NON-DISCLOSURE AGREEMENT The Personal Data Protection Notice (“the Notice”) is issued pursuant to the enactment of the Personal Data Protection Act 2010 (“the Act”) to regulate the collection and processing of your Personal Data (as
herein defined) CELL MED SDN BHD’s Mediclicks and its predecessors, successors, licensors, beneficiaries, subsidiaries, agents, employees, representatives and/or affiliates concerning information we obtain by and through your use of the Mediclicks mobile application (hereinafter referred to as “the Application”)and the services provided through the Application (hereinafter referred to as “the Services”).
Mediclicks is committed to respecting your privacy and recognizing your need for appropriate protection and management of the Personal Data which you share with us. That is why Mediclicks insist upon the highest standards for secure transactions and customer information privacy. Please read the following statement to learn about Our information gathering and dissemination practices. Our privacy policy is subject to change at any time without notice. To make sure you are aware of any changes, please review this policy periodically.
By visiting this Website or downloading this App you agree to be bound by the terms and conditions of this Privacy Policy. If You do not agree please do not use or access our Application and/or the Services. By mere use of our Application and/or the Services, you expressly consent to our use and disclosure of your personal information in accordance with this Privacy Policy.
The purpose of this Privacy Policy is to explain the types of information Mediclicks obtains about users of our Application and/or Services, how the information is obtained, how it is used, how it is disclosed, how you can get access to this information, and the choices you have regarding our use of, and your ability to review and correct, the information described in this policy. As such, please review this policy carefully.
This Privacy Policy applies only to Mediclicks’s Application and Services and becomes effective as soon as you use the Application. Please understand that your attending independent doctor (“Doctor”) may have different privacy standards and/or policies regarding the use and disclosure of your medical information. Such use and disclosure of your medical information in respect of the services rendered by that Doctor to you will accordingly be subject to that particular Doctors’ own privacy standards and/or policies.
Words denoting one gender shall include the other gender. Words denoting a singular number shall include the plural and vice versa.
Collection of Personal Data
1.1 Information That You Give Us.
“Personal Data” means information that can identify you, including but not limited to your full name, identification card number, birth certificate number, passport number, nationality, address, telephone number, fax number, bank details, credit card details, race, gender, date of birth, marital status, resident status, financial background, personal interests, email address, your occupation, the industry in which you work in, any information about you which you have provided to us in registration forms, application forms, or any other forms (including inter alia for purposes of completing surveys) and/or any information about you that has been or may be collected, stored, used and processed by Mediclicks from time to time AND INCLUDES sensitive personal data (as defined under the Personal Data Protection Act 2010) such as health/ religious data and criminal data.
1.1.1 The provision of your Personal Data
is voluntary. However, if you do not provide us with your Personal Data, we will not be able to process your Personal Data for the Purposes and Additional Purposes outlined below and may not be able to provide you with our Services. We hope that you will find it beneficial to provide information about yourself to us.
1.1.2 Mediclicks will collect your Personal
Data when you register for the Application, create a profile on our Application, or subscribe to our Services (“Register”). Mediclicks may also collect your Personal Data when you make a request to be connected with an independent Doctor to provide house call services at your location (“Visit”) or complete our surveys.
1.1.3 The Personal Data that we collect
varies depending upon how you use our Services. When you Register, you will need to provide us with health-related information that a Doctor will need to determine whether he/she is willing to provide medical services to you.
1.1.4 That Personal Data will be associated
with your profile. Any medical information that you provide through the Application briefly describing your symptoms (or those of any minor for whom you request Services) will be sent to a Doctor, if available, to be used for treatment and the processing of your payment for the Visit, and other healthcare operations. Save as provided in this Privacy Policy, Mediclicks will not use any medical information for any other purpose without your written authorization, which may be communicated through an electronic or digital means.
1.1.5 We do not protect the privacy of and
are not responsible for your disclosure of any information through interactive features like forums, message boards, chats, tagging, rating, if any, including, but not limited to information that you might post related to a minor.
1.1.6 Also, whenever you voluntarily
disclose anyone’s personal information on publicly-viewable web pages, that information can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information that you voluntarily post, so we encourage you to exercise discretion and caution with respect to information you choose to disclose through these interactive features. When an individual chooses to post information that will be publicly disclosed, he or she is responsible for all legal consequences. We are not responsible under any data protection laws for-information that you voluntarily post on a site that can be accessed by others.
If you have concerns on your privacy rights, you should contact us at the contact details provided at Clause 10 below.
