Privacy Policy and Notice

This Privacy Notice is issued pursuant to the Personal Data Protection Act 2010 (PDPA) of Malaysia. It explains how MEDeLIFE collects, processes, and protects your Personal Data and Sensitive Personal Data. By registering an account and explicitly opting in via our mobile application or website, you consent to the processing of your data for the primary purpose of facilitating medical appointments, managing electronic medical records, and delivering healthcare services.

• Patients: Name, NRIC/Passport number, physical address, date of birth, emergency contact information, and Sensitive Personal Data including medical records, test reports, and prescriptions.
• Medical Practitioners: Name, Malaysian Medical Council (MMC) registration number, clinic affiliations, and professional schedules.
• Automated System Data: IP addresses, device identifiers, and cookies for session management.

• Data Hosting: Your data is securely hosted on our database infrastructure provided by Hostinger.
• AI Processing: To assist medical practitioners in reviewing complex files, we utilize the Gemini API to generate document summaries. All data sent to this API undergoes a strict anonymization protocol; your Name, NRIC, date of birth, and contact information are completely stripped before processing.

Clinic management and front-desk personnel will only have access to administrative data. Clinical information is strictly separated and accessible only by your authorized medical practitioner. We do not sell or share your data with marketing partners. We will only disclose personal information if ordered by a court or to satisfy a specific statutory requirement.

If a patient requests account deletion, the profile will be deactivated. To protect the integrity of medical audit logs, historical medical data will be archived in a read-only format for a mandatory statutory period of up to 7 years. Archived records of deceased patients remain encrypted and will only be disclosed to a verified legal executor or next-of-kin.

You have the right to request access to your health records, request corrections to administrative data, and withdraw your consent for future data processing.

Contact our Data Protection Officer: privacy@medelife.com