Skip links
Login
Get Early Access
scroll
Remedi

Privacy Policy

Welcome to Remedi Innovations Sdn Bhd (1246783-M) (“Remedi”, “we”, “our”, “us”). We offer a clinic management system: (i) to be used by clinics and healthcare providers to help manage all administrative aspects of the clinical interaction, including patient booking, patient consultation, record keeping, payment management and other practice management functions; and (ii) to provide patients of the clinics and healthcare providers (“Patients”) access to such administrative functionalities (collectively, “System”)

This Privacy Policy also describes the measures we take to our processing of that information and describes the measures we take to safeguard the personal data of individuals in accordance with the Malaysia Personal Data Protection Act 2010 (“PDPA”). This Privacy Policy states how we collect, use, disclose, process and manage your Personal Data in the course of our business, including our websites, digital services and products such as mobile applications, technical platforms and other online offerings otherwise indicated.

This Privacy Policy applies to any individual’s Personal Data which is in our possession or under our control, with whom we may share it, and how you may exercise your rights and choices with respect to our processing of that information. By interacting with us and submitting your data to us, you agree and consent to Remedi as well as our respective agents, authorised service providers and relevant third parties to processing your Personal Data in the manner set forth in this Privacy Policy. 

Unless otherwise stated herein, all capitalised terms shall have the same meaning as prescribed in the PXRemedi Terms of Use and CXRemedi Terms of Use, wherever applicable.

In the event of inconsistency or ambiguity between the terms stated in this English version and the Bahasa Malaysia version, this English version shall prevail.

 

CHANGES TO THIS PRIVACY POLICY

1.          We may from time to time update this Privacy Policy to ensure that this Privacy Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Each time you enter our website, use our mobile and web-based applications, and any updates, upgrades, new versions, documentation and content and services provided by or through the website, mobile and web-based applications (collectively referred to as “System”), or contact, interact or transact with us, you acknowledge and agree that the latest version of this Privacy Policy shall apply. It is your duty to keep yourself updated as to the latest version of this Privacy Policy.

 

NOTICE TO PATIENTS

 

2.          Please contact your relevant Subscriber Clinic for any questions about your patient information, including contact information, billing details and patient records. Remedi does not and will not release any such information to you.

 

WHY DOES THIS PRIVACY POLICY APPLY TO YOU?

3.          “Personal Data” means any information in respect of commercial transactions, which relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information, including any sensitive personal data and expression of opinion about the individual. “Sensitive Personal Data” means any personal data consisting information as to the individual’s physical or mental health or condition, political opinions, religious beliefs or other beliefs of a similar nature, the commission or alleged commission of an offence or any other Personal Data as may be gazetted by the Malaysian Government.

 

4.          This Privacy Policy describes our practices regarding the Personal Data we obtain, including but not limited to:

a.          Your download and use of the PXremedi Application (“App”) through any Platform including your registered mobile device (“Device”);

b.          Your use of the System, any App content, services and functionality available through the Platform and/or System, whether directly or indirectly via third parties that reference this Privacy Policy;

c.           Through the Subscriber Clinic and their use of the System;

d.          Through third-party sources, including any government entities, business partners, service providers, vendors; and

e.          Through other data collection points that reference this Privacy Policy.

 

5.          The Personal Data definition does not extend to (a) business contact information; or (b) anonymised data. Anonymisation is the process of removing identifying information such that the remaining data does not identify any particular individual. Please refer to the paragraph on Anonymised/Aggregated Data for further information.

 

TYPE OF PERSONAL DATA

6.          We may collect and Process the following Personal Data from health practitioners and other Authorised Users, such as:

a.       your name and your role at the Subscriber Clinic at which you practise (or work);

b.      the name, address, and phone number of the Subscriber Clinic at which you practise (or work)

 

7.          We may also collect the following personal information about Patients, either directly from the patient, or from the patient’s health practitioner or practice via the System, including:

a.       name, NRIC, date of birth, postal address, email address and telephone numbers;

b.      health and medical history, including your symptoms, medications, and any previous diagnosis and treatment given to you;

c.       medical documents such as medical certificate, time slip, referral letters;

d.      occupation and employment details, religion, country of birth, racial or ethnic origin, where relevant to the services your doctor provides to you;

e.       medical plans or insurance cover details, if relevant;

f.    images and biometrics (e.g. photographs, voice and video recordings of you, including our conversations with you, using fingerprint mapping and facial recognition for verification or other purposes);

g.       your personal opinions made known to us (e.g. through feedback or surveys);

h.      when you access and browse the System, we collect information about how you are accessing the System such as your internet or mobile network connection, your browser or the type of mobile device you are using (if applicable). We use this log and device information to identify how our Services are being accessed and used so we can optimize them for the types of connections, browsers and devices being used. This information is not used to market or send promotions at an individual user level;

i. information relating to the version of the App  through a Platform or your use of the System including but not limited to location information, IP address, MAC address, network interface, device type and model and other forms of data from your Device in connection with the use of the App, information relating to the usage of various functionalities such as the camera, QR code scanner, video, voice recording function as well as Device permissions such as the permission to use device identifiers in your Device, to use any and all media files from your Device gallery, to push notifications, to access your list of contact information, to use location services, to use any connectivity services and other similar information.