1.2 Other Information We Collect
In addition to the Personal Data you provide to Mediclicks directly, we may collect your Personal Data from a variety of sources such as:
(i) Filled application or registration forms or other similar forms;
(ii) From publicly available sources such as directories;
(iii) From our social media pages, if you follow, like or are a fan of such pages;
(iv) By using our website.
1.3 Medical Information
In connecting you with a Doctor to provide you with their medical services in connection with a Visit, the Application may collect Personal Data from you and transmit it electronically. We will use administrative, physical, and technical safeguards to protect the security and privacy of information held in the Application. Our infrastructure is kept in a secured data centre that protects from unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data centre. Our systems and databases are backed up regularly to help protect the data in case of an uncontrollable catastrophe. We run our IT computing system on the Microsoft Azure platform. Kindly be informed that some of these servers may be located outside of Malaysia. The data-center(s) that stores our servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. We regularly upgrade our system software to include the latest security features. Our servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. We also employ an intrusion prevention service (IPS) provided by a secured data centre operated by a professional company. We also use security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication”. All communications between our Web server, your browser and our mobile apps is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in our system to prevent unauthorized access to the system. Validations are built throughout the application to capture the most reliable information. Only the last 4 digits of your credit card number is stored on our servers.
1.4 Cookies
Our Application may use cookies and other technologies to collect information. Cookies are small bits of information that our websites place on the hard drive of your computer. We may use cookies to facilitate your login processes; allow you to personalize and store your settings; collect usage information; determine our total audience size and traffic; and help us improve our sites by measuring which areas are of greatest interest to users.
1.5 Tracking and/or Analytics Services
We may use mobile application tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but do not collect personally identifiable information that you do not voluntarily enter in the Application. These services do not track your browsing habits across mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
1.6 Web Beacons.
We may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns, and we may include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
1.7 Non-Health/Medical Information.
We also collect Personal Data that is not health information or medical information (“Non-Health/Medical Information”) in the form of statistics and information regarding the Application user’s statistics and metrics obtained from third party devices (for example, steps, distance, calories burned, GPS coordinates, bat speed, hand speed, swing time, etc.), which may be combined with personal information you submit through the Application and/or Services so that you can fully enjoy the benefits of the Application’s tracking, monitoring, and diagnostic tools. We may also request the following optional information as part of your profile so that you can fully enjoy the features and functions of our Services: your weight, height, and gender.
1.8 Mobile Device Information.
Your use of the Application may also include collection of information from your mobile device. For example, the Application may request your permission to collect location data and/or may request access to multimedia (photos or videos) stored on your mobile device. Location data is not required for participation in activities through the Application, and you have the option of declining collection of geolocation data. If you do not wish for your location data to be shared with Mediclicks, please respond accordingly when prompted on your mobile device, or visit your mobile device settings. Multimedia will only be collected from your device if you affirmatively select it to upload to the application (i.e. you choose an image or video to store within the Application). Multimedia will not be shared with other Application users (with the exception of your profile photo, which will appear in your user profile)
2. Purposes of Processing: How We Use Your Information
2.1 Subject to this Mediclicks Privacy
Policy, the Terms of Service, and applicable terms and conditions of third-party applications, all data transmitted through the Application is owned by Mediclicks. To the extent Mediclicks is precluded from owning data transmitted through the Application, you grant Mediclicks a perpetual, worldwide, royalty-free license to use such data (with the exception of medical information) to the extent necessary to enable use of the Application and Services.
2.2 Mediclicks shall have the right to use
and process your Personal Data for its business and activities which shall include, but not limited to, the following (“Purposes”):
2.2.1 Where you are a user of the Services
provided by Mediclicks(“User”):
(i) to perform Mediclicks’s obligations in respect of any contract entered into with you;
(ii) to provide you with and to deliver to you any Service which you have requested;
(iii) to process, manage or verify your application for subscription with Mediclicks and to provide you the benefits offered to subscribers;
(iv) to validate your requests, purchases and bookings as well as process payments relating to any products or Services you have requested;
(v) to process your participation in any events, activities, research studies, promotions, polls or surveys;
(vi) to understand and analyze our sales as well as your needs and preferences; and
(vii) to process exchanges or product returns.
2.2.2 Where you are an agent, vendor, supplier, partner, contractor or service provider:
(i) for the purposes of engaging you to provide services or products;
(ii) to facilitate or enable checks as may be required by Mediclicks in order to engage you;
(iii) to process payments relating to any products or services you have provided;
(iv) to contact you.
