MEDPLANNER CLINICAL MESSAGING APP – PRIVACY POLICY
Last Updated: 16 September 2024
MedPlanner Sdn Bhd (“MedPlanner”, “we”, “us”, or “our”) is committed to protecting your privacy and ensuring that your personal data is handled in compliance with the applicable data protection laws. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use the MedPlanner clinical messaging app (“App”).
This Privacy Policy applies to users located in Malaysia, Indonesia, Singapore, and the United Kingdom, and it is designed to ensure compliance with the respective privacy laws in these jurisdictions.
1. Data Controller
For the purposes of data protection laws, MedPlanner Sdn Bhd is the data controller of your personal data.
• Malaysia: We comply with the Personal Data Protection Act 2010 (PDPA).
• Indonesia: We comply with the Law on Electronic Information and Transactions (EIT Law).
• Singapore: We comply with the Personal Data Protection Act 2012 (PDPA).
• United Kingdom: We comply with the General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data We Collect
We collect the following types of personal data when you use the App:
Personal Information
• Name, professional title, and contact details (e.g., email, phone number).
• Institution or organization details where you work.
Usage Data
• Data about how you use the App (e.g., interactions, messaging data, IP address, and device information).
Patient Data
• Patient-related information: You may transmit or store sensitive patient data, such as medical records and health information. It is your responsibility as a healthcare professional to ensure that you have obtained the necessary patient consent before using the App to handle patient data.
3. How We Use Your Data
We use your personal data for the following purposes:
• To facilitate secure communication between healthcare professionals.
• To verify your identity and maintain the security of the App.
• To improve and develop the App’s features and user experience.
• To comply with legal and regulatory requirements in each jurisdiction.
4. Data Protection Laws by Jurisdiction
We ensure that all personal data processed through the App complies with the corresponding privacy regulations of the respective countries.
Malaysia
Under the Personal Data Protection Act 2010 (PDPA), we:
• Ensure that personal data is not processed without the user’s consent, unless otherwise permitted by law.
• Implement strict data security measures to protect against unauthorized access.
Indonesia
In compliance with the EIT Law and the Regulation No. 20/2016 on Personal Data Protection in Electronic Systems:
• We protect personal data from misuse and unauthorized disclosure.
• Explicit user consent is required for data collection and use.
Singapore
Under the Personal Data Protection Act 2012 (PDPA), we:
• Ensure that personal data is collected, used, and disclosed only for purposes that are reasonable and legitimate.
• Require healthcare professionals to ensure that patient data is transmitted with proper consent and care.
United Kingdom
In compliance with the UK GDPR and the Data Protection Act 2018:
• We ensure transparency about how we collect, store, and use personal data.
• We implement data minimization practices and use encryption to secure patient information shared through the App.
5. Data Sharing and Disclosure
We do not sell, rent, or lease your personal data to third parties. However, we may share your data in the following circumstances:
• With service providers who help us operate and improve the App (e.g., cloud service providers, analytics platforms).
• If required by law, such as to comply with a legal obligation or court order.
• To protect the rights, property, and safety of MedPlanner, its users, or the public.
6. Cross-Border Data Transfers
Since MedPlanner operates in multiple countries, your data may be transferred across borders to ensure seamless functionality. We ensure that such transfers comply with applicable privacy regulations, such as:
• Malaysia: Under PDPA, we ensure that any transfer of personal data to a location outside of Malaysia meets data protection standards equivalent to PDPA.
• Indonesia: Cross-border transfers are permitted with the explicit consent of the data subject.
• Singapore: We comply with the Transfer Limitation Obligation of the PDPA, ensuring that overseas recipients provide comparable data protection standards.
• United Kingdom: Data transfers outside of the UK are conducted in compliance with the UK GDPR, ensuring appropriate safeguards are in place.
7. Data Security
We take data security seriously and have implemented the following measures to protect your personal data:
• End-to-end encryption for all communications sent through the App.
• Regular data security audits and risk assessments.
• Secure servers located in compliance with regional data residency laws.
Despite our best efforts, no method of data transmission or storage is completely secure. We cannot guarantee absolute security, but we continuously work to protect your information.
8. Your Rights
Depending on your jurisdiction, you may have the following rights concerning your personal data:
• Access: You have the right to request access to the personal data we hold about you.
• Correction: You have the right to request correction of inaccurate or incomplete personal data.
• Deletion: You may request the deletion of your personal data, subject to legal requirements.
• Restriction: You may request that we restrict the processing of your personal data in certain situations.
• Data Portability: You have the right to receive your personal data in a structured, commonly used format and to request that we transfer it to another service provider.
• Withdraw Consent: If you have provided consent for the processing of your personal data, you have the right to withdraw that consent at any time.
To exercise your rights, please contact us using the information provided below.
9. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. Patient-related data may be subject to additional retention periods as required by healthcare regulations.
10. Children’s Privacy
The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from individuals under 18 years of age.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technologies, or legal obligations. We will notify users of significant changes and update the “Last Updated” date at the top of this policy.
12. Contact Us
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us at:
MedPlanner Sdn Bhd
Email: contact@medplanner.io
By using the MedPlanner clinical messaging app, you agree to the terms outlined in this Privacy Policy.
​