last updated March 2018
Words denoting one gender shall include the other gender. Words denoting a singular number shall include the plural and vice versa.
- Collection of Personal Data
1.1 Information That You Give Us.
“Personal Data” means information that can identify you, including but not limited to your full name, identification card number, birth certificate number, passport number, nationality, address, telephone number, fax number, bank details, credit card details, race, gender, date of birth, marital status, resident status, financial background, personal interests, email address, your occupation, the industry in which you work in, any information about you which you have provided to us in registration forms, application forms, or any other forms (including inter alia for purposes of completing surveys) and/or any information about you that has been or may be collected, stored, used and processed by Doctor2U from time to time AND INCLUDES sensitive personal data (as defined under the Personal Data Protection Act 2010) such as health/ religious data and criminal data.
1.1.1 The provision of your Personal Data is voluntary. However, if you do not provide us with your Personal Data, we will not be able to process your Personal Data for the Purposes and Additional Purposes outlined below and may not be able to provide you with our Services. We hope that you will find it beneficial to provide information about yourself to us.
1.1.2 Doctor2U will collect your Personal Data when you register for the Application, create a profile on our Application, or subscribe to our Services (“Register”). Doctor2U may also collect your Personal Data when you make a request to be connected with an independent Doctor to provide house call services at your location (“Visit”) or complete our surveys.
1.1.3 The Personal Data that we collect varies depending upon how you use our Services. When you Register, you will need to provide us with health-related information that a Doctor will need to determine whether he/she is willing to provide medical services to you.
1.1.5 We do not protect the privacy of and are not responsible for your disclosure of any information through interactive features like forums, message boards, chats, tagging, rating, if any, including, but not limited to information that you might post related to a minor.
1.1.6 Also, whenever you voluntarily disclose anyone’s personal information on publicly-viewable web pages, that information can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information that you voluntarily post, so we encourage you to exercise discretion and caution with respect to information you choose to disclose through these interactive features. When an individual chooses to post information that will be publicly disclosed, he or she is responsible for all legal consequences. We are not responsible under any data protection laws for-information that you voluntarily post on a site that can be accessed by others.
If you have concerns on your privacy rights, you should contact us at the contact details provided at Clause 11 below.
1.2 Other Information We Collect.
In addition to the Personal Data you provide to Doctor2U directly, we may collect your Personal Data from a variety of sources such as:
(i) Filled application or registration forms or other similar forms;
(ii) From publicly available sources such as directories;
(iii) From our social media pages, if you follow, like or are a fan of such pages;
(iv) From credit reporting agencies;
(v) The personal information which you provide to Lovy Pharmacy which include, inter alia, information relating to your health and medication history;
(vi) When you interact and communicate with Doctor2U and/or Lovy Pharmacy at any events or activities;
(vii) By using our website.
1.3 Medical Information.
In connecting you with a Doctor to provide you with their medical services in connection with a Visit, the Application may collect Personal Data from you and transmit it electronically. We will use administrative, physical, and technical safeguards to protect the security and privacy of information held in the Application. Our infrastructure is kept in a secured data centre that protects from unauthorized access to the physical servers, backups and any element used to store and/or process personal data. Only authorized personnel can access the data centre. Our systems and databases are backed up regularly to help protect the data in case of an uncontrollable catastrophe. We run our IT computing system on the Microsoft Azure platform. Kindly be informed that some of these servers may be located outside of Malaysia. The data centre that stores our servers has policies and procedures in place designed to safeguard the equipment that our data is stored on. We regularly upgrade our system software to include the latest security features. Our servers are protected by a firewall system, which is designed to keep unwanted traffic or access out of our computer network. We also employ an intrusion prevention service (IPS) provided by a secured data centre operated by a professional company. We also use security methods to determine the identity of each registered user, so that appropriate rights and restrictions can be enforced for that user. Reliable verification of user identity is called “authentication”. All communications between our Web server, your browser and our mobile apps is encrypted with SSL (Secure Sockets Layer) to guard against network eavesdroppers. Your password is internally encrypted in our system to prevent unauthorized access to the system. Validations are built throughout the application to capture the most reliable information. Only the last 4 digits of your credit card number is stored on our servers.
Neither Doctor2U nor any other party not working directly with the Doctor will be authorized to access medical information or health records kept by the Doctor, if any, created as a result of a Visit. Doctor2U will transmit any medical information describing your symptoms (or that of any minor for whom you are requesting Services) to any Doctor in a secured electronic transaction. You have a right to a paper copy of any medical information that Doctor2U transmits (including that of a minor for whom you are acting), and a right to amend medical information in accordance with applicable legal requirements. If you wish to communicate with a Doctor directly by email or other electronic means, you may request that those communications be transmitted through a system that protects their confidentiality. Doctors will accommodate reasonable requests in accordance with applicable law. Otherwise, your electronic communications may not be secure.
