Last Updated: 28 February 2025

 

  1. Introduction

Apace Systems (“Apace,” “we,” “us,” or “our”) values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with our platforms, products, and services.

We comply with the following Regulations and Amendments (or general Guidelines) where applicable:

  • General Data Protection Regulation (GDPR) – European Union & United Kingdom
  • Data Protection Act 2018 – United Kingdom
  • Data Protection Act 2017 – Mauritius
  • Data Protection Act 2021 – Zimbabwe
  • Protection of Personal Information Act (POPIA) – South Africa
  • Nigeria Data Protection Regulation (NDPR) – Nigeria
  • Data Protection and Privacy Act 2019 – Uganda
  • Data Protection Act 2021 – Zambia
  • Data Protection Act 2022 – Eswatini (Swaziland)
  • Federal Act on Data Protection (FADP) – Switzerland
  • Personal Data Protection Law No. 6698 – Turkey
  • Health Insurance Portability and Accountability Act (HIPAA) – United States
  • California Consumer Privacy Act (CCPA) – United States

This Privacy Policy applies to all users, clients, and partners engaging with Apace Systems. By using our services, you consent to the collection and processing of your data as outlined in this policy.

  1. Who We Are

Apace Systems provides secure, realtime healthcare and insurance technology solutions across multiple regions.

South Africa

Company Name: Apace Systems

Registration Number: 2014/179602/07

Registered Operational Address: Apace Systems (PTY) Ltd, Centurion Mall Lower Ground Floor, Office LG134 – Regus Global Spaces, 1269 Gordon Hood Road, Centurion, South Africa, 0157

Phone: +27 87 357 0230 / 1

Mauritius

Company Name: Apace Systems

Registration Number: 2017/C151288

Registered Entity Address: 365 Royal Road, Rose Hill, 71366, Mauritius

Phone: +230 5983 4436

Email: info@apace.systems

Website: apace.systems

For privacy-related inquiries, contact our Data Protection Officer (DPO) at privacy@apace.systems.

  1. What Personal Data We Collect

Apace collects information necessary to provide secure, efficient, and seamless healthcare and insurance technology solutions. The types of data we collect include:

3.1. Personal Information

  • Full name, ID/passport number
  • Contact details (email, phone, address)
  • Account login credentials

3.2. Transaction & Usage Data

  • Healthcare and insurance claim details
  • Payment and billing records
  • Biometric verification data (where applicable)

3.3. Technical & Device Data

  • IP address and geolocation
  • Device and browser type

Apace does not collect sensitive data such as religious beliefs, political opinions, or sexual orientation unless required by healthcare regulations.

  1. How We Use Your Information

We process personal data for the following purposes:

  • Service Delivery & Improvement – Ensuring seamless transactions and platform functionality.
  • Identity Verification & Fraud Prevention – Using biometric authentication and security measures.
  • Processing Claims & Payments – Enabling real-time transactions with insurers and providers.
  • Communication & Updates – Sending service alerts, legal notices, and security updates.
  • Regulatory Compliance – Meeting global and local legal requirements.

We do not sell personal data to third parties.

  1. Legal Basis for Processing Personal Data

In compliance with GDPR, POPIA, NDPR, HIPAA, and CCPA, Apace Systems processes data based on the following legal grounds:

  • Consent – When users explicitly grant permission for data processing.
  • Contractual Necessity – When processing is required to provide our services.
  • Legal Obligation – When compliance with laws and regulations is required.
  • Legitimate Interests – To ensure security, fraud prevention, and service enhancements.

Users may withdraw consent at any time by contacting privacy@apace.systems.

  1. Your Data Rights

6.1. GDPR (EU & UK) Rights

  • Right to Access
  • Right to Rectification
  • Right to Erasure (“Right to be Forgotten”)
  • Right to Restrict Processing
  • Right to Data Portability
  • Right to Object

6.2. POPIA (South Africa) & NDPR (Nigeria)

  • Right to Notification
  • Right to Access & Correction
  • Right to Object

6.3. CCPA (United States – California) Rights

  • Right to Know
  • Right to Delete
  • Right to Opt-Out of Data Sales

To exercise any of these rights, email privacy@apace.systems.

  1. Data Security & Retention

7.1. Retention Policy

  • Healthcare Transactions – Retained for 7 years under healthcare regulations.
  • Financial Data – Stored for 5 years for auditing and compliance.
  • Inactive Accounts – Deleted after 2 years of inactivity.

7.2. Security Measures

We implement industry-leading security protocols:

  • Data Encryption – Protecting all stored and transmitted data.
  • Access Control Systems – Preventing unauthorized access.
  • Fraud Detection & Monitoring – Identifying potential security risks.

In case of a data breach, we notify affected users and relevant authorities as required by law.

  1. International Data Transfers

Apace operates globally and ensures secure data transfers across jurisdictions, adhering to:

  • EU/UK Compliance – Using Standard Contractual Clauses (SCCs) for GDPR adherence.
  • African Compliance – Ensuring adequate protection under POPIA, NDPR, and local laws.
  • United States Compliance – Aligning with HIPAA & CCPA.
  • Switzerland Compliance – Meeting FADP
  • Turkey Compliance – Ensuring compliance with Personal Data Protection Law No. 6698.

If data is transferred outside your region, we implement safeguards to maintain the highest protection levels.

  1. Third-Party Data Processing

Apace may share limited data with third parties only when necessary for:

  • Secure service operations
  • Regulatory compliance
  • Fraud prevention
  1. Updates to This Policy

This Privacy Policy is reviewed annually and updated based on legal requirements and operational changes.

Any updates will be posted on this page and notified to users where applicable.

  1. Complaints & Dispute Resolution

If you believe your data privacy rights have been violated, you can contact:

Apace Systems Data Protection Office

  • Email: privacy@apace.systems
  • Phone: +27 87 357 0230 / 1

Regulatory Authorities for Data Protection Compliance

  • EU & UK: Contact your local Data Protection Authority (DPA).
  • South Africa: Information Regulator – PAIAComplaints@inforegulator.org.za.
  • United States: Federal Trade Commission (FTC) or California Attorney General.
  • Mauritius: Data Protection Office – dpo@govmu.org.
  • Zimbabwe: POTRAZ (Postal and Telecommunications Regulatory Authority of Zimbabwe) – info@potraz.gov.zw.
  • Nigeria: National Information Technology Development Agency (NITDA) – dpo@nitda.gov.ng.
  • Uganda: National Information Technology Authority – info@nita.go.ug.
  • Zambia: Data Protection Commissioner – info@zicta.zm.
  • Eswatini: Data Protection Office – info@dpd.gov.sz.
  • Switzerland: Federal Data Protection and Information Commissioner (FDPIC) – contact@edoeb.admin.ch.
  • Turkey: Personal Data Protection Authority – kvkk@kvkk.gov.tr.
  1. Updates to This Policy

This policy is reviewed annually and updated as needed. Changes will be posted on our website.

For the latest version, visit apace.systems/privacy.

Last Updated: 28 February 2025