MEDeTOURISM Pty Ltd (hereinafter referred to as “MEDeTOURISM”, “we”, “us” or “our”) operates a platform that helps people form offline experiences and relationships directly with one another, where they can book healthcare and medical treatment services (“Healthcare Services”) with hospitals and clinics and other healthcare providers (“Healthcare Providers”) around the world through our website (“Platform”).
“Affiliates” means companies related by common ownership or control. They can be financial and non-financial companies.
“Aggregated Information” means information about all of our users or specific groups or categories of users that we combine together so that it no longer identifies or references an individual user.
“Data Controller” means MEDeTOURISM, the company responsible for the use and processing of Personal Information.
“Third Parties” means companies or persons not related by common ownership or control (i.e. non-affiliates) or other unrelated individuals. Third Parties can be financial and non-financial companies, or persons other than you and MEDeTOURISM.
“Personal Information” means information (which may include sensitive information) relating to a living individual who is or can be identified either from that information or from that information in conjunction with other information that is in, or is likely to come into, the possession of the Data Controller.
3. WHAT TYPES OF INFORMATION DOES MEDETOURISM GATHER ABOUT ITS USERS?
A. Information that you give us
We receive, store and process information, including Personal Information, that you make available to us when accessing or using our Platform and Services.
Examples include when you:
- fill in any form on the Platform, such as when you register or update the details of your user account, or when you supply ID and other verification information;
- access or use the Platform, such as to search for Healthcare Services, make or accept bookings, pay for Healthcare Services, book or pay for any associated services that may be available (such as but not limited to flights and hotel bookings), post comments or reviews, or communicate with Healthcare Providers;
- link your account on a Third-Party site (e.g. Facebook) to your MEDeTOURISM Account, in which case we will obtain the Personal Information that you have provided to the Third-Party site, to the extent allowed by your settings with the Third-Party site and authorized by you;
- communicate with MEDeTOURISM; and
- share information with a Healthcare Provider.
B. Information we get from your use of our Platform
We also receive, store and process information, possibly including Personal Information, when you access or use our Platform and Services, including but not limited to:
- Mobile Data
When you use certain features of the Platform, in particular our mobile applications we may receive, store and process different types of information about your location, including general information (e.g. IP address, zip code) and more specific information (e.g. GPS-based functionality on mobile devices used to access the Platform or specific features of the platform). If you access the Platform through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this. See your device manufacturer’s instructions for further details.
- Log Data
We may also receive, store and process Log Data, which is information that is automatically recorded by our servers whenever you access or use the Platform, regardless of whether you are registered with MEDeTOURISM or logged in to your MEDeTOURISM Account, such as your IP Address, the date and time you access or use the Platform, the hardware and software you are using, referring and exit pages and URLs, the number of clicks, device event information, pages viewed and the order of those pages, and the amount of time spent on particular pages.
- Cookies and other Tracking Technologies
While you may disable the usage of cookies through your browser settings, we do not change our practices in response to a “Do Not Track” signal in the HTTP header from your browser or mobile application. We track your activities if you click on advertisements for MEDeTOURISM services on Third-Party platforms such as search engines and social networks, and may use analytics to track what you do in response to those advertisements.
- Third-Party social plugins
Our Platform may use social plugins which are provided and operated by Third-Parties, such as Facebook’s Like Button.
As a result of this, you may send to the Third-Party the information that you are viewing on a certain part of our Platform. If you are not logged into your account with the Third-Party, then the Third Party may not know your identity. If you are logged into your account with the Third Party, then the Third Party may be able to link information about your visit to our Platform to your account with them. Similarly, your interactions with the social plugin may be recorded by the Third Party.
4. HOW MEDETOURISM USES AND PROCESSES THE INFORMATION THAT YOU PROVIDE OR MAKE AVAILABLE
A. We use, store and process information about you for the following general purposes:
- to enable you to access and use the Platform;
- to enable you to communicate with Healthcare Providers, including but not limited to by sending them messages or other information during the Booking process or otherwise through your Patient Dashboard;
- to operate, protect, improve and optimize the Platform, MEDeTOURISM’s business, and our users’ experience, such as to perform analytics, conduct research, personalize or otherwise customize your experience, and to provide customer service;
- to help create and maintain a trusted and safer environment on the Platform and Services, such as detection and prevention of actual and potential fraud and other harmful activity, conducting investigations and risk assessments, enforcing our Terms and policies, verifying the address of your listings, verifying any identifications provided by you (including by comparing the photo on that identification to another photo you provide to us), and conducting checks against databases and information sources (such as but not limited to public government databases) for fraud detection and prevention, risk assessment and harm prevention purposes. In this regard, we may do any or all of the foregoing with or without further notifying you;
- to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
- to send you marketing, advertising, and promotional messages and other information that may be of interest to you, including information about MEDeTOURISM, our services, or general promotions for partner campaigns and services. You can unsubscribe or opt-out from receiving these communications by contacting us directly at firstname.lastname@example.org;
- to administer referral programs, rewards, surveys, sweepstakes, contests, or other promotional activities or events sponsored or managed by MEDeTOURISM or our Third Party business partners; and
- to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with Third Parties.
