Personal Data Protection Notice

PERSONAL DATA PROTECTION NOTICE

Welcome to Raffles Connect! This notice aims to ensure that you, our customer, are informed of how we may collect, use, disclose, or otherwise process your personal data in accordance with the Personal Data Protection Act (“PDPA”).  

This Notice applies to personal data in our possession or under our control, including personal data in the possession of organisations in which we have engaged to collect, use, disclose, or process personal data for our purposes.  

1. Definitions  

As used in this Notice:

“Customer” means an individual who (a) has contacted us through any means to find out more about any goods and services we provide, or (b) has entered into a contract with us for the supply of any products or services by us.  

“Personal Data” means data, whether true or not, about a customer who can be identified: (a) from the data; or (b) from that data and other information to which we have or are likely to have access.

“Authorised Agent” means a third party who has been duly authorised by you to disclose your personal data to us.

2. Collection and Purpose of Personal Data

We only collect your personal data under the following circumstances:  

a)    You voluntarily provide it directly to us with prior knowledge of its purpose.

b)    Your “Authorised Agent” provides it to us with prior knowledge of its purpose.

c)     PDPA or other laws require or permit the collection and use of personal data without prior consent for use in accordance with the provisions of those laws.

We may collect and use your personal data for any or all of the following purposes:

a)    performing obligations in the course of or in connection with our provision of the goods and/or services requested by you.

b)    responding to, handling, and processing queries, requests, applications, complaints, and feedback from you.

c)     managing your relationship with us.

d)    complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority.

3. Types of Data Collected  

Depending on the nature of your interaction with us, we may collect personal data such as your name, address, contact details, and health and fitness information. Rest assured, we are committed to protecting your privacy and security.

Location:  

We understand that your privacy is important to you, so we only access your device's location to suggest nearby clinics and service providers and show region-specific content. You have the option to disable location tracking at any time.

Camera and Microphone:

To ensure that we give you the best possible service during our teleconsultations, we kindly request that you grant us access to your device's camera and microphone. This is to aid in medical diagnoses. In addition, if you upload images to the app using your camera, we may need access to it for that purpose. We respect your privacy and will never access your device's camera or microphone for any other reason.

Storage:

We value your privacy and are committed to keeping your medical information safe and secure. As users of the app, you may upload, download, or save your medical records or images to our platform for your records. We may request access to your device’s storage to access them. There is also an option to upload images from your device instead of taking a picture from within the platform itself. This permission gives us the ability to access only those images, and we do not access any other data saved on your device.

Notifications:

We encourage users to turn on notifications on their devices to be notified of updates, important information, and time-sensitive events from Raffles Connect. You can disable notifications at your discretion.

4. Disclosure of Personal Data

We may disclose your personal data:

a)    where such disclosure is required for performing our obligations in the course of or in connection with our provision of the goods and services requested by you or

b)    to third-party service providers, agents, and other organisations, such as healthcare providers, we have engaged to perform any of the functions with reference to the above-mentioned purposes.

5. How does the ‘Legitimate Interests Exception’ affect you?

Under the ‘Legitimate Interests Exception’, the Personal Data Protection Act (PDPA) allows organisations to collect, use, and disclose personal data without consent.  

We completely understand that your privacy is of utmost importance to you. Hence, it is important to note that we always consider the ‘Legitimate Interests Exception’ with great care, ensuring that the benefits of using your data outweigh any potential negative impact on you.

In line with this exception, we may use your info for:

a)    fraud detection and prevention

b)    detection and prevention of misuse of services

6. Protecting Your Personal Data  

We take your data security seriously. To ensure that your information is kept safe from unauthorised access and other risks, we've implemented a range of measures:

  • We collect as little personal data as possible.
  • We use strong authentication and access controls.
  • We anonymise data when possible.

We always ensure that our security measures comply with relevant government regulations.

7. Ensuring the Accuracy of Your Personal Data

We usually depend on the personal information you give us (or someone you've authorised) for accuracy.

Personal data retrieved via SingPass/MyInfo verification cannot be edited or deleted on our platform. Updates to personal details, in this case, must come via SingPass/MyInfo.

8. Retention of Personal Data

We understand that your personal data is sensitive and important to you. That's why we keep it secure and private.

Please know that we retain Personal Data collected until your account is terminated or for seven (7) years after you last logged in to your account (whichever is longer) for auditing purposes.

This is to ensure that we are able to maintain the highest level of security and accuracy in our records. We value your trust in us and will always prioritise your data privacy and protection.

9. Deletion of Account

We completely understand that you may choose to withdraw your consent to let us use your personal data or delete your account at any time. We value your privacy and respect your decision.

If you wish to do so, please email us at support@carehealth.io, and we'll take care of it as soon as possible.

Our team will do their best to handle your request within five (5) business days.

10. Public Information

We understand your concerns about sharing your information on our platforms.

We would like to inform you that anything you share on public pages of our platforms, like reviews or comments, can be seen by anyone. Your account information and username might also be visible to others when you post messages.

We want you to keep in mind that what you share in public areas is not considered private information, and hence, it is not protected by the PDPA nor subject to this Notice.

11. Cookies

Our website uses "cookies" to make your online experience more personalised. Cookies can't run programs or give your computer viruses. We might also use cookies to gather information, such as how many people visit our site or what pages they check out.

You can choose whether to accept or decline cookies by adjusting your web browser's settings.

12. Children under Eighteen (18)  

Our platforms are designed for customers who are eighteen (18) and older. We'll never knowingly collect personal info from anyone under eighteen (18). If you're under eighteen (18), we kindly request that you seek permission from a parent or caregiver before visiting our platform.

13. Transfer of Your Personal Data  

If we merge with or get acquired by another company, your Personal Data may be among the assets transferred. We’ll notify you about any changes in ownership or control of your data through email or other means that are deemed fit.

14. Data Protection Officer  

We value your feedback on how we handle your data and our compliance with the PDPA. If you have any enquiries or feedback on our personal data protection policies and procedures, please contact our Data Protection Officer at support@carehealth.io.  

To process your request, please ensure you state your:

  • Full name
  • Contact number
  • Email address
  • Details of the nature of your complaint and/or query

You will then be contacted within five (5) business days by the Data Protection Officer. Please note that you may be charged an administrative fee depending on the nature of your request.

15. Effect of Notice and Changes to Notice

We understand the importance of your personal data and strive to ensure its protection. This Notice complements any other notices, contractual clauses, and consent clauses that apply in relation to the collection, use, and disclosure of your personal data by us.

We may update this Notice from time to time without prior notice. You can check the date on which this Notice was last updated to determine if any revisions have been made.

We value your continued trust in our services and assure you that any changes made will be in your best interest. Your continued use of our services indicates your acknowledgement and acceptance of such changes.

16. Visiting Other Platforms from Our Links

We encourage you to review the Personal Data Protection Notices/Statements of the platforms you choose to link to from Raffles Connect. If you have any doubts or concerns regarding the security of the information you are providing on another platform, we recommend that you reach out to them for further clarification and assistance.

Raffles Connect is an integrated healthcare digital platform providing medical convenience at your fingertips. It is developed and managed by Doctor World Pte Ltd.

Effective date: 06/03/2024

Last updated: 06/03/2024