We at AsiaMedic Limited and our subsidiaries (“AML”) respect the privacy and confidentiality of the personal data of AML’s shareholders, patients, associates, partners, visitors and other individuals whom we interact with in the course of providing our medical services. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal
Data Protection Act (PDPA) 2012.
We have developed this Data Protection Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.
2 How We Collect Your Personal Data
Personal data refers to any information that can uniquely identify an individual person either (a) on its own (e.g. NRIC No., FIN No.), or (b) when combined with other information (e.g. Full Name + Full Address).
We collect your personal data when you:
3 Types of Personal Data We Collect About You
The types of personal data we collect about you include:
4 How We Use Your Personal Data
We use the personal data you provide us for one or more of the following purposes:
5 Who We Disclose Your Personal Data To
We disclose some of the personal data you provide us to the following entities or organisations outside AML in order to fulfil our services to you:
Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
6 How We Manage the Collection, Use and Disclosure of Your Personal Data
6.1 Obtaining Consent
Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.
6.2 Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of our future events and product launches.
Your request for withdrawal of consent can take the form of an email or letter to us.
7 How We Ensure the Accuracy of Your Personal Data
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete and kept up-to-date.
From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us of any changes to your personal data (such as a change in your mailing address).
8 How We Protect Your Personal Data
We have implemented appropriate information security and technical measures (such as firewalls and secure network protocols) to protect the personal data we hold about you against loss; misuse; destruction; unauthorised alteration/modification, access, disclosure; or similar risks.
We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.
9 How We Retain Your Personal Data
We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes.
We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.
10 How You Can Access and Make Correction to Your Personal Data
You may write to us to find out what personal data about you that we have in our possession or under our control and how it may have been used and/or disclosed by us in the previous one year. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.
If you find that the personal data we hold about you is inaccurate, incomplete or not up-to-date you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.
11 How We Transfer Your Personal Data
If there is a need for us to transfer your personal data to another organisation outside of Singapore, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
What types of cookies we use?
There are several different types of cookies which our website uses:
Functionality – We use these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
How to Manage Cookies
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
13 Contacting Us
If you have any query or feedback regarding this Data Protection Notice, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at: firstname.lastname@example.org.
Any query or complaint should include, at least, the following details:
We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.
14 Changes to this Data Protection Notice
We may update this Data Protection Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes.
Changes to this Notice take effect when they are posted on our website.