B. How MEDeTOURISM Uses and Processes User Communications
We may, either directly or through Third-Parties we engage to provide services to us, review, scan, or analyze your communications with Healthcare Providers via the Platform for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research and customer support purposes. For example, as part of our fraud prevention efforts, the Platform may scan and analyze messages to mask contact information and references to other websites. This helps to prevent fraudulent actors from asking Guests to send them money outside of the Platform, such as by bank transfer or other money transfer methods. We may also scan, review or analyze messages for research and product development purposes to help make search, booking and user communications more efficient and effective, as well as to debug, improve and expand product offerings. We will not review, scan, or analyze your communications for sending Third-Party marketing messages to you. We will also not sell these reviews or analyses of communications to Third Parties. We will also use automated methods to carry out these reviews or analyses where reasonably possible. However, from time to time we may have to manually review some communications. By using the Platform, you consent that MEDeTOURISM, in its sole discretion, may, either directly or through Third-Parties we engage to provide services to us, review, scan, analyze, and store your communications, whether done manually or through automated means.
5. WHEN MEDETOURISM DISCLOSES OR SHARES YOUR PERSONAL INFORMATION, AND TO WHOM
IMPORTANT: When you use the Platform, your data may be sent to the Holland and possibly other countries.
We may transfer, store, use and process your information, including any Personal Information, to countries outside of your location, and the European Economic Area (“EEA”) including the United States. Please note that laws vary from jurisdiction to jurisdiction, and so the privacy laws applicable to the places where your information is transferred to or stored, used or processed in, may be different from the privacy laws applicable to the place where you are resident.
If you are located in the EEA or in Switzerland, please also see our Safe Harbor Notice.
Your Personal Information may be disclosed as follows:
A. Parts of your patient profile that contains some Personal Information may be displayed in other parts of the Platform to Healthcare Providers to help provide more accurate quotes or otherwise assist with the Booking process.
B. When you submit a request for a quote for Healthcare Services, your full name, and other Personal Information you agree to pass through to the Healthcare Providers will become visible to the Healthcare Provider of any Healthcare Service you Book or request to Book. In addition, if you have paid greater than 10% of your total booking fee, your phone number and email address will become visible to the Healthcare Provider, who may call you or email you directly.
C. When your request to book a Healthcare Service is accepted by the Healthcare Provider, we will disclose some of your Personal Information to the Healthcare Provider. However, your billing and payout information will never be shared with any other user.
D. When you have finalised your Healthcare Service at a Healthcare Provider’s venue, we may ask you to review the Healthcare Service and other aspects of your experience. If you choose to provide a review, your review may be public on the Platform. Likewise, another Member’s review of you as a Guest or Host may be public on the Platform.
E. We may distribute parts of the Platform (including your Listing) for display on sites operated by MEDeTOURISM’s business partners and affiliates, using technologies such as HTML widgets. If and when your Listings are displayed on a partner’s site, information from your public profile page may also be displayed.
F. We may also engage Third Parties, who may be located outside of the EEA, to provide services to us, including but not limited to technology services and services to help verify your identification, to help match the photo on your ID to other photos of yourself you send to us, to conduct checks against databases such as but not limited to public government databases (where legally allowed), to otherwise assist us with fraud prevention and risk assessment, to assist us with customer service, to serve targeted ads, and to facilitate the payments or reimbursements you request (such as Concur and American Express). We may provide Personal Information about you to these Third Parties, or give them access to this Personal Information, for the limited purpose of allowing them to provide these services. For example, if we hire Third Parties, where permitted by applicable law, to conduct checks against databases such as but not limited to public government databases, we may provide your Personal Information, such as your full name and date of birth, to the Third Parties for the limited purpose of allowing them to conduct such checks, including background or registered sex offender checks, on our behalf. We will ensure that such Third Parties have contractual obligations to protect this Personal Information and to not use it for unrelated purposes.
