HealthTrip (“HealthTrip”, “we”, “our”, “us”) respects your privacy and is committed to protecting your personal information. This policy describes HealthTrip practices regarding personally identifiable information or personal data (“personal information/ PI”). This policy applies to our websites, applications, email, voice calls and text messages, and social media accounts (the “Platforms”). When you use the Platforms, you agree to the terms in this policy.
PURPOSE OF THIS PRIVACY POLICY
This privacy policy aims to give you information on how HealthTrip collects and processes your PI, including any PI you may provide through the Platforms when you purchase a product or service or sign up for our newsletter.
You must read this privacy policy together with any other privacy policy, notice or fair processing policy we may provide on specific occasions when we are collecting or processing PI about you so that you are fully aware of how and why we are using your PI. This privacy policy supplements other notices and privacy policies and is not intended to override them.
CONTACT DETAILS
HealthTrip is the company (business) responsible for your PI.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, please contact the DPO using the details set out below.
Full name of legal entity: Global Patient Tech Pte Ltd.
Address: Vision Exchange, #13-30, No 2 Venture Drive, Singapore 608526
Email address: dpo@healthtrip.com
POLICY AMENDMENTS
We keep our privacy policy under regular review updating it at least once in 12 months. HealthTrip might make minor amendments to this Privacy policy which shall not adversely affect your privacy, except if laws set otherwise.
In case of material changes, HealthTrip will publish such amendments and amended policy on our website and, as far as possible, notify you either by email or by pop-up windows when you are using our Platforms next time.
Amendments shall enter into force on the Effective Date.
The actual version of the Privacy policy is published on our website.
DATA ACCURACY
When you give us PI, you are telling us, that the information is true, accurate, complete and current. You are also telling us, that you have the authorization to provide it to us
The PI we hold about you must be accurate and current. Please keep us informed, if your PI changes during your relationship with us.
THE CATEGORIES OF PERSONAL INFORMATION WE COLLECT
We may collect, use, store and transfer different kinds of PI about you which we have grouped together as follows:
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your PI, but is not considered PI in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Network Activity Information to calculate the percentage of users accessing a specific Platform feature. However, if we combine or connect Aggregated Data with your PI, so that it can directly or indirectly identify you, we treat the combined data as PI which will be used in accordance with this privacy policy.
Customer support If you choose to contact our customer support services we will collect any inquiries, complaints or other information that you may submit to our support team.
We do not collect any Special Categories of PI about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
CHILDREN
HealthTrip does not knowingly collect PI from minors, except if the minor is one of the travellers for medical tourism or accompanied by an adult. If we become aware that a minor is attempting to submit a PI, we will remove this information from our records. If you are the parent/legal guardian of a minor who has given us PI, please contact us so we can delete it.
IF YOU FAIL TO PROVIDE PERSONAL INFORMATION
Where we collect PI required by law or under the terms of a contract, and you fail to provide that PI when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
HOW WE COLLECT YOUR PERSONAL INFORMATION
We use different methods to collect PI from and about you including through:
PI you give to us
We collect your PI directly from you (using live chat, online forms or via voice call/ messenger). Any contact data (emails, phones etc.) provided by you throughout any interaction will be treated as your personal contacts and saved in your profile for future communications unless specifically requested not to be stored (one-time communication only). For example, when you provide us with your PI by requesting a quote, registering or booking medical travels, contacting our customer support. This includes PI you provide when you:
When we chat with you (e.g., WhatsApp, Facebook, regular SMS etc.) the chat might be accidentally closed/ removed, there might be interruptions, slow internet connection etc. We may contact you later via automated phone and text messages or email (if available) in order to restore our communication started within the chat. No purchase necessary.
One of the main collection methods are VOICE CALLS We have vested interest to ensure you have chosen the best possible option. Voice calls are an exclusive opportunity to provide you with immediate customer support and disclose additional product features, you might not notice on the website. Usually, we call back on your request. Sometimes there might be unfinished conversations regarding current consultation or booking of flights/accommodation (misunderstanding in live chat, email system error, poor internet connection etc.), which require immediate response. We don’t make unwanted telemarketing robocalls or any annoying advertising campaigns. You can opt-out this communication any time by contacting us via filling the contact us form.
