This Privacy Notice describes MHC’s policies and procedures (accountability) on the collection (notification, consent & purpose), use, disclosure and care of your information (accuracy, protection, retention & transfer). MHC receives your information through our various web sites and Smartphone applications (“Services”). For example, you send us information when you utilize or download MHC materials from our web site, post or receive reminders via SMS, or access to MHC websites or portals through your computer browser or smartphone (either via MHC applications or access to MHC portals by smartphone browsers).
By accessing to any of our Services you have consent (unless instances of deemed consent) to the collection, transfer, storage, disclosure, sharing and other uses of your information as described in this Privacy Notice. Irrespective of which territory you currently residing in or create information from. Your information may be used by MHC in the region of Republic of Singapore and Malaysia or any other territories in which MHC operating its businesses. Regardless of the territory that is processing your information, we apply the same measures of protection as detailed out in this policy. We will comply with the respective legal frameworks of the territories relating to the transfer of information (If Any).
Data Breach Notification Obligation & Main Purpose of Providing and Replying Back to You using our DPO Email address:
If you have any questions or comments about this Privacy Notice or discovered a confirmed breach of security that results in the unauthorized release, disclosure or acquisition of data, you shall immediately notify us via written notice as soon as reasonably possible at DPO@mhcasiagroup.com
Purpose for Information Collection, Use, Disclosure and Processing of Personal Data (Notification, Consent, Purpose Limitation, Transfer Limitation Obligations):
- You acknowledge that we will collect and use your information to provide and measure use of our Services.
- You hereby consent us to collect, use and disclose your personal information for the business or legal related purposes in accordance with this Privacy Notice.
Information through our various online forms and MHC Applications
The online feedback or enquiry you provide to us may contain some personal information, such as your name, company name, telephone and email address. This information is required for us to respond to your enquiry and correspond with you.
- Upon submission of your information through MHC Applications, the Terms of Use (TOU) has indicated the notification and the purposes.
Additional Information:
- You may provide us with additional information such as the nature of your feedback and enquiry to enable us to interact with you during the course of our business with you as our partner, client or supplier. Providing the additional information described in this section is entirely optional.
Third Party Services:
- MHC uses a variety of services hosted by third parties to help provide our Services, such as hosting our various blogs, forms, data and spreadsheets to help us understand the use of our Services, such as Google Analytics and Google Docs. These services may collect information sent by your browser as part of a web page request, such as cookies or your IP request.
Information Sharing and Disclosure:
- We do not disclose your private information except in the limited circumstances described here.
Consent:
- It is deemed that you have implicitly consented to us to share or disclose your information with our internal staff to enable them to process your request when you submit information to us through our websites and smartphone apps.
Withdrawal of Consent:
- You may withdraw your consent for the collection, use and / or disclosure of personal data in our possession by furnishing a written request to us.
- With your request for withdrawal of consent, we shall liaise with your insurer or employer (if under the Medical Service Arrangement) for validation of such withdrawal. Upon obtaining such grant of withdrawal, we shall cease to collect, use and / or disclose personal data in the manner as stated in your request.
Service Providers:
- We engage certain trusted third parties to perform functions and provide services to us. We may share your personal information with these third parties, but only to the extent necessary to perform these functions and provide such services, and only in pursuant to obligations mirroring the protections of this privacy notice.
Access, Correction Obligation:
- You may request for access to correct or update your personal information with us. However, such permission of access shall only be granted by us upon obtaining approval from your insurer or employer.
Accuracy, Protection, Retention, Transfer Limitation Obligations:
- MHC shall take reasonable measures to obtain accurate and complete personal data from you. You shall be personally responsible for the accuracy and completeness of your personal data and shall update MHC of any changes in your personal data immediately upon receiving notification on the changes. MHC shall not be liable for relying on inaccurate or incomplete personal data arising from you.
- MHC shall put in place commercially reasonable security measures to ensure all relevant personal data is adequately protected and secured in a safe environment. Appropriate security measures have been complied and maintained to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of personal data.
- MHC shall retain personal data in accordance with legal, regulatory, business, and operational obligations.
- MHC shall not transfer any data outside of Singapore in accordance with the internal Data Protection Policy and our Data Flow Diagram that aligned with Personal Data Protection Commission (PDPC) Data Flow Illustration.
Retention of Personal Data and Disposal:
- MHC will cease to retain personal data, as soon as it is reasonably practicable to assume that the purpose for collection of such personal data is no longer being served by such retention, and such retention is no longer necessary for legal or business purposes.
- MHC will keep some data until deletion of your App account, such as information on statistics of how frequently you have used our services.
- Upon your deletion of data, we follow a deletion process to make sure that your data is safely and completely removed from our servers or retained only in anonymized form.
Regulatory Obligation or Deemed Consent:
- We may preserve or disclose your information if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect MHC’s rights or property.
Business Transfer / Reorganization:
- In the event that MHC is involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, you agree that your information may be transferred as part of that transaction. The promises in this privacy notice will apply to your information as transferred to the new entity for proper and continuous operation.
Changes to this Notice
- We may update this Privacy Notice from time to time without any personal notification. The most current version of the notice will govern our use of your information and will always be at https://www.mhcasia.com
- If we make a change to this policy that, in our sole discretion, is material, we will post them online. By continuing to access or use the Services after those changes become effective, you agree to be bound by the updated Privacy Notice.
- We will regularly review this Privacy Notice and make sure that we process your information in ways that comply with it.
Effective: 24th July 2024
Management of
MHC Asia Group and its related companies, subsidiaries and affiliates.
MHC Medical Network Pte Ltd Certification:
- ISO 27001:2013 ISMS (Information Security Management System)
- ISO 22301:2019 BCMS (Business Continuity Management System)
OSPAR Attestation:
MHC Medical Network has undertaken an OSPAR attestation. The OSPAR provides the framework for outsourced service providers to demonstrate the capability to meet the requirement of ABS Guidelines. OSPAR is Outsourced Service Provider Audit report that to be issued with an audit report stating that it has been audited by a third party and meets the standards.