2.2.3 General (applicable to all the parties referred to in Clauses 2.1.1 and 2.1.2 above):
(i) to respond to questions, comments and feedback from you;
(ii) to communicate with you for any of the Purposes listed in this Privacy Policy;
(iii) for internal administrative purposes, such as auditing, data analysis, database records;
(iv) for purposes of detection, prevention and prosecution of crime;
(v) for Mediclicks to comply with its obligations under the law;
(vi) to enhance or develop features, products and services; and
(vii) to personalize the content that you and others see on the Application.
2.3 Mediclicks may also use and process your data for other purposes which include, but is not limited to, the
following (“Additional Purposes”):
(i) to notify you about our products and services;
(ii) to send you alerts, newsletters, updates, mailers, promotional materials, special privileges, festive greetings from Mediclicks, its partners, sponsors or advertisers;
(iii) to notify and invite you to events or activities organized by Mediclicks, its partners, sponsors or advertisers;
(iv) to process your registration to participate in or attend an event or activity and to communicate with you regarding your attendance at the event or activity;
(v) to provide advertisers and other third parties with aggregate information about Application users and the Application usage patterns;
(vi) to allow other selected companies to send you promotional materials about their products and services; and
(vii) to share your Non-Health/Medical Information amongst its subsidiaries, associate companies, partners and jointly controlled entities who may communicate with you to market their products, services, events or promotions,by way of post, telephone call, short message service (SMS), by hand, by e-mail, and/or any other electronic or digital device. For the avoidance of doubt, Mediclicks will NEVER share your medical and health information for any marketing or promotional purposes without your prior written consent.
2.4 We use Non-Health/Medical Information
for purposes such as measuring the number of users of various features of the Application, making the Application more useful to users and delivering targeted advertising and non-advertising content. We may also use Non-Health/Medical Information (for example, statistics regarding use and metrics) for research purposes, for marketing and promotional purposes, and to develop new learning tools and solutions and we may share such information with third parties, including researchers and/or advertisers, on an aggregate and anonymous basis. We use IP addresses to analyze trends, administer the Application, track a visitor’s movement, and gather demographic information for aggregate, non-personally identifiable use.
2.5 You acknowledge that unless you request
in writing otherwise, Mediclicks, in its sole discretion, has the right but not the obligation to store any Personal Data perpetually, to the extent permitted by law. If you wish for any information about you to be removed from our database, please contact us through the contact information provided below in the “How to Contact Us” section of this Privacy Policy. We will not use your Health related information for any purpose other than to provide you with the Services and/or customer support services you request from us.
3. Sharing Your Information
3.1 Your Non-Health/Medical Information may
be transferred, accessed or disclosed to third parties for the Purposes and Additional Purposes. Further, Mediclicks may engage other companies, service providers or individuals to perform functions on its behalf, and consequently may provide access to or disclose you Non-Health/Medical Information to such service providers or third parties. Except as otherwise described in this Privacy Policy, or if we inform you otherwise at the time of data collection and receive your consent where required, we will not sell, trade, or share your Personal Data with third parties.
We may share your Personal Data as follows:
3.2 Doctors and Doctors
We will share your Personal Data with the Doctor who responds to your request. The Doctor may contact you via telephone prior to being dispatched to your location, to ensure that that they are equipped to handle your medical case. The Doctor’s treatment of your information is subject to the Doctor and Doctor’s own policies and procedures. Any medical information that we collect from you will be kept private and secure, as required by law.
3.3 With Affiliates
We may share your Non-Health/Medical Information with affiliated companies and businesses. We will NOT share your medical or health information for any marketing purposes without your prior written consent.
3.4 With Service Providers
We may use other companies (such as information technology (IT) service providers) to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions, developing our software and infrastructure, sending emails, and fulfilling purchase requests. These other companies may be supplied with or have access to your Non-Health/Medical Information, solely for the purpose of providing these services to you on our behalf.
3.5 With Business Partners
When you make purchases or engage in promotions offered through our Application, we may share your Non-Health/Medical Information with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
3.6 With other Service Providers
We occasionally will share, on an anonymous basis, information and data on Application users with third party providers who provide targeted services, such as advertising or data analysis on our behalf. This sharing of information does NOT include any Personal Data or medical information.
3.7 Special Circumstances
We also shall disclose your Personal Data:
(i) in response to a subpoena or similar
investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
(ii) when disclosure is required or allowed
by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our Application’s terms and conditions or other agreements or policies.
(iii) in connection with a corporate
transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of winding-up, as required or allowed by law.
