DHS Africa

Privacy Policy

How DHS Africa collects, uses, and protects personal information.

Last updated: 2026-05-12

This privacy policy explains how DH Solutions Africa UG (“DHS Africa”, “we”, “us”, or “our”) handles personal data in connection with the public website at dhs.africa and the contact and demo forms made available through it. It is written to align with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Controller

The controller responsible for processing your personal data on this website is:

DH Solutions Africa UG (haftungsbeschränkt) — trading as DHS Africa
Heßstraße 58, 80798 München, Germany
Registered with the commercial register (Handelsregister) at the local court of Munich under HRB 301856.
Email: hello@dhs.africa

For any question about this policy, your data, or your rights, write to the email address above. We do not have a statutory obligation to appoint a Data Protection Officer at this time; if that changes we will update this page with the DPO’s contact details.

2. Scope of this policy

This policy covers personal data we process in connection with:

  • Visits to the public website at dhs.africa and any subdomains
  • Messages submitted through our contact, demo, or project intake forms
  • Email correspondence you start with us through addresses published on the site
  • Subscriptions to any newsletter or content list we may offer

It does not cover personal data we process on behalf of clients in the course of delivering a project. Those engagements are governed by separate Data Processing Agreements (Auftragsverarbeitungsverträge) between DHS Africa and the responsible healthcare organisation, in which the client is the controller and DHS Africa is the processor.

3. The personal data we process

We only process data that you give us, or that is generated automatically when you interact with the site. Specifically:

Data you provide through forms

  • Name
  • Email address
  • Phone number (optional)
  • Organisation and your role within it
  • Country or region you operate in
  • Type of organisation (hospital, clinic, NGO, ministry, partner, other)
  • Solution areas you are interested in
  • Free-text message or project description
  • Any attachments you choose to send

Data generated when you visit the site

  • IP address (in truncated form where possible)
  • Date and time of the request
  • The page or resource requested
  • The HTTP referrer (where you came from, if your browser sends it)
  • Information about your browser and operating system (user agent)
  • Approximate location derived from your IP address (country / region level)

Server-log data is held briefly for security, debugging, and abuse-prevention purposes. We do not combine it with the form data above to build behavioural profiles of visitors.

We process your data only for the following purposes, on the following legal bases under Art. 6(1) GDPR:

  • To reply to your inquiry and discuss your project. Legal basis: Art. 6(1)(b) GDPR (steps taken at your request prior to entering a contract) and Art. 6(1)(f) GDPR (our legitimate interest in responding to inbound business inquiries).
  • To deliver and operate the website securely. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in keeping our site available, performant, and free of abuse).
  • To comply with legal obligations — for example, tax, accounting, and record-keeping requirements. Legal basis: Art. 6(1)(c) GDPR.
  • To send communications you have specifically opted in to (e.g. a newsletter, if you have subscribed). Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw consent at any time, with effect for the future.

If we ever process your data for a new purpose that is not compatible with the original purpose, we will inform you in advance and rely on a legal basis appropriate for that new purpose.

5. How we use the data — what we don’t do

We use the data you submit to read and reply to your inquiry, to plan a follow-up conversation, and to keep a small internal record while the conversation is active.

We do not:

  • Sell, rent, or trade your personal data.
  • Run advertising, retargeting, or behavioural-advertising programmes.
  • Use the contact-form data for unrelated marketing or automated outreach campaigns.
  • Use third-party trackers, ad pixels, session-replay tools, or fingerprinting on the public website.
  • Make decisions that have legal or similarly significant effects on you using automated processing (no automated decision-making, no profiling within the meaning of Art. 22 GDPR).

6. Recipients and processors

Personal data is accessed only by team members at DHS Africa who need it to handle your inquiry.

To operate the site and reply to you we use carefully selected service providers (“processors”) who process personal data on our behalf and under instruction. Typical categories of processors are:

  • Hosting and content delivery for the website
  • Domain registration and DNS
  • Transactional email delivery to send and receive replies
  • Secure file storage for messages and any attachments
  • Software for internal collaboration (email, calendar, document editing)

Where a processor acts under our instruction, we have a data processing agreement in place that meets the requirements of Art. 28 GDPR. We do not transfer your data to third parties for their own purposes.