1.5 Tracking and/or Analytics Services.
We may use mobile application tracking and/or analytics services. These services may record unique mobile gestures such as tap, double-tap, zoom, pinch, scroll, swipe and tilt but do not collect personally identifiable information that you do not voluntarily enter in the Application. These services do not track your browsing habits across mobile applications that do not use the same services. We are using the information collected by these services to understand user behavior and optimize site performance.
1.6 Web Beacons.
We may also use web beacons (invisible images often referred to as pixel tags or clear GIFs) in order to recognize users and assess traffic patterns, and we may include web beacons and cookies in our email messages in order to count how many e-mail messages have been opened.
1.7 Non-Health/Medical Information.
We also collect Personal Data that is not health information or medical information (“Non-Health/Medical Information”) in the form of statistics and information regarding the Application user’s statistics and metrics obtained from third party devices (for example, steps, distance, calories burned, GPS coordinates, bat speed, hand speed, swing time, etc.), which may be combined with personal information you submit through the Application and/or Services so that you can fully enjoy the benefits of the Application’s tracking, monitoring, and diagnostic tools. We may also request the following optional information as part of your profile so that you can fully enjoy the features and functions of our Services: your weight, height, and gender.
1.8 Mobile Device Information.
Your use of the Application may also include collection of information from your mobile device. For example, the Application may request your permission to collect location data and/or may request access to multimedia (photos or videos) stored on your mobile device. Location data is not required for participation in activities through the Application, and you have the option of declining collection of geolocation data. If you do not wish for your location data to be shared with Doctor2U, please respond accordingly when prompted on your mobile device, or visit your mobile device settings. Multimedia will only be collected from your device if you affirmatively select it to upload to the application (i.e. you choose an image or video to store within the Application). Multimedia will not be shared with other Application users (with the exception of your profile photo, which will appear in your user profile).
- Purposes of Processing: How We Use Your Information
2.2 Doctor2U may use and process your Personal Data for its business and activities which shall include, but not limited to, the following (“Purposes”):
2.2.1 Where you are a user of the Services provided by Doctor2U (“User”):
(i) to perform Doctor2U’s obligations in respect of any contract entered into with you;
(ii) to provide you with and to deliver to you any Service which you have requested;
(iii) to process, manage or verify your application for subscription with Doctor2U and to provide you the benefits offered to subscribers;
(iv) to validate your requests, purchases and bookings as well as process payments relating to any products or Services you have requested;
(v) to process your participation in any events, activities, research studies, promotions, polls or surveys;
(vi) to understand and analyze our sales as well as your needs and preferences; and
(vii) to process exchanges or product returns.
2.2.2 Where you are an agent, vendor, supplier, partner, contractor or service provider:
(i) for the purposes of engaging you to provide services or products;
(ii) to facilitate or enable checks as may be required by Doctor2U in order to engage you;
(iii) to process payments relating to any products or services you have provided;
(iv) to contact you.
2.2.3 General (applicable to all the parties referred to in Clauses 2.1.1 and 2.1.2 above):
(i) to respond to questions, comments and feedback from you;
(iii) for internal administrative purposes, such as auditing, data analysis, database records;
(iv) for purposes of detection, prevention and prosecution of crime;
(v) for Doctor2U to comply with its obligations under the law;
(vi) to enhance or develop features, products and services; and
(vii) to personalize the content that you and others see on the Application.
2.3 Doctor2U may also use and process your data for other purposes which include, but is not limited to, the following (“Additional Purposes”):
(i) to notify you about our products and services;
(ii) to send you alerts, newsletters, updates, mailers, promotional materials, special privileges, festive greetings from Doctor2U, its partners, sponsors or advertisers;
(iii) to notify and invite you to events or activities organized by Doctor2U, its partners, sponsors or advertisers;
(iv) to process your registration to participate in or attend an event or activity and to communicate with you regarding your attendance at the event or activity;
(v) to provide advertisers and other third parties with aggregate information about Application users and the Application usage patterns;
(vi) to allow other selected companies to send you promotional materials about their products and services; and
(vii) to share your Non-Health/Medical Information amongst its subsidiaries, associate companies, partners and jointly controlled entities (which shall include Lovy Pharmacy) who may communicate with you to market their products, services, events or promotions,
by way of post, telephone call, short message service (SMS), by hand, by e-mail, and/ or any other electronic or digital device. For the avoidance of doubt, Doctor2U will NEVER share your medical and health information for any marketing or promotional purposes without your prior written consent.
2.4 We use Non-Health/Medical Information for purposes such as measuring the number of users of various features of the Application, making the Application more useful to users and delivering targeted advertising and non-advertising content. We may also use Non-Health/Medical Information (for example, statistics regarding use and metrics) for research purposes, for marketing and promotional purposes, and to develop new learning tools and solutions and we may share such information with third parties, including researchers and/or advertisers, on an aggregate and anonymous basis. We use IP addresses to analyze trends, administer the Application, track a visitor’s movement, and gather demographic information for aggregate, non-personally identifiable use.
