Privacy Policy

Last updated: 21 March 2026

1. Contact us

If you have questions about this Privacy Policy, the way we handle information, or you want to access, correct, update, or delete information we hold about you, please contact us at:

Email: admin@halo.africa

We will do our best to respond promptly and fairly.

2. About Halo

Halo provides digital health consulting, custom software, workflow automations, integrations, and related support services for healthcare teams, including specialist practices, clinical departments, hospitals, healthcare operators, and related organisations.

Our services may include:

  • custom healthcare apps and workflow systems
  • administrative and clinical documentation support tools
  • integrations with platforms such as Google Drive, OneDrive, Dropbox, email, calendars, billing tools, and messaging tools
  • AI-assisted transcription, document generation, and workflow support
  • custom automations for labs, radiology, scheduling, communications, and operational processes
  • support, maintenance, and ongoing system refinement

In this policy:

  • Halo, we, our, or us means Health Applications Logistics Operations Pty Ltd
  • you means the person, practice, department, organisation, clinician, staff member, or website visitor using our website or services
  • personal information includes information that identifies or relates to a person
  • special personal information or health information includes information about health, medical care, and other sensitive categories where applicable
  • Platform means any Halo website, app, portal, integration, automation, or software environment we provide

3. What information we collect

Depending on how you use Halo, we may collect:

3.1 Account and contact information

We may collect:

  • name
  • email address
  • phone number
  • job title or role
  • organisation, practice, or department details
  • billing or payment contact details
  • login and account details

3.2 Professional and business information

Where relevant, we may collect:

  • practice information
  • professional registration or qualification details
  • clinic or department workflow requirements
  • software systems currently in use
  • implementation notes, templates, preferences, and operational requirements

3.3 Patient and health-related information

Where you use Halo for healthcare workflow support, documentation, automation, or integrations, we may process patient-related information on your behalf. This may include:

  • names and identifiers
  • demographic details
  • appointment and scheduling information
  • consultation notes
  • referral letters
  • investigations, labs, radiology, and related records
  • administrative and billing information
  • other health-related information that you or your authorised users choose to input, sync, upload, generate, or process through Halo

We process this type of information only as needed to provide the agreed service.

3.4 Technical and usage information

We may collect:

  • IP address
  • device and browser information
  • operating system
  • usage logs
  • login activity
  • error reports
  • system performance information
  • website analytics information
  • cookie-related information

3.5 Communications and support information

We may collect information you share when:

  • contacting us by email
  • messaging us
  • interacting in a WhatsApp support group
  • completing forms or surveys
  • requesting support or implementation help

3.6 Payment and commercial information

We may collect information necessary to invoice and administer payments, such as:

  • billing contact details
  • payment references
  • transaction history
  • service plan details

We do not intentionally collect more personal information than is reasonably necessary for the service we provide.

4. How we collect information

We may collect information:

  • directly from you
  • from your organisation or authorised team members
  • when you complete forms or create an account
  • when you contact us
  • when you use our website, software, integrations, or support channels
  • when systems are connected to Halo by you or with your authority
  • from third-party services you choose to integrate with Halo
  • from service providers who help us operate our business and systems

5. How we use information

We may use your information to:

  • provide, maintain, support, and improve Halo services
  • create and manage accounts
  • design and deploy custom systems and automations
  • integrate Halo with your chosen platforms and tools
  • provide documentation, workflow, communication, billing, and scheduling support
  • respond to support requests and operational issues
  • communicate with you about service changes, security matters, updates, and support
  • invoice and administer commercial relationships
  • monitor performance, reliability, and security
  • comply with legal, regulatory, or professional obligations
  • investigate misuse, abuse, or security incidents
  • improve our services through lawful analytics and product refinement

Where we use AI-assisted tools or automations, we do so as part of delivering the agreed service to you.

6. Ownership and control

Halo is built around the principle that our clients retain ownership and control over their systems.

Unless otherwise agreed in writing:

  • your data remains yours
  • your custom app and implementation environment are built for you
  • your workflows, templates, and practice-specific materials remain yours
  • Halo does not claim ownership of your patient records, clinical content, or practice data

Halo may retain ownership of its background technology, internal tools, reusable infrastructure, code libraries, frameworks, and general know-how used to build or support your system, unless the parties agree otherwise in writing.

7. AI and data use

Halo may use AI-assisted functionality as part of providing services such as:

  • ambient scribing
  • draft note generation
  • document generation
  • workflow suggestions
  • admin automation
  • structured data extraction
  • internal operational support

Halo does not use client patient data to train public AI models on your behalf.

Where third-party AI or cloud providers are used as subprocessors to deliver agreed functionality, we take reasonable steps to ensure appropriate contractual, technical, and organisational safeguards are in place.

You remain responsible for:

  • obtaining any patient notices or consents required in your jurisdiction or professional setting
  • reviewing clinical outputs before use
  • ensuring final medical and clinical decisions remain with qualified professionals

8. Disclosure of information

We may share information with:

  • our staff, contractors, and authorised team members
  • cloud hosting and infrastructure providers
  • analytics, logging, security, communications, and support providers
  • integration and automation providers used to deliver agreed services
  • payment processors and accounting providers
  • professional advisers such as lawyers, auditors, and insurers
  • regulators, authorities, courts, or law enforcement where legally required
  • other persons or parties where you have authorised us to do so

We do not sell patient data.

We do not disclose your information to third parties for their own marketing.

9. International processing

Depending on the tools, hosting environment, integrations, and subprocessors used, some information may be processed or stored outside South Africa.

Where this happens, we take reasonable steps to ensure appropriate safeguards are in place.

10. Security

We take reasonable technical and organisational steps to protect information from loss, misuse, unauthorised access, disclosure, alteration, or destruction.

These measures may include:

  • access controls
  • encrypted connections
  • secure hosting environments
  • audit logging
  • vendor controls
  • internal access restrictions
  • staff and contractor confidentiality obligations
  • secure development and support practices

No system can be guaranteed to be completely secure, but we work to maintain appropriate safeguards for the nature of the service.

11. Retention

We keep information only for as long as reasonably necessary to provide services, fulfil legal and operational requirements, resolve disputes, enforce agreements, and maintain legitimate business records.

Where possible and appropriate, information may be deleted, de-identified, or returned in line with the service arrangement.

12. Your rights

Subject to applicable law, you may request that we:

  • confirm whether we hold personal information about you
  • provide access to your personal information
  • correct or update inaccurate information
  • delete certain information
  • restrict or object to certain processing
  • stop sending direct marketing communications

You may also lodge a complaint with us. If you believe your information has been handled unlawfully under POPIA, you may also complain to the South African Information Regulator.

13. Cookies and website analytics

We may use cookies and similar technologies on our website to:

  • keep the website functioning properly
  • remember preferences
  • understand website usage
  • improve performance and user experience

We do not intentionally use website analytics to collect patient health information.

See our Cookie Policy for more detail.

14. Marketing

We may send you service-related communications and, where lawful, occasional marketing or business updates.

You can opt out of marketing communications at any time by:

We do not use health information for third-party marketing.

15. Employee and applicant information

If you apply for a role with Halo or work with us, we may collect and process information relevant to recruitment, onboarding, employment, contracting, compliance, payroll, performance, and lawful business administration.

16. Changes to this policy

We may update this Privacy Policy from time to time.

The latest version will be published on our website with the updated date. Where appropriate, we may also notify users directly.