Last updated: 9 December 2025

1. INTRODUCTION
This Privacy Policy explains how Poliklinik My Dr, operated by My Health Project Sdn. Bhd. (Company
No. 1465530-V), collects, uses, discloses, and protects your personal data when you use our website
at www.poliklinikmydr.com (“Website”) and our related online services. We are committed to complying
with the Personal Data Protection Act 2010 (PDPA) and other applicable laws in Malaysia.
By using the Website or providing your personal data to us, you agree to the terms of this Privacy
Policy.

2. WHAT PERSONAL DATA WE COLLECT
We may collect the following categories of personal data, depending on how you interact with us:

(a) Data you provide to us directly:
– Name
– Phone number / WhatsApp number
– Email address
– Selected clinic branch
– Preferred appointment date and time
– Reason for visit or brief description of symptoms
– Messages, feedback, or enquiries submitted through forms
– Any other information you choose to provide

(b) Data related to your visits and treatment at our clinics (which may be linked to online data):
– Identification details (e.g. IC/passport)
– Medical history, diagnosis, treatment plans, prescriptions, test results
– Billing and payment-related information

(c) Data collected automatically via the Website:
– IP address
– Browser type and version
– Device information
– Pages visited and time spent
– Referring website or source
– Cookies and similar technologies used for analytics and functionality

(d) Website administration and improvement
– To operate, maintain, and improve the Website and its features;
– To analyse usage patterns and help us understand how users interact with the Website;
– To detect and prevent fraud, abuse, security incidents, and technical issues.

(e) Legal and compliance- To comply with applicable laws, regulations, and guidelines;
– To respond to lawful requests from authorities or regulators;
– To establish, exercise, or defend legal claims.

5. DISCLOSURE OF PERSONAL DATA
We do not sell your personal data. We may disclose your personal data to the following parties, on a
need-to-know basis and where necessary:
– Doctors, nurses, and authorised staff involved in your care;
– Laboratories, imaging centres, pharmacies, or other healthcare providers;
– IT service providers, system vendors, and hosting providers who support our Website and systems;
– Communication platforms (e.g. email service providers, SMS or WhatsApp gateways);
– Insurers, panel providers, or third-party administrators in connection with claims;
– Professional advisers such as lawyers, auditors, and consultants;
– Government authorities, regulators, or law enforcement agencies where required by law or to
protect our rights, property, or safety.

Where third parties process personal data on our behalf, we require them to implement appropriate
measures to protect the data and to process it only in accordance with our instructions and
applicable law.

6. COOKIES AND TRACKING TECHNOLOGIES
Our Website may use cookies and similar technologies to:
– recognise your browser or device;
– remember your preferences;
– analyse how you use the Website;
– improve performance and user experience.

You may choose to disable cookies through your browser settings. However, some features of the
Website may not function properly if cookies are disabled.

7. CROSS-BORDER TRANSFERS
Your personal data may be stored or processed on servers located outside Malaysia, for example if we
use cloud-based or email services hosted overseas. Where such transfers occur, we will take
reasonable steps to ensure that the receiving party provides a level of protection comparable to
that required under the PDPA, as far as practicable.

8. DATA RETENTION
We retain personal data for as long as necessary to fulfil the purposes for which it was collected or as
required by law and our internal policies. This may include retaining medical records for theminimum
statutory or professional period. When personal data is no longer required, we will take reasonable
steps to securely delete or anonymise it.

9. YOUR RIGHTS
Subject to conditions and exceptions under the PDPA, you have the right to:
(a) Access your personal data
You may request access to personal data that we hold about you.

(b) Correct your personal data. You may request correction of personal data that is inaccurate, incomplete, or outdated.

(c) Withdraw consent
You may withdraw your consent for certain processing activities, such as marketing communications.
However, withdrawing consent for necessary processing related to your treatment or our legal
obligations may affect our ability to provide certain services.

(d) Limit processing
You may request to limit the processing of your personal data in certain situations, subject to
legal and contractual requirements.

To exercise these rights, please contact us using the details provided in Section 12. We may need to
verify your identity before responding to your request.

10. CHILDREN’S PRIVACY
Our services may be used for children (for example, paediatric services), but online forms are
usually completed by parents or guardians. If you are under 18, please obtain consent from your
parent or guardian before providing any personal data to us via the Website.
If we discover that personal data has been provided by a child without appropriate consent, we will
take reasonable steps to delete or secure that data.

11. SECURITY
We take reasonable technical and organisational measures to protect personal data against accidental
or unlawful destruction, loss, alteration, disclosure, or access. These measures may include access
controls, encryption where appropriate, staff training, and secure storage practices. However, no
method of transmission over the internet or electronic storage is completely secure, and we cannot
guarantee absolute security.

12. THIRD-PARTY WEBSITES
The Website may contain links to third-party websites or platforms (such as maps, social media, or 
health resources). We are not responsible for the privacy practices, content, or security of these 
third-party sites. You are encouraged to review their privacy policies before providing any personal
data to them.

13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, legal
requirements, or services. When we do so, we will update the “Last updated” date at the top of this
document. Your continued use of the Website after any changes constitutes your acknowledgement and
acceptance of the updated Privacy Policy.

14. CONTACT US
If you have any questions, concerns, or requests relating to this Privacy Policy or our handling of
your personal data, please contact:
Poliklinik My Dr / My Health Project Sdn. Bhd. (1465530-V)
Email: mydrofficial@gmail.com
Phone / WhatsApp: 013-883 6903 (or as listed on the Website)
Please include your name, contact details, and details of your request or enquiry.