 

8.          Any reference to “Personal Data” also includes such data that may be provided by you on behalf of another person pursuant to the paragraph on Accessing Personal Data of Others below.

 

9.          When a Subscriber Clinic subscribes to the System or when a Patient wants to make payment for a service, our payment processing partner Stripe processes your billing information. We do not collect, use or process your credit card information. Please refer to the paragraph on Third Party Vendors below.

 

USE AND COLLECTION OF PERSONAL DATA

 

10.       Remedi may use your Personal Data (a) for the purposes identified below or separately communicated to you; (b) to fulfil legitimate business interests and/or contractual and legal obligations.

 

11.       If you are a health practitioner or Authorised User of a Subscriber Clinic, we will collect your Personal Data directly from you through your interactions with the System.

 

12.       If you are a Patient, we will either collect your Personal Data directly from you or from your Subscriber Clinic through their interactions with the System.

 

13.       Generally, Remedi may also collect, use and disclose your Personal Data in the following ways:

a.       when you submit forms, applications, requests or feedback to us;

b.      when you interact with our customer service officers, for example, via telephone calls, letters, face-to-face meetings, social media platforms and/or emails;

c.       when you submit your Personal Data to us for any other reason;

d.      when you use our Platform including electronic services, mobile and web-based applications or interact with us via the System or use the System on any of our Platform which may utilise various technologies to collect data (which may include Personal Data) automatically either by us or by third parties on behalf of us, such as:

i          Cookies. A number of places on our website and our mobile and web-based applications make use of cookies. Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website or enjoy full access to all of our applications.

ii        Web beacons and tracking links. Web beacons (also known as pixel tags and clear GIFs) involve graphics that are not apparent to the user. Tracking links and/or similar technologies consist of a few lines of programming code and can be embedded in our emails, website or mobile or web-based applications. In conjunction with cookies, these are primarily used for statistical analysis purposes. This technology can also be used for tracking traffic patterns on websites, as well as finding out if an e-mail has been received and opened and to see if there has been any response.

iii       Web analytics. Web analytics is the term given to a method for collecting and assessing the behaviour of visitors to websites and mobile or web-based applications. This includes the analysis of traffic patterns in order, for example, to determine the frequency of visits to certain parts of a website or mobile or web-based application, or to find out what information and services our visitors are most interested in.

iv       Server logs. Server logs are files and records of activity created by the Device that you use Remedi from. For example, a web server log may record a history of page requests whereas other logs may record errors, access attempts or other information about your Device, such as your IP address or your Device’s cookie settings. We collect and retain such server logs for administrative, security and troubleshooting purposes.

 

 ACCESSING PERSONAL DATA OF OTHERS

 

14.      You may give authorisation to your caregiver to use Remedi to access your Personal Data. To do so, you will need to provide your National Identification Number (NRIC / Passport) (“ID”), as well as the caregiver’s ID, name, email and contact number. Additionally, if you are a parent, you may also apply to access your child’s Personal Data if your child is a minor (under 18 years of age). Where so, by applying to obtain or to grant such access, you represent to us that:

 

a.     you are authorised to do so;

b.     you have obtained the consent of the third party to provide us with his/her Personal Data for the respective purposes;

c.     he/she accepts that his/her Personal Data will be subject to this Privacy Policy (as amended from time to time); and

 

d. you agree to fully indemnify us in respect of any regulatory penalties, claims or proceedings by any third party(ies) and any proceedings, investigations, orders, directions, judgments issued by a court, statutory body or regulatory authority, in connection with the provision of his/her/their Personal Data. 

e.  You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested or process your application.

 

PURPOSES RELATED TO THE USE OF YOUR PERSONAL DATA

 

15.       Generally, Remedi may collect, use and/or disclose your Personal Data for the following purposes:

 

a.       setting up your account with us and managing your use and access of the System

 

b.      facilitating and supporting your use of our online and mobile services such as transactional e-services like e-appointments and e-payments;

c.       managing your relationship with us by personalising our services and recommending content related to your health and our services and informing or communicating with you about service upgrades and updates;

d.       to send offers and promotional materials related to our services and for other marketing purposes;

e.   carrying out security and safety measures and services such as performing network or service enhancement and protecting our platforms from unauthorised access or use;

f.        carrying out market-related, evaluation or similar research and analysis for our operational strategy and policy planning purposes, including providing data to authorised external parties for any purposes to review, develop and improve the quality of healthcare products and related services;

g.    verifying your identity and such other information provided by you, including but not limited to the relationship between yourself and a third party dependent or the relationship between yourself and a third party caregiver;

h.      managing the administrative and business operations more effectively such as attending to your queries, feedback and/or complaints and complying with our internal record keeping for meeting any applicable laws and regulations; 

i.        facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales);

j.      carrying out due diligence in accordance with legal and regulatory obligations or our risk management procedures and policies such as conducting audits to prevent, detect and investigate crime or offences or uncover non-conforming processes;

k.       monitoring or recording phone calls and customer-facing interactions for quality assurance, and identity verification purposes;

l.    in connection with any claims, actions or proceedings (including but not limited to the drafting and reviewing of documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations.

