1. Introduction

Welcome to Triage's Privacy and Cookies Policy. We are committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, store, and protect your data, as well as how we use cookies on our website and app. By subscribing to our services, you consent to the collection, use, and processing of your personal information (as set out in Clause 2 below) in accordance with our Privacy and Cookies Policy.

2. Information We Collect

We may collect the following types of personal information (collectively as “Personal Information”):

• Personal Details: Name, email address, phone number, and other contact information.

• Account Information: Usernames, passwords, and payment details.

• Health Information: Medical history, symptoms, other health-related data and treatment suggestions/advice provided by you or Triage’s healthcare professionals (as the case may be) before, during or after each consultation.

• Usage Data: Information about how you use our services, including browsing patterns and interactions with our platform.

3. How We Use Your Information

We may share your Personal Information with:

• Service Delivery: To provide, maintain, and improve our services.

• Communication: To send you appointment reminders, updates, and other relevant information.

• Payment Processing: To process payments securely and manage escrow transactions.

• Legal Compliance: To comply with legal obligations and protect our rights and interests.

4. Data Sharing and Disclosure

We may share your Personal Information with:

• Triage’s Healthcare Professionals: To facilitate consultations and provide care.

• Payment Processors: To process transactions securely.

• Third-Party Service Providers: To assist us in delivering our services, such as hosting and analytics providers.

• Legal Authorities: When required by law or to protect our rights and interests.

5. Data Security

We take appropriate measures to protect your Personal Information from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.

5.1 Medical Records and Health Information Protection

a. Medical Record Retention

i. We retain your medical records in accordance with the legal requirements and best practices in Hong Kong. Medical records are retained for a minimum period of 7 years from the date of last entry or longer if required by applicable law.

ii. For patients who are minors, records are retained until they reach the age of 18 or for 7 years from the date of last entry, whichever is longer.

b. Health Information Protection

i. We implement specific protection measures for health information in compliance with relevant healthcare privacy laws and regulations, including but not limited to the Personal Data (Privacy) Ordinance (Cap. 486).

ii. Access to health information is strictly limited to authorized personnel (including Triage’s healthcare professionals appointed by clients) on a need-to-know basis.

iii. All transfers of health information are encrypted and protected according to industry-standard security protocols.

iv. We conduct regular security assessments and updates to ensure protection against evolving cyber threats.

c. Cross-Border Data Transfers

i. If your health information needs to be transferred outside of Hong Kong for any reason, we will ensure that the recipient provides an adequate level of protection in accordance with local data protection requirements.

ii. We will seek your explicit consent before transferring your health information across borders, except where such transfer is necessary for your treatment or required by law.

6. Data Breach Notification

6.1 In the event of a data breach involving your health information, we will notify you without undue delay, typically within 72 hours of becoming aware of the breach.

6.2 The notification will include the nature of the breach, likely consequences, measures taken or proposed to address the breach, and contact information for further information.

7. Authorized Representatives

7.1 You may designate an authorized representative to access your health information on your behalf by providing written authorization to us.

7.2 Parents or legal guardians are automatically considered authorized representatives for minors under the age of 18, except where limited by law.

8. Cookies Policy

What Are Cookies?

Cookies are small text files that are stored on your device when you visit our website or use our app. They help us improve your experience by remembering your preferences and tracking how you use our services.

Types of Cookies We Use:

• Essential Cookies: Necessary for the operation of our website and app.

• Analytics Cookies: Used to analyze how users interact with our services.

• Functionality Cookies: Enable us to remember your preferences and personalize your experience.

• Advertising Cookies: Used to deliver targeted advertisements and track their effectiveness.

Managing Cookies:

You can manage your cookie preferences through your browser settings. However, disabling cookies may affect the functionality of our services.

9. Your Rights

• Access: Request access to the Personal Information we hold about you.

• Correction: Request correction of any inaccurate Personal Information.

• Deletion: Request deletion of your Personal Information.

• Objection: Object to the processing of your Personal Information.

• Portability: Request a copy of your Personal Information in a commonly used format.

10. Changes to This Policy

We may update this Privacy and Cookies Policy from time to time. Any changes will be posted on this page, and we will notify you via email or through our platform.

11. Contact Us

If you have any questions or concerns about our Privacy and Cookies Policy, info@triage-health.io please contact us at info@triage-health.io. In the event of any inconsistency or discrepancy between the English and Chinese versions of this Privacy and Cookies Policy, the English version shall prevail.