PI we collect passively We also collect your PI passively. For example, we collect information about you over time and across different Websites when you visit the Platform. We also use tracking tools like cookies and beacons. As you interact with our Platforms, we will automatically collect Network Activity Information about your equipment, browsing actions and patterns. We collect this PI by using cookies and other similar technologies. For additional information, please, refer to our Cookie policy. Platform features may make use of your device attributes and settings that will allow us to determine your physical location (country, state). Such technologies may include IP address mapping or other technologies. We use this information to enhance and personalize your experience and provide you with offers and services that may be of interest to you. HealthTrip does not have control over your device settings, but we do recommend enabling location services on your device so you can take advantage of the location based features and functionality offered.
PI we receive from service providers: We collect your PI using service providers. This can include when you log in using a service provider platform, such as Facebook & Google . In addition, we also integrate service providers' software that collects information about users for security reasons.
FOR WHAT PURPOSE WE USE YOUR PERSONAL INFORMATION
We will use your PI for the following purposes:
Improving our services To provide you and improve our Platforms and services, to better understand the users of our Platforms and services, and to protect our property and to prevent damage to them.
Regular customers
If you have ever requested a price quote or purchased our services, we treat you as the Regular (loyal) Customer. Regular Customers have plenty of benefits:
According to our policy, we may contact you as a Regular Customer via email/phone saved within previous requests and transactions. Such cases may be, for example, when you accidentally provided the wrong email/phone or when you cannot be reached via email/ phone left in the last request/ purchase. If you want to opt-out, please contact us.
Bookings We and our Hospitals, Doctors & travel partners use your PI to process your bookings and store your itinerary, medical and consultation information where applicable.
Marketing activities
We use your information for marketing purposes. These activities may include:
To communicate with you, including as follows:
Legal purposes In certain cases we may need to use your information to handle and resolve legal disputes, for regulatory investigations and compliance or to enforce the terms of use of the service.
Performance of a contract The use of your PI may be necessary to perform the services and provide you products that you have requested from us. For example, if you make a booking on our Platform, we need to collect PI from you to complete the booking.
Consent We may rely on your consent to use your PI for certain direct marketing purposes. You can withdraw your consent anytime by contacting us.
We have set out below, in a table format, a description of all the ways we plan to use your PI.
Purpose |
Activity |
Category of PI |
To assist in purchasing medical trip packages and related travel products (air tickets, car rentals, hotel booking etc.) - Main Activity, to provide assistance requested by you or otherwise perform contractual obligations |
To register you as a new or a Regular customer/ to start a business relationship |
A. Identifiers |
To process and deliver your order related to the Main Activity, including: |
A. Identifiers |
|
For solely internal uses that are based on your relationship with us or compatible with the context in which PI was collected |
To manage our relationship with you which will include: |
A. Identifiers |
To deliver relevant Platform content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you |
A. Identifiers |
|
To use data analytics to improve our Platforms, products/services, marketing, customer relationships and experiences |
A. Network Activity Information |
|
To make suggestions and recommendations to you about goods or services that may be of interest to you |
A. Identifiers |
|
To create and manage your online account |
F. Identifiers |
|
To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity |
To administer and protect our business and Platforms (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
A. Identifiers |
To identify and repair errors that impair existing intended functionality |
To administer and protect our business and Platforms (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
A. Identifiers |
To comply with a legal obligation |
(a) To manage tax matters; |
A. Identifiers |
To exercise or defend legal claims |
(a) To manage complaints |
A. Identifiers |
CHANGE OF PURPOSE
We will only use your PI for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
YOUR CHOICES
As a customer-oriented business, we respect and value your expectations.
As a result, you can make announcements and queries at any time regarding your concerns in privacy matters.
Each of our marketing email has an opt-out button and you can unsubscribe from such communication at any time. You cannot unsubscribe from servicing emails and administrative messages.
CONSENT TO SHARE INFORMATION
HOW WE SHARE YOUR PERSONAL INFORMATION
Corporate affiliates and change of control We may share your PI with our corporate affiliates and if HealthTrip itself (or part of its business) is sold or otherwise changes control, owners would have access to your PI for the uses set out herein.
Service providers We may share your PI with suppliers who perform services on our behalf and have agreed in writing to protect and not further disclose your information. We utilize the services of Amazon AWS, Enablex and Gupshup as our data storage & communication partner, responsible for providing services such as web and mobile application host provider, SMS, phone numbers and recording data. We have a formal agreement in place with these providers to ensure compliance with data protection regulations. Amazon AWS, Enablex and Gupshup are committed to maintaining the confidentiality, security, and integrity of the data provided. By using our services, you acknowledge and agree that AWS,Enablex and Gupshup may collect, process, and store your communication-related data in accordance with the terms outlined in our agreement with them.