- Revocation of Consent
3.2 If you wish to unsubscribe to the processing of your Personal Data for the Additional Purposes by Doctor2U, please click on the link “Unsubscribe” which is embedded in the relevant e-mail in order not to receive any e-mail in the future.
- Sharing Your Information.
We may share your Personal Data as follows:
4.2 Doctors and Doctors
We will share your Personal Data with the Doctor who responds to your request. The Doctor may contact you via telephone prior to being dispatched to your location, to ensure that that they are equipped to handle your medical case. The Doctor’s treatment of your information is subject to the Doctor and Doctor’s own policies and procedures. Any medical information that we collect from you will be kept private and secure, as required by law.
4.3 With Affiliates
We may share your Non-Health/Medical Information with affiliated companies and businesses. We will NOT share your medical or health information for any marketing purposes without your prior written consent.
4.4 With Service Providers
We may use other companies (such as information technology (IT) service providers) to perform services including, without limitation, facilitating some aspects of our Application such as processing credit card transactions, developing our software and infrastructure, sending emails, and fulfilling purchase requests. These other companies may be supplied with or have access to your Non-Health/Medical Information, solely for the purpose of providing these services to you on our behalf.
4.5 With Business Partners
When you make purchases or engage in promotions offered through our Application, we may share your Non-Health/Medical Information with the businesses with which we partner to offer you those products, services, and promotions. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
4.6 With other Service Providers
We occasionally will share, on an anonymous basis, information and data on Application users with third party providers who provide targeted services, such as advertising or data analysis on our behalf. This sharing of information does NOT include any Personal Data or medical information.
4.7 Special Circumstances
We also may disclose your Personal Data:
(i) in response to a subpoena or similar investigative demand, a court order, or other request from a law enforcement or government agency where required by applicable law.
(ii) when disclosure is required or allowed by law in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our Application’s terms and conditions or other agreements or policies.
(iii) in connection with a corporate transaction, such as the sale of all or a portion of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of winding-up, as required or allowed by law.
SPECIAL NOTICE FOR USERS OF THE APPLICATION: IF YOU ELECT TO MAKE YOUR PROFILE (OR THAT OF A MINOR OR FAMILY MEMBER) VIEWABLE BY DOCTORS, ALL INFORMATION (EXCLUDING PERSONAL CONTACT INFORMATION) THAT YOU INCLUDE IN THAT PROFILE MAY BE VIEWED BY DOCTORS. YOU SHOULD NOT ENTER ANY INFORMATION IN THE PROFILE THAT YOU (OR ANOTHER PERSON) WISH TO REMAIN CONFIDENTIAL. DOCTORS WILL NOT BE ABLE TO CONTACT YOU EXCEPT THROUGH THE PERSONAL CONTACT INFORMATION YOU PROVIDE THROUGH THE APPLICATION. WE ARE NOT RESPONSIBLE FOR THE RETENTION, USE OR PRIVACY PRACTICES OF DOCTORS AFTER THEY HAVE RECEIVED YOUR INFORMATION.
- How to Access or Update Your Information.
5.1 Subject to any exceptions under the applicable laws, you may:
(i) request for access to and/or request for the correction of your Personal Data;
(ii) request to limit the processing of your Personal Data for the Additional Purposes; and/or
(iii) make any inquiries regarding your Personal Data,
5.2 Subject to any applicable laws, Doctor2U reserves the right to impose a fee for access of your Personal Data in the amounts as permitted therein.
5.3 In respect of your right to access and/or correct your Personal Data, Doctor2U has the right to refuse your requests to access and/or make any correction to your Personal Data for the reasons permitted under the law, for example where the expenses of providing access to you is disproportionate to the risks to your or another person’s privacy.
5.4 If you do not wish for your Personal Data to be collected via cookies on our website, you may deactivate cookies by adjusting your internet browser settings to disable, block or deactivate cookies, by deleting your browsing history and clearing the cache from your internet browser.
- How We Protect Your Information.
We use commercially reasonable administrative, technical, and physical measures to safeguard Personal Data and medical information in our possession against loss, theft and unauthorized use, disclosure or modification. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. No method of transmission over mobile applications is 100% secure, however. Therefore, while we strive to make all reasonable efforts to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the unlikely event of a data breach, you will be notified as soon as reasonably possible, in accordance with applicable law. Furthermore, we are not responsible for any breach of security or for any actions of any third parties that receive the information, including without limitation any breach of security or for any actions of a Doctor.
- Links to Third Party Sites.
- Acknowledgement and Consent
- How to Contact Us.
Phone number: 012-5251530
Fax number: 03-55696829
E-mail address: [email protected]
- Effective Date.