storage Limitation, and Integrity and Confidentiality in all data processing activities.

2. Data Collected and Purpose of Processing

We collect various categories of personal and business data essential for fulfilling contractual obligations, regulatory compliance, and managing the Credit Facility. Data is processed only for legitimate and lawful purposes:

2.1 Identity and Professional Data

  • Data Elements: Name, job title, contact details (email, phone, physical address), business name

  • Purpose: Register and manage B2B account, establish communication, verify business legitimacy (Contractual Necessity)

2.2 Regulatory and KYC Data (Know-Your-Customer)

  • Data Elements: Corporate Affairs Commission (CAC) Certificates, Professional Licenses (PCN, MDCN, etc.), and National Identity Number (NIN) of directors/shareholders

  • Purpose: Comply with KYC and anti-money laundering (AML) laws, confirm professional eligibility, prevent fraud (Legal Obligation & Consent)

2.3 Financial and Transaction Data

  • Data Elements: Virtual Wallet records, purchase history, order details, outstanding debt (principal), repayment performance

  • Purpose: Process orders, manage Credit Facility, assess creditworthiness, enforce recovery rights upon default (Legitimate Interest & Contractual Necessity)

2.4 Technical and Usage Data

  • Data Elements: IP address, browser type, operating system, pages viewed, time spent on the platform, cookie data

  • Purpose: Ensure platform security, analyze service usage, troubleshoot issues, improve user experience (Legitimate Interest)

3. Disclosure and Sharing of Your Data

3.1 Necessary Third-Party Sharing
We share your data only with partners essential to our operations:

  • Payment & IT Service Providers: Manage Virtual Wallet transactions, data storage, hosting, and platform maintenance

  • Logistics Providers: Facilitate delivery of your orders

  • No Sale of Data: Your personal data will never be sold to third parties

3.2 Legal and Recovery Sharing
You expressly consent that we may share your data, including identity, financial, and KYC data, with:

  • Debt Collection Agencies: Assist in recovery of Outstanding Balance in case of default on the Credit Facility

  • Legal/Regulatory Authorities: When legally required by a court order, regulatory body (NDPA, NAFDAC), or government authority

4. Your Data Protection Rights (NDPA)

Under the Nigeria Data Protection Act, you have the following rights regarding your Personal Data:

  • Right to Be Informed: To be informed about the data we collect

  • Right of Access: Request and receive a copy of your Personal Data held by the Company

  • Right to Rectification: Correct inaccurate or incomplete data

  • Right to Erasure (Right to be Forgotten): Request deletion of your data, subject to legal obligations

  • Right to Object: Object to processing of your data, especially for marketing

  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

5. Data Security and Retention

5.1 Security Measures
We implement industry-standard technical and organizational security measures (encryption, access controls, firewalls) to safeguard your data against unauthorized access, disclosure, alteration, or destruction.

5.2 Data Retention
We retain your data only as long as necessary for the purposes collected and to meet legal, accounting, or reporting requirements. Core business and financial records are generally retained for at least six (6) years after account termination or final Credit Facility settlement.

6. Changes to This Policy and Contact Information

6.1 Changes to This Policy
We may update this Privacy Policy at any time. Material changes will be communicated via platform posting or email. Continued use of the platform signifies acceptance of updated terms.

6.2 Contact Information for Privacy Concerns
For questions, requests, or concerns regarding this Privacy Policy or your data, contact us at info@medagoras.com

Last Updated: December 2025