Payment service providers, Hospitals and travel vendors If you book through the Platforms, we may share your PI with the payment service providers, acquirer banks and the travel vendors you have booked with. This can include online travel agencies, hotels, airlines, Hospitals, Registered Doctors Clinics, car rental companies, and travel insurance providers. These third parties will process your PI as data controllers in accordance with their own privacy policies. If you contact our customer support, they may need to share information about your request with the relevant vendor in order to assist you.
Business partners We may share your PI with various business partners. Some of these business partners may use your PI for fraud detection, including, but not limited Identifiers, Contact Data and Network Activity Information , also to detect, prevent, or otherwise address fraud, security or technical issues. We may also share your PI to ask our partner to create a survey, form, application, or questionnaire, so we know the degree of your satisfaction with our services. Some of these business partners may use your PI for online behavioral advertising purposes, or to offer you services or products that we believe you may be interested in. We may also share your information as otherwise described to you at the time of collection. We may also share anonymous aggregated usage information with partners.
We enter into confidentiality and PI processing terms with partners to ensure they comply with high levels of confidentiality and best practice in privacy and security standards and we regularly review these standards and practices.
Health Packages shared by you If you use or have itineraries/quotes as part of our Service, you can send or grant access to your itinerary/quotes to anyone you choose. Your itinerary/quote may contain enough details (for example, disease information, and hospital reference codes) to allow the recipient to cancel or modify your booking etc. You should only share your itinerary/quotes with people you trust. If you choose to display your itinerary/quote on publicly-viewable web pages (Facebook, for instance), that information may be collected and used by others.
Information shared in public If you provide us with a review of your experience, you authorize us to publish it on all our Platforms under the screen name you provided. You also authorize us to aggregate it with other reviews.
Authorities We may disclose PI if required by law, for example to law enforcement or other authorities. This includes court orders, subpoenas and orders arising from legal processes, and administrative or criminal investigations. We may also disclose your PI if the disclosure is necessary for the prevention, detection or prosecution of criminal acts or to prevent other damage, or in response to a legal action or to enforce our rights and claims.
We may also share anonymous aggregated usage information with others.
All the above categories exclude text messaging originator opt-in data and consent. This information will not be shared with any third parties.
HOW WE STORE AND PROTECT YOUR PERSONAL INFORMATION
Our servers and data centers are located in the U.S and our service providers may be located there and in other countries. By providing us PI, you agree that your PI may be transferred to and stored in these countries. These countries may have different and/or less stringent privacy/data protection and data security rules than those of your own country. As a result, your PI may be subject to access requests from governments, courts, or law enforcement in those countries according to laws in those countries. Subject to the applicable laws of such countries, we will provide the necessary safeguards to maintain protections of your PI, e.g. by obtaining from the PI recipients contractual commitments based on the EU model clauses.
HealthTrip has a security program intended to keep the PI stored in our systems protected from unauthorized access and misuse. Our systems are configured with data encryption, or scrambling technologies and firewalls constructed to industry standards. We also use Secure Socket Layer (SSL) technology that protects the PI you send over the Internet. PI may only be accessed by persons within our organizations, or our service providers to carry out the uses indicated in this Privacy Policy.
We have put in place appropriate security measures to prevent your PI from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your PI to those employees, agents, contractors and other service providers who have a business need to know. They will only process your PI on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected PI breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
RETENTION PERIODS
We will only retain your PI for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your PI for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for PI, we consider the amount, nature and sensitivity of the PI, the potential risk of harm from unauthorised use or disclosure of your PI, the purposes for which we process your PI and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
OTHER WEBSITES
If you click through to third-party websites or other platforms, HealthTrip’s privacy policy does not apply.
REQUESTS AND COMPLAINTS
Under certain circumstances set by applicable law, you are entitled to:
Due to the remote nature of our services, it is important for us to keep communicating through the same email (Verified Email), which was used by you to request a price quote or purchase medical trip and other related services.
The Verified Email is the key communication channel for us, so we can give quick answers and not divulge your data to any malicious person.
You might also a submit request through the voice call, but still we must use the Verified Email to reply, due to law requirements and in order to protect our legal claims.
If you submit your request through the authorised agent or by using third party service we will ask for additional verification by contacting you via Verified Email.
NONDISCRIMINATION: We shall not discriminate (deny services, charge different prices, provide different levels of quality) against you because you exercised any of the rights set herein.
This right might be limited in case, if the difference in prices or levels or quality is reasonably related to the value provided to you by your PI.
