Main Menu
  • Consult a Doctor Online
  • Log In
  • Join Us

Cimas Driver App Privacy Policy

EFFECTIVE DATE: January 1, 2026 

  1. INTRODUCTION

Welcome to the Cimas Driver Application (“Driver App”), a service provided by Cimas Healthcare Pharmacies and Cimas Health Group (“Cimas”). It is a secure operational mobile application used by authorized Cimas drivers for medication delivery, specimen transport, and patient-related logistics services. 

This privacy notice explains how Cimas collects, uses, stores, monitors, processes and protects: 

  • Driver personal information 
  • Real-time and historical location data 
  • Patient personal and medical information accessible through the App 

The Driver App supports the handling of confidential medical logistics and involves the processing of highly sensitive personal and health data. We are committed to ensuring strict confidentiality, security, and full compliance with Zimbabwe’s Cyber and Data Protection Act [Chapter 12:07] and its regulations. 

  1. ABOUT THIS PRIVACY NOTICE

This notice applies to all authorized users of the Cimas Driver Application, including: 

  • Employed drivers 
  • Contracted drivers 
  • Logistics personnel granted system access 

By using the App, you consent to the processing of your information as described in this notice. We may update this policy from time to time, and your continued use of the App after any changes constitutes acceptance of the new terms. 

  1. WHO WE ARE

Data Controller: Cimas Health Group (Private) Limited and Cimas Healthcare Pharmacies (Private) Limited 

Address: East Block, Borrowdale Office Park, Borrowdale Road, Borrowdale, Harare, Zimbabwe 

Email:  connect@cimas.co.zw 

Data Protection Officer (DPO): Anesu R Maruta – amaruta@cimas.co.zw 

 

  1. WHAT PERSONAL INFORMATION WE COLLECT

4.1 Driver Information 

We collect personal data necessary to manage driver identity, safety, and operations: 

  • Full name 
  • National ID / employee or contractor ID 
  • Phone number and email address 
  • Driver’s license details 
  • Vehicle information (where applicable) 
  • Login credentials and authentication data 
  • Work schedules and assignment records 

4.2 Real-Time and Historical Location Data (Continuous Tracking) 

  • The Driver App usescontinuous GPS tracking, including when the app runs in the background during active assignments. 

We collect: 

  • Real-time geographic location 
  • Route history 
  • Trip start and end times 
  • Stop durations 
  • Delivery confirmation timestamps 

This tracking is required to: 

  • Monitor delivery of medication and medical items 
  • Ensure patient safety and service integrity 
  • Provide dispatch coordination 
  • Support emergency response if incidents occur 
  • Prevent fraud, theft, or loss of medical items 
  • Provide operational accountability and audit trails 

4.3 Patient and Medical Information Accessible to Drivers 

Drivers may view and process sensitive personal and health data, including: 

  • Patient full names 
  • Residential and delivery addresses 
  • Phone numbers and email addresses 
  • Prescription details 
  • Medication names and classifications 
  • Medical instructions related to delivery 
  • Collection and delivery notes from healthcare providers 

This data qualifies as sensitive health information under data protection law. 

4.4 Device and Usage Information 

We also collect: 

  • Device model and operating system 
  • App version 
  • Login history 
  • Activity logs within the app 
  • Error logs for troubleshooting 
  1. HOW WE USE PERSONAL INFORMATION

5.1 To Deliver Medical Logistics Services 

We use driver and patient data to: 

  • Assign delivery and collection tasks 
  • Route drivers efficiently 
  • Confirm successful deliveries 
  • Coordinate with healthcare service provides such as but not limited to pharmacies, clinics and labs 
  • Ensure correct medication reaches the correct patient 

5.2 For Safety and Monitoring 

Location data is used to: 

  • Monitor driver safety 
  • Investigate incidents or complaints 
  • Detect route deviations 
  • Prevent misuse of medical supplies 
  • Protect patients and Cimas property 

5.3 To Comply with Legal and Regulatory Obligations 

We process information to: 

  • Comply with the Cyber and Data Protection Act and its regulations 
  • Meet healthcare data handling requirements 
  • Maintain audit records 
  • Respond to lawful requests from authorities 

5.4 Workforce and Operational Management 

Driver data may be used for: 

  • Performance monitoring 
  • Compliance checks 
  • Internal investigations 
  • Disciplinary processes (where misuse or policy violations occur) 
  1. HOW WE SHARE INFORMATION

We do not sell personal or health information. 

We may share data with: 

  • Cimas pharmacies and clinics 
  • Partner laboratories 
  • Healthcare providers 
  • IT service providers (under strict data processing agreements) 
  • Law enforcement or regulators where legally required 

All third parties are contractually required to maintain confidentiality and security. 

  1. CONFIDENTIALITY OBLIGATIONS OF DRIVERS

Drivers are strictly prohibited from: 

  • Sharing patient information outside the App 
  • Taking screenshots of patient or prescription data 
  • Using information for personal purposes 
  • Discussing patient details with unauthorized persons 
  1. YOUR RIGHTS

Under Zimbabwean data protection law, you have the right to: 

  • Be informed about data processing 
  • Access your personal data 
  • Request correction of inaccurate data 
  • Object to unlawful processing 
  • Request erasure where legally permissible 

Requests may be sent to connect@cimas.co.zw and copied to the DPO. 

  1. DATA RETENTION

We retain data as long as needed to provide services, fulfill purposes in this notice, or meet legal obligations, such as fraud prevention or legal compliance. 

  1. DATA SECURITY

We apply strong technical and organizational measures to protect your data, including encrypted data transmission, secure servers and access controls, role-based access restrictions, authentication and session controls, staff and driver confidentiality training, and monitoring and audit logs 

Data breaches will be reported to POTRAZ within 24 hours as required by law. 

  1. CHILDREN’S DATA

The App is not for children under 18 without parental consent. However, drivers may handle data relating to minors receiving medical treatment. Such data is processed strictly for healthcare delivery and under legal safeguards. 

  1. CONTACT US

For privacy concerns: 

Email: connect@cimas.co.zw 
Phone: 0867450 
Address: Cimas Health Group, East Block, Borrowdale Office Park, Borrowdale, Harare, Zimbabwe 

Data Protection Officer: amaruta@cimas.co.zw 

Scroll to Top