Privacy Policy

Introduction

Medicore AI is committed to protecting the privacy and personal data of individuals who interact with our services. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in accordance with the Malaysian Personal Data Protection Act 2010 (PDPA) and other applicable data protection regulations.

This policy applies to personal data collected through our website, consultation services, and healthcare AI implementation projects. By engaging with Medicore AI, you acknowledge that you have read and understood this Privacy Policy.

For questions or concerns about this policy, please contact us at [email protected].

Data Collection Information

What Personal Data We Collect

We collect personal data that is necessary to provide our services and fulfill our business purposes. The types of personal data we may collect include:

• Contact information: name, email address, phone number, job title, organization name
• Professional information: role within healthcare organization, areas of responsibility
• Communication records: correspondence, consultation notes, meeting records
• Technical information: IP address, browser type, device information when you visit our website
• Project-specific information: requirements, workflow details, system specifications (when working on implementation projects)

How We Collect Data

We collect personal data through various methods:

• Directly from you when you submit contact forms, request consultations, or communicate with us
• Automatically through website cookies and analytics tools
• Through business interactions during project delivery and professional services
• From your organization when you are designated as a contact person for projects

Legal Basis for Processing

We process personal data based on the following legal grounds:

• Consent: You have explicitly agreed to our processing of your personal data for specific purposes
• Contractual necessity: Processing is necessary to fulfill our service agreements with your organization
• Legitimate interests: Processing is necessary for our legitimate business interests, such as improving our services, while respecting your privacy rights
• Legal compliance: Processing is required to meet regulatory or legal obligations

Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Typical retention periods include:

• Contact inquiry data: retained for 2 years from last contact
• Project documentation: retained for 7 years following project completion
• Communication records: retained for 3 years from date of communication
• Website analytics data: retained for 26 months

Data Usage Explanation

How We Use Your Personal Data

We use collected personal data for the following purposes:

• Service delivery: To provide healthcare AI consultation, assessment, and implementation services
• Communication: To respond to inquiries, provide project updates, and maintain professional relationships
• Contract management: To administer agreements and fulfill contractual obligations
• Service improvement: To analyze how our services are used and identify areas for enhancement
• Regulatory compliance: To meet legal and regulatory requirements applicable to our business

Data Sharing with Third Parties

We do not sell personal data to third parties. We may share personal data with:

• Service providers: Cloud hosting services, email communication platforms, analytics providers
• Professional advisors: Legal counsel, accountants, consultants when necessary for business operations
• Regulatory authorities: When required by law or to protect legal rights

All third-party service providers are contractually obligated to maintain the confidentiality and security of personal data and to use it only for the purposes for which we disclose it to them.

Marketing Communications

We may send professional updates or service information to contacts who have provided consent or where we have a legitimate interest. You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us at [email protected].

Data Protection Measures

Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, destruction, or damage. These measures include:

• Encryption of data in transit and at rest
• Secure access controls and authentication procedures
• Regular security assessments and updates
• Employee training on data protection practices
• Confidentiality agreements with staff and service providers

Data Breach Notification

In the event of a personal data breach that poses a risk to individuals' rights and freedoms, we will notify affected individuals and the relevant supervisory authority within the timeframes required by applicable law. Our notification will include information about the nature of the breach, potential consequences, and measures taken to address the breach and mitigate harm.

Cookie Information

Our website uses cookies and similar technologies to enhance user experience and analyze website usage. Cookies are small text files placed on your device when you visit our website.

We use the following types of cookies:

• Essential cookies: Necessary for website functionality
• Analytics cookies: To understand how visitors use our website
• Preference cookies: To remember your settings and preferences

For detailed information about our cookie practices and how to manage your preferences, please see our Cookie Policy.

Your Rights

Under the Malaysian Personal Data Protection Act and other applicable regulations, you have the following rights regarding your personal data:

• Right of access: You may request access to the personal data we hold about you
• Right to rectification: You may request correction of inaccurate or incomplete personal data
• Right to erasure: You may request deletion of your personal data in certain circumstances
• Right to data portability: You may request a copy of your personal data in a structured, commonly used format
• Right to object: You may object to processing of your personal data for certain purposes
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time
• Right to lodge a complaint: You may file a complaint with the Personal Data Protection Commissioner if you believe your rights have been violated

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within the timeframes required by applicable law, typically within 30 days.

Please note that certain rights may be limited in some circumstances, such as when we are required to retain data for legal compliance or when deletion would impair legal rights.

Third-Party Links

Our website may contain links to third-party websites or services that are not operated by Medicore AI. This Privacy Policy does not apply to those external sites. We recommend reviewing the privacy policies of any third-party sites you visit, as we are not responsible for their data practices.

Children's Privacy

Our services are directed at healthcare professionals and organizations. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we have inadvertently collected personal data from a minor, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. When we make significant changes, we will notify affected individuals through appropriate means, such as email notification or a prominent notice on our website.

The "Last Updated" date at the top of this policy indicates when it was most recently revised. We encourage you to review this policy periodically to stay informed about how we protect your personal data.

Contact Information

For questions, concerns, or requests related to this Privacy Policy or our data protection practices, please contact our Data Protection Officer:

If you are not satisfied with our response to your privacy concern, you may lodge a complaint with the Personal Data Protection Department of Malaysia.