Parkway Pantai is one of Asia’s largest integrated private healthcare groups, encompassing Pantai Hospitals and Gleneagles Hospitals across Malaysia.
Please check back regularly for updated information on the handling of your Personal Data.
- Personal Data
(a) from that data; or
(b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
1.2 Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address, personal health information and any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.
- Collection of Personal Data
2.1 Generally, we collect Personal Data in the following ways:
(a) when you submit any form, including but not limited to customer inquiry forms or other forms relating to any of our services;
(b) when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
(c) when you interact with our staff, including customer service officers, for example, via telephone calls (which may be recorded), letters, fax, face-to-face meetings, text messages, social media platforms and emails;
(d) when you interact with us via our websites or use services on our websites;
(e)when you request that we contact you or request that you be included in an email or other mailing list;
(f) when you respond to our promotions, initiatives or to any request for additional Personal Data;
(g) when you submit an employment application or when you provide documents or information including your resume and/or CVs in connection with any appointment as an officer, director, representative or any other position;
(h) when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend our events;
(i) when you are contacted by, and respond to, our marketing representatives and customer service officers;
(j) when we seek information about you and receive your Personal Data in connection with your relationship with us, including for our products and services or job applications, for example, from business partners, public agencies, your ex-employer, referral intermediaries and the relevant authorities; and/or
(k) when you submit your Personal Data to us for any other reasons.
2.2 When you browse our website, you generally do so anonymously but please see paragraph 6 below for information on cookies and other technologies which we have implemented on our website. We do not, at our website, automatically collect Personal Data unless you provide such information to us.
2.3 If you provide us with any Personal Data relating to a third party (e.g. information of your spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.
2.4 You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested, or delays in providing you with products and services you have requested, or processing your applications.
2.5 We will never knowingly collect or solicit Personal Information from individuals under the age of eighteen (18) without first obtaining verifiable parental consent. If you are under the age of 18 you should not provide information to us. If we become aware that a person under 18 has provided Personal Information to us without verifiable parental consent (as may be the case where the information is provided via our website), we will remove such Personal Information from our files.
- Purposes for the Collection, Use and Disclosure of Your Personal Data
3.1 Generally, Parkway Pantai Group collects, uses and discloses your Personal Data for the following purposes:
(a) responding to, processing and handling your queries, feedback, complaints and requests;
(b) verifying your identity;
(c) managing and planning the administrative and business operations of Parkway Pantai Group and complying with internal policies and procedures;
(d) facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales);
(e) requesting feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to design our services, understand customer behaviour, preferences and market trends, and to review, develop and improve the quality of our products and services;
(f) matching any Personal Data held which relates to you for any of the purposes listed herein;
(g) preventing, detecting and investigating crime and analysing and managing commercial risks;
(h) managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
(i) monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
(j) in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
(k) conducting any form of investigations including but not related to those relating to disputes, billing, fraud, offences, prosecutions etc;
(l) meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on Parkway Pantai Group (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and/or
(m) purposes which are reasonably related to the aforesaid.
(n) marketing promotions of our facilities, services, doctors, packages, promotion, etc
3.2 In addition, Parkway Pantai Group collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:
(a) If you are a prospective, current or former patient or customer of Parkway Pantai Group:
(i) providing customer service and support (including but not limited to customer relationship management, processing your admissions, processing and settlement of bills, facilitating, arranging and providing reminders of your appointments, medical examinations, screenings or checkups, applying for visas on your behalf, contacting you regarding medical reports and results, providing follow-up calls, providing you with administrative support, and administering insurance coverage and processing insurance claims);
(ii) administering and processing your requests including creating and maintaining profiles of our customers in our system database for administrative purposes (including tracking your attendance at various Parkway Pantai Group facilities);
(iii) personalising your experience at Parkway Pantai Group’s touchpoints and conducting market research, understanding and analysing customer behaviour, location, preferences and demographics in order to improve our service offerings;
(iv) administering medical care (including keeping patient case and procedure records, providing medication, ordering medical tests, reports and biological samples, and facilitating internetbased tele-consultations and correspondence with doctors);
(v) liaising with third party specialist doctors, clinics, hospitals and/or medical institutions in relation to your medical care (including by providing them with access to your medical records);
(vi) if you use our mobile applications, including WhatsApp and SMS or online registration, including email and payments systems, displaying your medical data, sending you healthrelated notifications, and facilitating the provision of our services to you;
(vii) administering debt recovery and debt management; and/or
(viii) purposes which are reasonably related to the aforesaid.
