Privacy Policy

Jasmine Dental and Medical Centre LLP — Jasmine Pharmacy

Website: https://pharmacy.jdmc.co.ke/ | PPB Reg. No. PPB/J/9335

Last Updated: May 15, 2026

This Privacy Policy describes how Jasmine Dental and Medical Centre LLP ("we", "us", or "our") collects, uses, and discloses your personal information — including health data — when you visit or use the services available at https://pharmacy.jdmc.co.ke/ (the "Site") or otherwise communicate with our pharmacy team. Jasmine Pharmacy operates as a licensed pharmacy under PPB Registration No. PPB/J/9335.

For the purposes of the Kenya Data Protection Act, 2019 ("DPA"), Jasmine Dental and Medical Centre LLP acts as the Data Controller. This Policy is issued in compliance with the DPA and the strict guidelines of the Pharmacy and Poisons Board ("PPB").

IMPORTANT: Our pharmacy specializes exclusively in the fulfillment of prescription-only medications for patients managing chronic conditions. We do not sell over-the-counter (OTC) drugs. Because of the specialized nature of chronic care and our 24-hour delivery framework, we collect sensitive health and medical information. We handle this information with the highest level of confidentiality and security, consistent with pharmaceutical and medical privacy standards.

By using the Site, you consent to the practices described herein. If you do not agree, please do not use the Site.

1. What Personal Information We Collect

The information we collect depends on how you interact with our Site and services. "Personal data" refers to any information that identifies or could identify you as an individual.

1.1 Information You Provide Directly

Basic contact details: full name, physical address, phone number, email address.
Order and Delivery information: billing address, shipping address (for our 24-hour delivery routing), payment confirmation, email, phone number.
Account information: username, password, security questions.
Health and prescription information: prescription details, chronic medical conditions, allergies, and healthcare provider information — collected exclusively to verify and dispense prescription medication safely.
Customer support communications: information you share when contacting us regarding your treatment or delivery.

You may choose not to provide certain information; however, this may limit your ability to use some features of the Site or receive your prescription deliveries.

1.2 Information Collected Automatically (Cookies & Usage Data)

When you visit the Site, we automatically collect certain usage data, which may include:

Device type, browser type and version.
IP address and approximate location.
Pages visited, time spent on each page, and links clicked.

We use cookies, pixels, and similar technologies to collect this data. You may configure your browser or use our Cookie Consent Banner to refuse non-essential cookies; however, this may affect Site functionality.

1.3 Information from Third Parties

We may receive information about you from:

Healthcare providers transferring chronic care prescriptions on your behalf.
Payment processors (e.g., bank card or mobile money details) to fulfil orders.

2. How We Use Your Personal Information

We use your personal information for the following specific purposes:

Chronic Care Pharmacy Services: We use your information — including health data — to verify prescriptions, dispense medications safely, process payments, and schedule your 24-hour medication delivery.
Health & Patient Safety: We use your health information to check for drug interactions or allergies, communicate with your prescribing doctor, and comply with pharmaceutical regulations set by the PPB.
Security and Fraud Prevention: We use your information to detect, investigate, and prevent fraudulent, illegal, or malicious activity (such as prescription fraud).
Legal Compliance: We may use or disclose your information to comply with applicable Kenyan laws, PPB regulations, court orders, subpoenas, or other legal processes.

3. How We Disclose Your Personal Information

We do not sell your personal data. We may share your information only in the following circumstances:

Logistics & Service Providers: We share necessary delivery information (address and contact details) with our secure logistics partners to ensure your medication arrives within our 24-hour delivery window. These vendors are contractually bound to protect your data.
Healthcare Providers: Where necessary for your care, we may share your health information with your prescribing doctor or clinic to facilitate treatment, verify a chronic prescription, or ensure continuity of care.
Regulatory Authorities: We may disclose information to the Pharmacy and Poisons Board, relevant government agencies, or law enforcement where required by law. We will notify you where permitted before making such disclosures.

4. Special Provisions for Health Information

Because we specialize in prescription-only treatments for chronic conditions, your pharmacy records and health information are afforded heightened protection under Kenyan law. We apply the following additional safeguards:

Prescription records are retained securely and accessed only by authorised pharmacy personnel.
We will not sell or transfer your health data to insurers, employers, or data brokers.
Sensitive health data is handled with additional confidentiality protections.
We will not disclose your health information for marketing purposes without your explicit written consent.

5. Security, Retention, and Breach Notification

We implement appropriate technical and organisational security measures to protect your personal data from unauthorised access, loss, or misuse.

Data Retention: We retain your personal data only for as long as necessary to fulfil the purposes described in this Policy. Health and prescription records are retained strictly in accordance with PPB regulations and applicable Kenyan law.
Breach Notification: In the highly unlikely event of a data breach that compromises your personal health data, we will notify you and the Office of the Data Protection Commissioner (ODPC) within 72 hours, as required by the DPA.
In-Transit Security: No method of electronic transmission is entirely secure. We recommend that you do not send sensitive or confidential health information through unsecured email channels.

6. Your Rights Under the DPA

Under the Kenya Data Protection Act, 2019, you have the following rights regarding your personal information:

Right to Access: You may request a copy of the personal data we hold about you.
Right to Rectification: If your information is inaccurate, you may request that we correct it.
Right to Erasure: You may request deletion of your personal data, subject to our legal and regulatory retention obligations as a licensed pharmacy.
Right to Portability: You may request a copy of your data in a structured, machine-readable format.
Right to Complain: You have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya if you believe your data rights have been violated.

To exercise any of these rights, please contact us in writing at pharmacy@jdmc.co.ke. We may require identity verification before processing your request and will respond within 30 days. We will not discriminate against you for exercising your rights.

7. Children's Data

The Site is not intended for use by children under the age of 18 without parental or guardian involvement. Where a parent or guardian manages an account on behalf of a minor patient with a chronic condition, health information for that minor will be handled consistently with applicable Kenyan law. We do not knowingly collect personal data from minors without consent.

8. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us at:

Email: pharmacy@jdmc.co.ke

All correspondence relating to this Policy must be submitted in writing to the above email address.