As of 27 June 2019
We are excited and thankful that you are entrusting us with your personal data. Healthpass would not be able to exist without your trust!
At Healthpass, we fully recognize that you will only use our app and entrust us with your personal data if we treat it to the highest confidentiality standards. Quite like a bank where you would only deposit your money if you trust the bank.
For double protection, we comply with all Pakistani privacy laws and regulations, and additionally we follow the General Data Protection Regulation of the European Union, widely regarded as one of the strictest in the world.
The below gives you more details on how we go about it.
Personal data means any information relating to an identified or identifiable natural person ('data subject'), e.g. your name, your phone number etc.
Data that does not allow us or anyone else to identify you is not considered Personal Data. E.g. if your phone number is anonymized then it is not personal data any more, for example: “051-3456xxxxxx”.
Data Controller is a legal term for the company that controls what happens with your personal data. Since Healthpass is a brand of Medicount Private Limited, we at Medicount Healthcare Private are the Data Controller.
Although we are the Data Controller, you remain the key decision maker when it comes to your own personal data. With Healthpass, you always stay in control of what happens to your data. For example, you decide how much data you want to share with us. You can also withdraw your data again. Section 9 below tells you more about your rights.
Please note that in the course of using the Platform, you may also utilize the services of other Data Controllers. For example, when you pay for a Telehealth consultation, you may be using the payment facility of an electronic wallet provider or of a credit card company. They would then know that you have paid for our Telehealth service. Please bear in mind that such Data Controllers have different terms of service and privacy statements.
While using the Healthpass Platform, we may collect and process several categories of personal data from you. Some of that data is classified as “sensitive”. So please study the following list carefully before giving your explicit consent:
Please note that whenever you share or authorize us to collect personal data of other persons, like your spouse and children, you confirm that you are fully authorized to do so on their behalf.
We collect your personal data mostly through the Healthpass Platform. We may also collect personal data if you make phone calls to Healthpass, e.g. to our customer service or telehealth service, or if you send us email, social media messages (Facebook, Whatsapp etc.) or letters. Please note that calls may be recorded for analytics and quality assurance.
Lastly, we may collect personal data on your behalf from our Healthpass network providers for your convenient storage on the app, e.g. lab test reports. Please note that such “concierge” collection and upload service has to be expressly approved by you on the Platform. Acceptance of this Privacy Notice and the overarching Terms of Service for Users is not enough.
We use your personal data for the following purposes
If any third party holds your contact information first in the course of using our Platform (e.g. your telecommunication provider or your medical provider), you authorize us to procure your contact information from such third party in order to fulfil the above purposes.
We will not utilize your personal data for any purpose not known and disclosed to you.
We will not share your personal data to third parties outside the Medicount Group for advertising purposes.
The staff of the Medicount Group will be granted access to your personal data on a strict needto-know basis. That is done to allow you to use and benefit from the Platform. For example, telehealth doctors would have access to your relevant medical records on file to be able to address your health concerns. A clerical staff in our accounting department would not get such access
For the storage and processing of your personal data, we may rely on the data processing services of contracted companies, so called “data processors”. This is similar to a torch (Healthpass Platform) that needs batteries from a third-party battery factory (data processors) to work properly. We ensure that our data processors are bound by this privacy notice, including giving data access to their staff on a strict need-to-know basis only.
In addition, we employ security systems such as password encryption that meet or exceed industry standards to protect your data from unlawful access, hacks and misappropriation. However, sadly, no method of transmission of data over the internet, or method of electronic storage can be guaranteed to be 100% secure.
Lastly, if required by law enforcement agencies or any regulator to share personal data, we will first check the legality of such request, and if this is proven to be the case, we will share your personal data with such public authorities
Your personal data may be stored and processed within Pakistan and outside Pakistan, e.g. in the European Union, depending on where the best suited data storage processing facilities exist.
You are the key decision maker on how we handle your personal data. At any point in time you have the following rights in respect of your personal data:
Please note that exercising your above rights is free of charge, but it may temporarily or permanently render the Healthpass Platform unusable for you.
For exercising any of the above rights please contact us at the contacts given in below “contact” section.
In each case, we will try to contact you within 72 hours, utilizing your latest given contact details, to arrange the next steps, e.g. correction of data, erasure of data, export of data etc.
We will keep your personal data for as long as permitted under Pakistani law. If you withdraw your consent, or request an erasure of your personal data, we will retain your data for a further four weeks to allow us for a proper winding down of your relationship with us. After those four weeks we will completely delete your personal data from our records.
However, in a few cases we may need to keep your data for longer:
For any query regarding your personal data, or for any execution of your above rights, you can contact our Customer Service at:
+92-800-75757 (toll free)
Healthpass (Medicount Pvt. Ltd.)
attn. Operations Department / Data Privacy
M-13, F-7 Markaz
We will update the privacy notice from time to time as required. Any updates of our privacy notice will be reflected on our website www.healthpass.pk. Printed versions may be outdated. We therefore recommend that you check back into our online privacy notice from time to time. Your continued use of Healthpass following any such modification constitutes your agreement to the privacy notice so modified.