(b) If you are a nominated caregiver or next-of-kin of a patient or customer of Parkway Pantai Group:
(i) informing you of the patient’s medical status and whereabouts; and/or
(ii) purposes which are reasonably related to the aforesaid.
(c) If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by Parkway Pantai Group:
(i) assessing your organisation’s suitability as an external service provider or vendor for Parkway Pantai Group;
(ii) managing project tenders and quotations, processing orders or managing the supply of goods and services;
(iii) creating and maintaining profiles of our service providers and vendors in our system database;
(iv) processing and payment of vendor invoices and bills;
(v) facilities management (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
(vi) purposes which are reasonably related
(viii) conducting analytics and research for human resource planning and management, and for us to review, develop, optimise and improve work-related practices, environment and productivity;
(ix) ensuring that the administrative and business operations of Parkway Pantai Group function in a secure, efficient and effective manner (including but not limited to examining or monitoring any computer software and/or hardware installed within Parkway Pantai Group, your work
emails and personal digital and storage devices);
(x) compliance with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities (including but not limited to disclosures to regulatory bodies, conducting audit checks or surveillance and investigation);
(xi) administering cessation processes; and/or
(xii) any other purposes relating to any of the above.
(d) If you are a specialist doctor at Parkway Pantai Group:
(i) facilitating professional accreditation and complying with compliance audits;
(ii) facilitating disbursements of fees collected on your behalf;
(iii) managing and providing you with tools, services and/or facilities to enable or facilitate the performance of your duties;
(iv) planning and organising events for specialists;
(v) creating and maintaining profiles of our accredited doctors in our system database;
(vi) facilities management (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
(vii) any other purposes relating to any of the above.
3.3 Furthermore, where permitted under the Act, Parkway Pantai Group may also collect, use and disclose your
Personal Data for the following “Additional Purposes”:
(a) taking or filming photographs and videos for corporate publicity or marketing purposes, and featuring your photographs and/or testimonials in our articles and publicity materials;
(b) providing or marketing services and benefits to you, including promotions, service upgrades, loyalty, reward and/or membership programmes;
(c) organising roadshows, tours, campaigns (including health talks, health check or vaccination campaigns) and promotional or events and administering contests and competitions;
(d) matching Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the provision or offering of services;
(e) sending you details of services, clinic updates, health-related information and rewards, either to our customers generally, or which we have identified may be of interest to you;
(f) conducting market research, aggregating and analysing customer profiles and data to determine health-related patterns and trends, understanding and analysing customer behaviour, location, preferences and demographics for us to offer you other products and services as well as special offers and marketing programmes which may be relevant to your preferences and profile; and/or
(g) purposes which are reasonably related to the aforesaid.
3.4 If you have provided us with your telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your telephone number(s), then from time to time, Parkway Pantai Group may contact you using such telephone number(s) (including via voice calls, text, social media application, fax or other means) with information about our products and services.
3.5 In relation to particular services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
3.6 You have a choice to withdraw your consent for receiving marketing or promotional materials/communication. You may contact us using the contact details found below.
3.7 Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials/communication, it may take up to 21 calendar days for your withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials/communication during this period of time.
3.8 Please note that even if you withdraw your consent for the receipt of marketing or promotional materials, we may still contact you for other purposes in relation to the services that you have requested or purchased from Parkway Pantai Group.
4. Disclosure of Personal Data
4.1 Parkway Pantai Group will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Malaysia:
(a) amongst the Parkway Pantai Group members and affiliates (including their staff and medical practitioners);
(b) third party doctors, clinics, hospitals and/or medical institutions;
(c) companies providing services relating to insurance to Parkway Pantai Group;
(d) agents, contractors, sub-contractors or third party service providers who provide operational services to Parkway Pantai Group, such as courier services, telecommunications, information technology, payment, printing, billing, debt recovery, processing, technical services, transportation, training, market research, call centre, security, or other services to Parkway Pantai Group;
(e) vendors or third party service providers and our marketing and business partners in connection with marketing promotions, products and services;
(f) our corporate clients;
(g) any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale);
(h) external banks, credit card companies, other financial institutions and their respective service providers;
(i) our professional advisers such as consultants, auditors and lawyers;
(j) relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority (including the Ministry of Health); and/or
(k) any other party to whom you authorise us to disclose your Personal Data to.
- Security of Personal Data
5.1 Parkway Pantai Group protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification with security safeguards appropriate to the sensitivity of the Personal Information, regardless of the format in which it is held.
