Privacy Policy 2026

Mondia Health Website Privacy Policy

Effective date: March 2026

Last updated: March 2026

Mondia Health (“Mondia Health”, “we”, “us” or “our”) is committed to protecting the privacy, confidentiality and security of personal information processed through its website and related digital platforms. This Privacy Policy explains how we collect, use, disclose, safeguard and retain personal information in accordance with applicable South African law.

This Privacy Policy forms part of, and must be read together with, Mondia Health’s Website Terms and Conditions.

1. Regulatory framework

Mondia Health processes personal information in compliance with, inter alia:

  • the Protection of Personal Information Act 4 of 2013 (POPIA);
  • the Electronic Communications and Transactions Act 25 of 2002 (ECTA); and
  • any other applicable health, consumer protection and data protection legislation in the Republic of South Africa.

For purposes of POPIA, Mondia Health is the Responsible Party in respect of personal information processed via the website.

2. Definitions

  • “Personal Information” has the meaning assigned to it in POPIA and includes information relating to an identifiable natural or juristic person.
  • “Special Personal Information” includes, without limitation, information relating to a person’s health or medical condition.
  • “Data Subject” means the person to whom the personal information relates.
  • “Operator” means a third party who processes personal information on behalf of Mondia Health in terms of a contract or mandate, without coming under Mondia Health’s direct authority.
  • “Website” means the Mondia Health website and any associated online services.

3. Personal information we collect

Mondia Health may collect personal information when you:

  • visit or interact with the Website;
  • submit enquiries or requests through online forms;
  • communicate with us electronically; or
  • use services or functionality made available via the Website.

The categories of personal information collected may include:

  • identifying and contact information;
  • technical and usage information (such as IP address, browser type and pages accessed);
  • correspondence and enquiry information; and
  • any other information, voluntarily, provided by you.

Where personal information constitutes Special Personal Information, it is processed with appropriate additional safeguards and only where permitted by law.

4. Purpose and lawful basis for processing

Mondia Health processes personal information for legitimate business purposes, including to:

  • operate, maintain and improve the Website;
  • respond to enquiries and provide information or services requested;
  • ensure website security and prevent misuse;
  • conduct analytics and improve user experience; and
  • comply with legal and regulatory obligations.

Processing is undertaken on one or more lawful bases recognised under POPIA, including consent, contractual necessity, compliance with legal obligations, and legitimate interests, where applicable.

5. Consent

Where required by law, Mondia Health will obtain your consent before collecting or processing your personal information. You may withdraw your consent at any time, subject to legal and contractual restrictions. Withdrawal of consent may affect our ability to provide certain services or respond to requests.

6. Use of automated processing and artificial intelligence

Mondia Health may use automated systems, including artificial intelligence (AI), machine learning, and advanced analytics, to support the operation of the Website and related services. Such technologies may be used for purposes including:

  • website analytics and performance optimisation;
  • security monitoring and fraud or misuse detection;
  • customer interaction management and enquiry routing; and
  • service improvement and operational efficiency.

Mondia Health ensures that:

  • automated processing is lawful, reasonable and proportionate;
  • personal information is not subject to decisions based solely on automated processing that produce legal or similarly significant effects, unless permitted by law and supported by appropriate safeguards;
  • meaningful human oversight is maintained over automated outputs where required; and
  • Data Subjects may request information regarding the existence, general logic and consequences of automated processing, in accordance with applicable law.

Mondia Health does not use personal information collected via the Website to train AI models on identifiable health or other Special Personal Information, unless lawfully authorised.

7. Disclosure of personal information and operators

Mondia Health does not sell, rent or trade personal information. Personal information may be disclosed:

  • to authorised employees and contractors on a need‑to‑know basis;
  • to Operators, including technology, hosting, analytics and AI service providers, who process personal information on our behalf under written agreements that require confidentiality, security safeguards and lawful processing; or
  • where required or permitted by law.

8. Cross‑border transfers

Where personal information is transferred outside the Republic of South Africa, Mondia Health will ensure that such transfers comply with POPIA, including by ensuring that the recipient is subject to laws, binding agreements or safeguards that provide an adequate level of protection.

9. Retention of personal information

Mondia Health retains personal information only for as long as reasonably necessary to fulfil the purposes for which it was collected, to comply with legal and regulatory requirements, and in accordance with approved retention schedules.

10. Data subject rights

As a Data Subject, you have the right to:

  • request confirmation of whether Mondia Health holds your personal information;
  • request access to your personal information;
  • request correction, deletion or destruction of inaccurate, excessive, outdated or unlawfully obtained personal information;
  • object to certain forms of processing; and
  • lodge a complaint with the Information Regulator.

Requests may be subject to identity verification and lawful limitations. Mondia Health may refuse a request where permitted by law and will provide reasons where applicable.  Kindly refer to the PAIA manual published on our website for more information.

11. Security safeguards

Mondia Health implements appropriate technical, organisational and physical safeguards to protect personal information against loss, damage, unauthorised access, destruction or unlawful processing. These safeguards include access controls, encryption, network security measures, policies, and ongoing monitoring.

12. Personal information security breaches

In the event of a personal information security breach, Mondia Health will take reasonable steps to contain and assess the breach and will notify the Information Regulator and affected Data Subjects where required by POPIA.

13. Children’s privacy

The Website is not intended for use by children under the age of 18. Mondia Health does not knowingly collect personal information relating to children through the Website.

14. Cookies and analytics

The Website uses cookies and similar technologies to enhance functionality and analyse usage. Cookies do not store directly identifying personal information; however, usage data may constitute personal information when combined with other data. You may control cookies through your browser settings.

15. Third‑party websites

The Website may contain links to third‑party websites. Mondia Health is not responsible for the privacy practices or content of such websites, and users are encouraged to review the applicable privacy policies.

16. Amendments

Mondia Health reserves the right to amend this Privacy Policy from time to time. The most current version will be published on the Website with the updated effective date.

17. Contact details

For questions, requests or concerns relating to this Privacy Policy or the processing of personal information, please contact Mondia Health using the details provided on the Website.