 

ACCURACY OF PERSONAL DATA

 

16.       We will take appropriate and reasonable steps to ensure the accuracy and correctness of the Personal Data that we collect, use and/or disclose. To enable us to ensure the quality and accuracy of Personal Data, you have an obligation to provide accurate and up-to-date information to us.

 

HOW WE PROTECT YOUR PERSONAL DATA

 

17.       We will take reasonable efforts to protect the Personal Data in our possession or under our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, no method of transmission over the Internet or method of electronic storage is 100% secure, as such we cannot completely guarantee the security of any Personal Data we may have collected from or about you, e.g. that no harmful code (such as viruses, bugs, Trojan horses, spyware or adware) will enter our Platform and System.

 

HOW LONG DO WE RETAIN YOUR PERSONAL DATA

 

18.       We retain Personal Data as may be required for business, legal, regulatory or compliance purposes, and such purposes do vary according to the circumstances. We will take reasonable steps to dispose or anonymise Personal Data that is no longer needed. With regard to medical data that we process, we will retain medical records in accordance with the duration stipulated by the Ministry of Health or/and in adherence with contractual agreements.

 

TRANSFER OF PERSONAL DATA OUTSIDE MALAYSIA

19.       Generally, we do not transfer Personal Data out of Malaysia, except to our approved third party services providers for applicable services (“Third Party Vendors”). Should we do so, we will ensure there is compliance with the requirements under the PDPA.

 

THIRD PARTY VENDORS

 

20.       The System has integrations with Third Party Vendors’ software and systems, which includes but is not limited to enable:

 

a.       Payments for services;

b.      Secure encrypted messaging services, for example, to send SMS to patients, and to transfer test results to you from your Subscriber Clinic

c.       Secure cloud storage of information; and

d.      Other practice management functions.

 

21.       We may need to disclose personal information to these Third Party Vendors to the limited extent required to enable and support these integrated functions

 

22.       We may disclose your personal data under the following circumstances:

 

a.      when we believe disclosure is necessary to prevent physical harm or financial loss to Remedi;

b.      to establish, exercise, or defend our legal rights;

c.     in connection with an investigation of suspected or actual fraud, illegal activity, security, or technical issues; In addition, we reserve the right to transfer to relevant third parties the personal information we have about you in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution, or liquidation), or other business transaction;

d.      We also may share the information in other ways for which we provide specific notice at the time of collection and obtain your consent to the extent required by applicable law.

 

23.       The System and/or Platform may contain links to sites whose data protection and privacy practices may differ from ours. We are not responsible for the content and privacy practices of these other websites and encourage you to check the privacy notices of these other websites to determine how they will handle any information they collect from you.

 

CONTACTING US: FEEDBACK, WITHDRAWAL OF CONSENT, ACCESS AND CORRECTION OF YOUR PERSONAL DATA

24.       You are entitled to withdraw your consent for the collection, use and disclosure of your Personal Data at any time. However, depending on the nature of the withdrawal, it may become impossible for Remedi to provide services such as processing or providing services offered by Remedi. Remedi may also not be in a position to administer any contractual relationship in place, which in turn may also result in the termination of any agreements with Remedi, and your being in breach of your contractual obligations or undertakings. Remedi’ legal rights and remedies in such event are expressly reserved.

 

25.       If you:

a.       have any questions or feedback relating to your Personal Data or our Privacy Policy;

b.      would like to withdraw your consent to any use of your Personal Data as set out in this Privacy Policy; or

c.       would like to obtain access and make corrections to your Personal Data records, you can contact our us at info@remedi.my

 

 ANONYMISED/AGGREGATED DATA 

26.       Remedi may use computer-generated algorithms to gather anonymous and aggregated information from Subscriber Data in order to assist in our continued development and improvement of the Services, and for research, data analysis, benchmarking, statistics or trend analysis. We will ensure that none of the information we gather identifies, or could be used to identify, any user or patient. Remedi may share such anonymized information with Subscriber Clinics and others, for example, by providing insights into most common conditions, most popular treatments or benchmarking fees against industry or regional norms.

 

GOVERNING LAW

27.   This Privacy Policy shall be governed in all respects by the laws of Malaysia.