5.2 We use various methods to safeguard Personal Information, including physical measures, technical tools and organisational controls.
5.3 Online security is also a priority. Parkway Pantai Group incorporates security measures such as encryption and authentication tools to protect your Personal Information from unauthorized use. Firewalls are utilized to protect our servers and network from unauthorized users accessing and tampering with files and other information that we store
5.4 While Parkway Pantai Group cannot guarantee that loss, misuse or alteration of data will not occur; Parkway Pantai Group makes reasonable efforts to prevent such unfortunate occurrences.
5.5 You must remember to exit the browser window after use to disable any unauthorized party access. It is your responsibility at any time, not to divulge your personal user ID and password to any third party.
- Retention of Personal Data
6.1 Parkway Pantai Group retains such Personal Data as may be required for business or legal purposes, and such purposes do vary according to the circumstances.
6.2 Whilst Parkway Pantai Group will securely dispose of or anonymise Personal Data which it can reasonably determine is no longer needed and does not generally hold on to Personal Data “just in case”, it is in the interests of any caregiver or person treating the patient to be able to refer to a complete set of medical records to avoid risks to health and safety of the patient.
6.3 As such that, with respect to the medical records of patients, unless specific contrary instructions from the patient are received, Parkway Pantai Group may (but is not obliged to) retain such medical records for as long as Parkway Pantai Group may be potentially consulted for further follow up by (or on behalf of) the patient even where such consultation may not occur until after a substantial period of time or there is no current or present indication that the patient may well return for further consultation or follow up.
7.2 The information collected by us or our authorised service providers may recognise a visitor as a unique user and may collect information such as how a visitor arrives at our sites, what kind of browser a visitor is on, what operating system a visitor is using, a visitor’s IP address and a visitor’s click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
Cookies – Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser. There are several types of cookies:
- Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
- Persistent cookies are stored on your device in between browser sessions, allowing us to remember your preferences or actions across multiple sites.
- First-party cookies are set by the site you are visiting
- Third-party cookies are set by a third party site separate from the site you are visiting.
Cookies can be disabled or removed by tools that are available in most commercial browsers. The preferences for each browser you use will need to be set separately and different browsers offer different functionality and options.
Web beacons – Small graphic images (also known as “pixel tags” or “clear GIFs”) may be included on our sites and services. Web beacons typically work in conjunction with cookies to profile each unique user and user behaviour. Similar technologies – Technologies that store information in your browser or device utilizing local shared objects or local storage, such as flash cookies, HTML 5 cookies, and other web application software methods. These technologies can operate across all of your browsers. We may use the terms “cookies” or “similar technologies” interchangeably in our policies to refer to all technologies that we may use to collect or store information in your browser or device or that collect information or assist in identifying you as a unique user in the manner described above.
7.4 We offer certain site features and services that are available only through the use of these technologies. You are always free to block, delete, or disable these technologies if your browser so permits. However, if you decline cookies or other similar technologies, you may not be able to take advantage of certain site features or services tools. For more information on how you can block, delete, or disable these technologies, please review your browser settings.
8. Third-Party Sites
Our website may contain links to other websites operated by third parties, including for example our business partners. We are not responsible for the data protection practices of websites operated by third parties that are linked to our website. We encourage you to learn about the data protection practices of such third party websites. Some of these third party websites may be co-branded with our logo or trade mark, even though
- Contacting Us – Withdrawal of Consent, Access and Correction of your Personal Data
(a) by Email: firstname.lastname@example.org
(b) by Mail: Chief Privacy Officer, Parkway Pantai Malaysia Operations Division, Pantai Medical Centre Sdn Bhd, Level 6, Block A, Pantai Hospital Kuala Lumpur, 8, Jalan Bukit Pantai, 59100, Kuala Lumpur.
9.2 You are reminded not to send via unencrypted means (such as email) sensitive information such as passwords, credit card information etc.
9.3 Please note that if your Personal Data has been provided to us by a third party (e.g. a general practitioner or your employer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to Parkway Pantai Group on your behalf.
9.4 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, Parkway Pantai Group may not be in a position to continue to provide its products and services to you, or administer any contractual relationship in place, which in turn may also result in the termination of any agreements with Parkway Pantai Group, and your being in breach of your contractual obligations or undertakings. Parkway Pantai Group’s legal rights and remedies in such event are expressly reserved.
9.5 Governing Law
Effective date: 1st September 2017