SPECIAL NOTICE FOR USERS OF THE APPLICATION: IF YOU ELECT TO MAKE YOUR PROFILE (OR THAT OF A MINOR OR FAMILY MEMBER) VIEWABLE BY DOCTORS, ALL INFORMATION (EXCLUDING PERSONAL CONTACT INFORMATION) THAT YOU INCLUDE IN THAT PROFILE MAY BE VIEWED BY DOCTORS. YOU SHOULD NOT ENTER ANY INFORMATION IN THE PROFILE THAT YOU (OR ANOTHER PERSON) WISH TO REMAIN CONFIDENTIAL. DOCTORS WILL NOT BE ABLE TO CONTACT YOU EXCEPT THROUGH THE PERSONAL CONTACT INFORMATION YOU PROVIDE THROUGH THE APPLICATION. WE ARE NOT RESPONSIBLE FOR THE RETENTION, USE OR PRIVACY PRACTICES OF DOCTORS AFTER THEY HAVE RECEIVED YOUR INFORMATION.
4. How to Access or Update Your Information
4.1 You may have access to, review,
correct, update, change or delete your account profile information at any time. Simply log into your account, go to your profile, and make the necessary changes.
Before providing you with a copy of your personal information or correcting, updating or deleting such information, We reserve the right to verify and authenticate Your identity and the personal information to which You have requested access. Access to or correction, updating or deletion of Your personal information may be denied or limited by Us if it would violate another person’s rights and/or as otherwise permitted by applicable law.
4.2 Subject to any exceptions under the applicable laws, you may:
(i) request for access to and/or request
for the correction of your Personal Data;
(ii) request to limit the processing of
your Personal Data for the Additional Purposes; and/or
(iii) make any inquiries regarding your
Personal Data, by contacting us at the e-mail address provided below in the “How to contact us” section of this Privacy Policy.
4.3 Subject to any applicable laws,
Mediclicks reserves the right to impose a fee for access of your Personal Data in the amounts as permitted therein.
4.4 In respect of your right to access
and/or correct your Personal Data, Mediclicks has the right to refuse your requests to access and/or make any correction to your Personal Data for the reasons permitted under the law, for example where the expenses of providing access to you is disproportionate to the risks to your or another person’s privacy.
4.5 If you do not wish for your Personal
Data to be collected via cookies on our website, you may deactivate cookies by adjusting your internet browser settings to disable, block or deactivate cookies, by deleting your browsing history and clearing the cache from your internet browser.
5. Links to Third Party Sites
Our Application may contain links to websites or applications operated and maintained by third-parties, over which we have no control. Privacy policies for these third-party sites and applications may be different from our Privacy Policy. You access these third-party sites and applications at your own risk. You should always read the privacy policy of a linked site or applications before disclosing any personal information on such site and/or through such applications. Mediclicks is not responsible for information you submit to third-parties.
6. Acknowledgement and Consent
By communicating with Mediclicks, using the Application and our Services or by virtue of your engagement with Mediclicks, you acknowledge that you have read and understood this Privacy Policy and agree and consent to the use, processing and transfer of your Personal Data by Mediclicks as described in this Privacy Policy.
From time to time we may modify, update or amend the terms of this Privacy Policy by placing the updated Privacy Policy on our website. The effective date of such modifications, updates or amendments will be noted at the end of the Privacy Policy. You should therefore review it periodically so that you are up to date on our most current policies and practices. If we make material changes to our practices regarding the processing and/or use of your Personal Data, your Personal Data will continue to be governed by the version of the Privacy Policy to which such Personal Data was subject (prior to those changes), unless you have been provided notice of, and have not objected to, the changes. By continuing to communicate with Mediclicks, by continuing to use our Services or by your continued engagement with Mediclicks following the modifications, updates or amendments to this Privacy Policy, such actions shall signify your acceptance of such modifications, updates or amendments.
7. English version of Privacy Policy to prevail
In the event of any conflict between the English and Malay version of this Privacy Policy, the English version shall prevail.
8. How to Contact Us
If you have any questions, comments or concerns about our Privacy Policy, please contact:
Cell Med Sdn Bhd
017 631 3399
9. Effective Date
This Privacy Policy is effective as of 1 April 2021.
10. Indemnity
You agree and undertake to indemnify Us against any suit or dispute by any Third Party arising out of disclosure of Personal Information by You to Third Parties either through Our Website/App or otherwise and Your use and access of websites, applications and resources of Third Parties. We assume no liability for any actions of Third Parties with regard to Your Personal Information, which You may have disclosed to such Third Parties.
11. Severability
Each paragraph of this Privacy Policy shall be and remain separate from and independent of and severable from all and any other paragraphs herein except where otherwise expressly indicated or indicated by the context of the agreement.
The decision or declaration that one or more of the paragraphs are null and void shall have no effect on the remaining paragraphs of this privacy policy.