We might obtain your opt-in consent and provide to you financial incentives, so you agree to provide additional PI or not to request the deletion of your PI.
FEES and DENIALS: You will not have to pay a fee to access your PI (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive (more than twice in a 12-month period) or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We might also refuse to act on your request, when we are not in a position to identify you and verify your request or the requested fee was not paid.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your PI (or to exercise any of your other rights). This is a security measure to ensure that PI is not disclosed to any person who has no right to receive it. We may also contact you (via email, phone or messenger) to ask you for further information in relation to your request to speed up our response.
Due to law limitations we might deny your request to know if you are asking us to disclose a high-risk data (e.g., Passport number, Identification number such as (Aadhaar or SSN), driver's license number, financial account data, passwords etc.). In such cases we will definitely inform you that we have collected such types of information, unless prohibited from doing so by law.
TERMS: We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. The maximum response time shall not exceed 90 days.
CONTACTS: you can submit your complaint/ request to DPO email (see above).
HOW HealthTrip RESPONDS TO “DO NOT TRACK” SIGNALS
Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so we are not currently set up to respond to those signals.
HealthTrip COOKIE POLICY
Cookies is a small piece of data sent from Platform and stored on your device (computer, smartphone etc.) by your web browser while you are browsing our Platforms and sometimes down the line . Without Cookies it would be impossible to provide you information and services you are requesting through the Internet. Cookies remember stateful information (such as items added in the shopping cart in an online store) or record your browsing activity. They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, addresses, passwords and billing addresses.
By using the Platforms, you agree to the use of any of the cookies and tracking tools mentioned in this policy, unless you opted out (available only for some cookie types).
Additional information about cookie purposes can be found here or you can send a request to us.
CATEGORIES OF COOKIES USED BY HealthTrip
Technical and strictly necessary Cookies
In most cases our Platforms use cookies in order to ensure technical feasibility to connect our Platform with your device and provide services requested by you. This cookies is integrated by default into our Platforms.
In case, you try to block/ turn off any of such cookies you might not receive some essential part of services, requested by you. Some examples of such cookies are:
1. User input cookies (session-id), e.g. when you are filling online form (package buying, making payment etc.).
2. Authentication cookies, used for authenticated services, e.g., when You are logging into your online account within any of information systems integrated with our Platform.
3. Security cookies used to detect authentication abuses and prevent malicious attacks.
4. Multimedia content player session cookies, such as flash player cookies.
5. Load balancing session cookies (faster processing of your requests).
6. Third party social plug-in content sharing cookies.
Functionality and Preferences Cookies
Such Cookies help us to optimize and make more user-friendly our Platforms, enhance security level, facilitate faster and more convenient use of Platforms, and receive valuable statistics in anonymized way, including, but not limited to:
In case we are collecting Cookies for statistical purposes, we are committed to apply a “functional separation” principle, so the results of the processing shall be without any negative impact to Your privacy or there should not be any decisions made against You.
Retention period of Functionality Cookies usually is very short. In case of longer periods, please, be aware that we always assess the risk level of such processing, so it does not adversely affect Your privacy.
Under the strict supervision we might allow service providers to collect Functionality Cookies on our Platforms in order to provide us with aggregated statistics. In such cases we require service providers to aggregate or erase data obtained from Your device.
Advertising and Targeting Cookies
We and our third party vendors, including Microsoft, Google and Facebook, use Advertising cookies to serve ads based on a Your prior visits to our Platforms. For example:
We and our advertising partners may also use web beacons (single pixel GIF images). These web beacons are placed in the code of a Web page or an email newsletter. When you access a partner site within our mobile applications, we may track your activity on that site.
OPT-OUT FROM COOKIES
Your browser gives you the ability to control cookies. How to do this varies from browser to browser. You should view the Help menu on the browser you use for further information. Your opt out choice is stored in opt out cookies only in that browser, so you should separately set your preferences for other browsers, computers, or devices you may use. If your browser blocks cookies, your opt out preferences may not be effective. Deleting browser cookies can remove your opt out preferences, so you should visit this page periodically to review your preferences. If you block or delete cookies or opt out of online behavioral advertising, not all of the tracking that we have described in this policy will stop.
Please also note that opting out of a third party cookie does not mean that you will no longer receive or be subject to online advertising or marketing. It means that the third party service from which you opted out will no longer deliver ads tailored to your web preferences and online behavioral.
You may also opt out of third party cookies by visiting opt-out website like https://optout.aboutads.info/?c=2&lang=EN or https://www.cookiesandyou.com/disable-cookies/windows/chrome/