We may disclose data where we are legally obliged to do so — for example, in response to a binding order from a competent authority or court. We will only disclose what is necessary and, where allowed, we will inform you.

7. International transfers

Wherever possible we work with processors that store and process personal data within the European Economic Area (EEA).

If a processor is located outside the EEA, or processes data outside the EEA, we will only use that processor if (a) the European Commission has issued an adequacy decision for the country in question, or (b) the transfer is covered by appropriate safeguards such as Standard Contractual Clauses (SCCs) adopted by the Commission, supplemented by additional technical and organisational measures where necessary. You can request a copy of the relevant safeguards by writing to hello@dhs.africa.

8. Retention

We keep personal data only as long as is necessary for the purpose for which it was collected, or as long as we are legally required to keep it.

  • Active inquiries: the duration of the conversation and any follow-up.
  • Concluded inquiries that do not lead to a project: deleted within 12 months of the last meaningful exchange, unless you ask us to keep them open longer.
  • Inquiries that lead to a project: kept for the duration of the engagement and for the periods required by accounting, tax, and commercial law (typically 6–10 years under German law).
  • Server logs: retained for a short period for security and operational reasons, then deleted or anonymised.

You can ask us to delete your data at any time (see Section 10).

9. Cookies

The DHS Africa website uses only strictly necessary cookies and storage. We do not currently run analytics, advertising, social-tracking, or session-replay tools. For details, see our Cookie Policy.

10. Your rights

Under the GDPR you have the following rights in relation to personal data we hold about you:

  • Right of access (Art. 15 GDPR) — you can ask whether we process data about you and, if so, request a copy of it.
  • Right to rectification (Art. 16 GDPR) — you can ask us to correct inaccurate data and to complete incomplete data.
  • Right to erasure (Art. 17 GDPR) — you can ask us to delete data about you, subject to legal retention obligations.
  • Right to restriction of processing (Art. 18 GDPR) — you can ask us to limit the processing of your data in specific circumstances.
  • Right to data portability (Art. 20 GDPR) — for data you provided to us on the basis of consent or contract and which we process by automated means, you can ask for a structured, commonly used, machine-readable copy.
  • Right to object (Art. 21 GDPR) — you can object, on grounds relating to your particular situation, to processing carried out on the basis of legitimate interest. You can object at any time to processing for direct marketing purposes.
  • Right to withdraw consent (Art. 7(3) GDPR) — where processing is based on your consent, you can withdraw consent at any time, with effect for the future and without affecting the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, write to hello@dhs.africa. We may ask for additional information to confirm your identity before responding.

You also have the right to lodge a complaint with a data protection supervisory authority. Our competent supervisory authority is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18, 91522 Ansbach, Germany
lda.bayern.de

You may also contact the supervisory authority in your country of residence or place of work.

11. Security

We apply technical and organisational measures appropriate to the nature, scope, and risk of the processing — for example, transport encryption (HTTPS) for traffic to and from the site, access controls on our internal tools, principle-of-least-privilege for personnel, regular updates to our infrastructure, and contractually required security measures from our processors. No transmission over the internet or method of electronic storage is perfectly secure, so we cannot promise absolute security, but we work to keep your data protected at a level appropriate to its sensitivity.

12. Children

The DHS Africa website is not directed to children, and we do not knowingly collect personal data from anyone under the age of 16. If you believe a child has provided us with their personal data, please contact hello@dhs.africa and we will delete it.

13. Changes to this policy

We may update this privacy policy from time to time, for example to reflect changes to our services, processors, or applicable law. The date at the top of the page reflects the most recent revision. Material changes will be highlighted on the page, and where appropriate we will notify you separately.

14. Contact

For any question about this policy, about the personal data we hold about you, or about how to exercise your rights:

DH Solutions Africa UG
Heßstraße 58, 80798 München, Germany
hello@dhs.africa

Start a conversation with the team.

A short description of how care is delivered today, what is missing, and who it serves gives DHS enough context to reply with a meaningful next step, usually within a working day.