G. You acknowledge, consent and agree that MEDeTOURISM may access, preserve and disclose your account information and Collective Content if required to do so by law or in a good faith belief that such access, preservation or disclosure is reasonably necessary (a) to respond to claims asserted against MEDeTOURISM; (b) to comply with legal process (for example, subpoenas and warrants); (c) to enforce and administer our agreements with Healthcare Providers; (d) for fraud prevention, risk assessment, investigation, customer support, product development and de-bugging purposes; or (e) to protect the rights, property or personal safety of MEDeTOURISM, its users or members of the public.
We will use commercially reasonable efforts to notify users about law enforcement requests for their data unless:
- providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law; or
- we believe that providing notice would (a) be futile, (b) be ineffective, or (c) would create a risk of injury or bodily harm to an individual or group, or (d) create or increase a risk of fraud upon MEDeTOURISM’s property, its Members, the Platform, Application, or Services (collectively, “Risk Scenarios”).
In instances where MEDeTOURISM complies with legal requests for user data without notice to the user for the reasons described above, MEDeTOURISM will use commercially reasonable efforts to notify that user about the request after the fact if we determine in good faith that we are no longer legally prohibited from doing so and that no Risk Scenarios apply.
H. We may also publish, disclose and use Aggregated Information and non-personal information for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
6. STATE PRIVACY LAWS
For California & Vermont residents: MEDeTOURISM Payments will not share information it collects about you with Affiliates or Third Parties, except as required or permitted by your state’s law.
7. HOW TO ACCESS, CHANGE OR DELETE YOUR INFORMATION, OR CANCEL YOUR MEDETOURISM ACCOUNT
You may review, update, correct or delete the Personal Information in your MEDeTOURISM Account. If you would like to correct your information or cancel your MEDeTOURISM Account entirely, you can do so by logging in to your MEDeTOURISM Account or sending us an email at email@example.com. Please also note that any reviews, and similar materials posted by you may continue to be publicly available on the Platform in association with your first name, even after your MEDeTOURISM Account is cancelled.
8. SECURING YOUR PERSONAL INFORMATION
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your Personal Information against unauthorized access, destruction or alteration. However, no method of transmission over the Internet, and no method of storing electronic information, can be 100% secure. So, we cannot guarantee the security of your transmissions to us and of your Personal Information that we store.
9. YOUR PRIVACY WHEN YOU ACCESS THIRD-PARTY WEBSITES AND RESOURCES
MEDeTOURISM uses “cookies” in conjunction with the Platform to obtain information. A cookie is a small data file that is transferred to your device (e.g. your phone or your computer) for record-keeping purposes. For example, a cookie could allow the Platform to recognize your browser, while another could store your preferences and other information.
Your browser may allow you to set how it handles cookies, such as declining all cookies or prompting you to decide whether to accept each cookie. But please note that some parts of the Platform may not work as intended or may not work at all without cookies.
A. MEDeTOURISM cookies and Third Party cookies
We may also allow our business partners to place cookies on your device. For example, we use Google Analytics for web analytics, and so Google may also set cookies on your device. As further explained below, Third Parties may also place cookies on your device for advertising purposes.
There are two types of cookies used on the Platform, namely “persistent cookies” and “session cookies”.
Session cookies will normally expire when you close your browser, while persistent cookies will remain on your device after you close your browser, and can be used again the next time you access the Platform.
B. Other technologies
The Platform may also use other technologies with similar functionality to cookies, such as web beacons and tracking URLs to obtain Log Data about users. We may also use web beacons and tracking URLs in our messages to you to determine whether you have opened a certain message or accessed a certain link.
C. Uses for MEDeTOURISM cookies
- to enable, facilitate and streamline the functioning of the Platform across different webpages, devices and browser sessions.
- to simplify your access to and use of the Platform and make it more seamless.
- to monitor and analyze the performance, operation and effectiveness of the Platform, so that we can improve and optimize it.
- to show you content (which may include advertisements) that is more relevant to you.
- for fraud detection and prevention.
D. Uses for Third-Party cookies
In addition, Facebook places a cookie via the Platform that allows Facebook to obtain aggregated, non-Personal Information to optimize their services.
E. Disabling Cookies
Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser’s toolbar. If you choose to decline cookies, please note that you may not be able to sign in, customize, or use some of the interactive features of the Platform. Flash cookies operate differently than browser cookies, and cookie management tools available in a web browser will not remove flash cookies. To learn more about how to manage flash cookies, you can visit the Adobe website and make changes at the Global Privacy Settings Panel.