Privacy Policy

1. Introduction

Samospharma Ltd (“Samospharma”, “we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and safeguard your information when you engage with our pharmaceutical wholesale and distribution services, our online ordering platforms (including DrugNet), and our customer support channels.

This Policy is developed in compliance with:

  • Data Protection Act, 2012 (Act 843) – Ghana
  • Applicable sector regulations including the Pharmacy Council and Food & Drugs Authority (FDA) requirements
  • International best practice, including principles from the General Data Protection Regulation (GDPR) for transparency and accountability.

By using our services, you agree to the terms of this Privacy Policy.

2. The Data We Collect

We collect and process different categories of personal data depending on the nature of your relationship with Samospharma:

A. Identification & Contact Information
  • Full name, company name (for corporate clients)
  • Postal address, delivery address
  • Email address, phone number
  • National ID, passport, or professional license number (where required for regulatory compliance)
B. Account & Transaction Information
  • Customer account details (username, password, payment preferences)
  • Purchase history, invoices, and billing records
  • Bank account or payment card details (processed securely through PCI-DSS-compliant systems)
C. Regulatory & Professional Information
  • Pharmacy Council registration numbers (for licensed pharmacists and facilities)
  • Health facility licenses and permits
  • Prescriber identification for prescription-only medicines (POMs)
D. Special Category Data (Sensitive Personal Data)
  • Prescription details, including drug names, dosage, and patient initials (only when legally required to fulfil orders)
  • Any information supplied by healthcare professionals for dispensing purposes
E. Technical Data
  • Device identifiers, browser type, IP address, and operating system when accessing our websites
  • Cookies and tracking information for service optimization and fraud prevention

3. How We Collect Your Data

We collect personal data through:

  • Direct interactions: when you register an account, place an order, or contact customer service
  • Automated technologies: through our websites, ordering portals, and mobile apps
  • Third-party sources: regulatory agencies, verified healthcare providers, payment processors, and logistics partners
  • Compliance checks: required by law to verify professional and facility licenses before supplying certain medicines

4. Why We Process Your Data (Lawful Basis)

We process your personal data for:

  • Contractual necessity: to fulfil product orders, process payments, and deliver goods
  • Regulatory compliance: to meet obligations under Ghana’s Pharmacy Act, FDA guidelines, and health sector rules
  • Legitimate interests: for fraud prevention, customer relationship management, and supply chain optimization
  • Consent: where required, e.g., for marketing communications or storing special category data beyond the legal minimum retention period
  • Public interest: where required to support public health monitoring or regulatory investigations

5. How We Use Your Data

We use your data to:

  • Verify your eligibility to purchase regulated medicines
  • Process and deliver orders efficiently and securely
  • Maintain accurate purchase and dispensing records for compliance
  • Communicate important safety notices, product recalls, or regulatory updates
  • Improve our service delivery and customer experience
  • etect, investigate, and prevent fraud or misuse of our services

6. Data Sharing & Disclosure

We only share your personal data when necessary and with appropriate safeguards in place:

  • Regulators & Law Enforcement: e.g., Pharmacy Council, FDA, Ghana Revenue Authority, or the Data Protection Commission
  • Healthcare Professionals: to validate prescriptions and supply chain integrity
  • Payment Processors & Banks: to complete financial transactions securely
  • Logistics Providers: for delivery coordination
  • IT & Cloud Service Providers: for secure hosting and system maintenance (bound by confidentiality agreements)
  • We do not sell your personal data to third parties.

7. Data Storage & Security

We store your data on secure servers, with encryption applied to sensitive records (both in transit and at rest). Access to personal data is strictly limited to authorized staff and verified service providers.

Security measures include:

  • Two-factor authentication for internal systems
  • Audit trails and access logs
  • Regular penetration testing and vulnerability scanning
  • Staff training on data protection and confidentiality obligations

8. Data Retention

We retain personal data only as long as necessary for the purposes collected:

  • Regulatory records: minimum 5 years or as required by law
  • Prescription records: as required by the Pharmacy Council and FDA
  • Customer accounts: retained while active and for up to 6 years after last interaction (unless deletion is requested)
  • Financial records: retained for statutory tax purposes (6 years)

9. Your Rights

You have the right to:

  • Request access to your personal data
  • Request correction or deletion of inaccurate data
  • Withdraw consent (where processing is based on consent)
  • Object to certain types of processing
  • Request data portability (where applicable)
  • Lodge a complaint with the Data Protection Commission of Ghana if you believe your rights have been violated

10. International Data Transfers

Where your data is transferred outside Ghana (e.g., for secure cloud hosting), we ensure appropriate safeguards are in place, such as contractual clauses and encryption protocols.

11. Children’s Privacy

Our services are intended for licensed healthcare providers, institutions, and adult consumers. We do not knowingly collect personal data from children under 18 without parental or guardian consent.

12. Contact & Accountability

The Data Protection Officer (DPO) for Samospharma Ltd is responsible for ensuring compliance with this Policy and relevant legislation.

Contact:

Data Protection Officer

Samospharma Ltd

P.O. Box SK 1213

Email: privacy@samospharma.com

Phone: +233 308040119

13. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or technology. The latest version will always be available on our website.

wholesaleImportation & DistributionExport
Government Hospitals & Agencies
Pharmacies (Wholesale / Retail)
Corporate Institutions & NGOs
Healthcare Professionals & Individuals
Affiliate Hospitals
Private Hospitals & Specialty Clinics
HomeAbout usOur ProductsContact usCSR InitiativesCareers
Suite No. II, Abwest Business Centre,
Spintex Accra
+233 30 804 0119
+233 50 164 6494
Terms & ConditionsPrivacy Policy
Copyright © 2025 Samospharma Limited