Effective Date: 12 July 2019
As a company based in Malaysia, DATA8 is bound to comply with Personal Data Protection Act (“PDPA”) 2010 and all relevant regulations, standards, code of practice and guidelines as may be prescribed from time to time.
THE DATA WE COLLECT FROM YOU
Personal data, or personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous or de-identified data).
We may collect, use, store and transfer different kinds of personal data about you which we have set out below.
Identity Data includes first name, last name, username or similar identifier, date of birth, gender and locality area. We collect date of birth and gender to profile users in order to help us improve the Services offered. We collect locality to track unique trends or behaviour that might be generated from a specific location and it could also be useful in the event of outbreak.
Contact Data includes telephone number and email address to allow us to send updates, marketing promotions and other materials related to the Services.
Technical Data includes internet protocol (IP) address, your log-in data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology devices you use to access our Services. We use this information to help us form an opinion on how best to improve our Services by looking at the Technical Data.
Usage Data includes information about how you use our Services to help us improve your user experience.
Health Device Data includes any information that is synced-up from a fitness application or a wearable that tracks or monitors your wellness and health data.
We also collect, use and share Aggregate Data such as statistical of demographic data for any purpose. Aggregate Data may derive from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, Aggregate Data may include a statement that says “70% of our users have uploaded medical information in the last 3 months”.
Our Services are not intended for children and we do not knowingly collect data relating to children. However, parents or legal guardians of the children may wish to upload the children’s data on cHEART for purposes fitting to the parents or legal guardians.
HOW DO WE COLLECT YOUR DATA
Our methods of data collection include:
You voluntarily provide us your identity and contact by filling-in forms or by corresponding with us via email or through our website. This includes personal data you provide when you:
- subscribe to our Services
- create an account on our application or
- give us feedback
- upload your medical records and sync-up Health Device Data to cHEART application
As you interact with our website and application, we may automatically collect Technical Data about your device, browsing behaviour and patterns. We collect this data by using cookies and other similar technologies.
Third parties or publicly available sources
We may receive personal data about you from various third parties and public sources like social networks, message boards, analytics provider etc. The information that we receive depends on your privacy settings on such sources.
HOW WE STORE YOUR DATA
We rely on a private blokchain network to store your encrypted data. This means that no one can access your data without you granting them.
HOW WE USE YOUR DATA
We will use your data in the following circumstances where we need to:
- register, administer your account and profile, and provide you the information and services that you requested
- improve our Services. For example, we may use demographics and pattern usage to create new features and content to enhance your experience when using our Services.
- comply with a legal and regulatory obligation. We will do this to the extent required by such laws or regulations.
We may de-identify or aggregate your data with other users of the Services. This de-identified or Aggregate Information may be used by us for any lawful purpose, including for data mining and analytics.
HOW WE SHARE AND DISCLOSE YOUR DATA
We may share your data with Healthcare Providers and with pharmaceuticals or research institutions for research purposes.
We use partners and service providers to help us provide the services that you use. We will share your personal information with third parties when:
- it is required by law
- requested by you
- access to your personal information is granted by you
In the event that we need to comply with law or legal processes, we will share your information, the amount of which is sufficient for said purpose.
When we share your personal information, we will take steps to ensure that the recipient will protect your privacy, keep your personal information secure and process it in accordance with the law.
We will only retain your data for as long as necessary to provide you with the Services and to fulfil any legal requirements.
In some circumstances, we may anonymise your data (so that it can no longer be associated with you) for research or statistical purposes in which case, we may use this information indefinitely without further notice to you.
HOW WE PROTECT YOUR DATA
The security of your personal data is important to us. We use reasonable measures aimed to protect against any unauthorised use, disclosure, alteration or destruction of the Personal Data we collect and maintain. You should keep in mind however, that no data transmitted digitally over the internet is fully secure and any data disclosed online can be potentially collected and used by other than the intended recipient. So, while we strive to protect your data, we cannot guarantee or warrant the security of any information you transmit to and from our Services.
YOUR LEGAL RIGHTS
You have rights under data protection laws in relation to your Personal Data to exercise any of the following:
– request access to your personal data
– request correction to your personal data
– request erasure of your personal data
– object to processing of your personal data
– request restriction of processing your personal data
– request transfer of your personal data
– right to withdraw consent
NOTE TO INTERNATIONAL USERS
DATA8 is based in Malaysia and the information we collect is governed by Malaysian law. By providing us with your Personal Data and using our Services, you acknowledge that your Personal Data will be transferred to and processed in Malaysia
THIRD PARTY LINKS
HOW TO CONTACT US