Privacy Policy
1. Introduction
ESH800 Home Healthcare LLC ("ESH800", "we", "our", or "us") is a DHA-licensed home healthcare provider operating in Dubai, United Arab Emirates. We are committed to protecting the privacy and confidentiality of all personal and health data entrusted to us. This Privacy Policy explains what information we collect, why we collect it, and how we protect it in accordance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and DHA regulations.
2. Information We Collect
We collect the following categories of data when you contact us, book a service, or use our website:
- Identity data: full name, Emirates ID or passport number, nationality, date of birth.
- Contact data: phone number, email address, residential address in Dubai.
- Health data: medical history, current conditions, medications, and clinical notes provided to or by our clinicians.
- Payment data: billing details and insurance information (card numbers are processed by a PCI-DSS-compliant gateway; we do not store them).
- Usage data: IP address, browser type, pages visited, and time spent on our website (via cookies).
3. How We Use Your Information
We use collected data solely for the following lawful purposes:
- Scheduling and delivering healthcare services at your residence.
- Coordinating care between your ESH800 clinician, specialist, or treating hospital.
- Issuing invoices, processing payments, and verifying insurance coverage.
- Complying with DHA licensing requirements and mandatory clinical reporting obligations.
- Sending appointment confirmations, service updates, and essential safety communications.
- Improving service quality through anonymised, aggregated analytics.
4. Data Sharing
Your data may be shared only with:
- DHA-licensed clinicians assigned to your care.
- Accredited laboratories and imaging centres processing your diagnostic samples.
- Your treating physician or hospital where clinically necessary and with your consent.
- Insurance providers for the sole purpose of claims processing.
- Regulatory authorities (DHA, Ministry of Health) when legally required.
All third-party partners are contractually bound to handle your data in accordance with UAE PDPL and DHA guidelines.
5. Data Retention
Clinical records are retained for a minimum of ten (10) years after your last consultation in compliance with DHA Record Management Standards. Non-clinical personal data is deleted or anonymised within two (2) years of your last interaction with ESH800, unless a longer retention period is required by law.
6. Cookies
Our website uses strictly necessary cookies for performance and analytics cookies (with your consent). You may disable non-essential cookies through your browser settings. Disabling cookies does not affect your ability to book services via phone or WhatsApp.
7. Your Rights
Under UAE PDPL, you have the right to access, correct, or request deletion of your personal data, subject to applicable legal obligations. To exercise these rights, contact our Data Protection Officer at privacy@esh800.ae or call +971 558926849.
8. Security
We apply industry-standard technical and organisational measures to protect your data, including AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, and regular third-party security audits. Any suspected data breach will be reported to the UAE Data Office within 72 hours as required by law.
9. Contact & Complaints
For any privacy enquiry, write to ESH800 Home Healthcare LLC, 501 Warba Centre, Al Murraqabat, Deira, Dubai, UAE, or email privacy@esh800.ae. If your concern is not resolved, you may escalate to the UAE Data Office (www.dataoffice.ae).