Privacy Policy

&you Privacy and Data Protection Policy (“Privacy Policy”)

This Privacy Policy sets out the basis on which Rx Ventures Pte. Ltd. and our related companies (”&you,” “we,” “us,” or “our”) may collect, use, disclose, or otherwise process personal data of our customers when you use our website at andyou.com.ph (“Website”) in accordance with the Personal Data Protection Act 2012 (“PDPA”). This Privacy Policy applies to personal data in our possession or under our control, including personal data in the possession of organizations we have engaged to collect, use, disclose, or process personal data for our purposes.

If you do not agree to this Privacy Policy and our Terms and Conditions, please do not use any of the Platforms. Your continued use of the Platforms and our services constitutes your acknowledgment and acceptance of this Privacy Policy.

 

PERSONAL DATA

1. Definitions:

“Customer” means an individual who (a) has contacted us through any means (such as through any of the Platforms) in relation to the goods or services available on the Platforms, or (b) may, or has, entered into a contract with us for the supply of any goods or services by us.

“Personal data” means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

2.Examples of Personal Data:

Depending on your interaction with us, personal data we may collect includes:

  • Name, identification numbers (e.g., NRIC, Passport Number), residential address, email address, telephone number, nationality, gender, and date of birth.
  • Personally identifiable medical and health-related information, such as medical history, health status, laboratory results, diagnostic images, and medical claims.
  • Billing information (e.g., credit card or online payment details).
  • Information about the computer or mobile device you use, including geographical location or address.
  • Other information you may input into the Platforms or related services.

Other terms used in this Privacy Policy shall have the meanings given to them in the PDPA (where the context so permits).

COLLECTION, USE, AND DISCLOSURE OF PERSONAL DATA

4. Collection: We generally do not collect your personal data unless:

It is provided to us voluntarily by you directly or via a third party authorized by you (e.g., employer or insurer) for the purposes set out in this Privacy Policy; or

Collection and use without consent is permitted or required by applicable laws.

5. Purposes: Personal data may be collected, used, or disclosed for purposes including:

  • Performing obligations related to goods or services requested by you, such as healthcare services or product delivery.
  • Verifying your identity.
  • Responding to queries, requests, applications, complaints, or feedback.
  • Managing your relationship with us.
  • Processing claims, payments, or credit transactions.
  • Conducting quality reviews or similar activities to improve services.
  • Generating de-identified information for analytics or market research.
  • Sending Platform updates, marketing, and promotional materials.
  • Complying with laws, regulations, or assisting in investigations.
  • Any other purposes disclosed to you at the point of data collection.

 

6. Passive Data Collection:
Information collected as you use the Platforms may include:

  • Site Activity Information: Actions performed on the Platforms (e.g., search content).
  • Device and Browser Information: Internet protocol address, browser type, access times, etc.
  • Cookies: Used for session management, advertising, and improving user experience. You may modify browser settings to reject cookies, though some features may be unavailable.
  • Real-Time Location: GPS data to connect you with nearby healthcare professionals.
  • Device Information: Data about your device (e.g., crashes, usage statistics) to improve Platform performance.

 

7. Disclosure of Personal Data:
Personal data may be disclosed to:

  • Related companies, subsidiaries, or affiliates.
  • Employers or insurers processing medical claims.
  • Contractors, service providers, and logistics partners bound by confidentiality agreements.
  • Regulatory authorities or law enforcement where required by law.
  • Successors in business transactions (e.g., mergers, acquisitions).

 

8. Retention: We retain personal data only as long as necessary for business, legal, or regulatory purposes. Data will be anonymized or securely destroyed when no longer required.

WITHDRAWING YOUR CONSENT

9. You may withdraw consent for the collection, use, or disclosure of your personal data by contacting our Data Protection Officer.

10. Upon withdrawal, certain services may no longer be available.

 

ACCESS TO AND CORRECTION OF PERSONAL DATA

11. You may request access to or correction of your personal data by contacting our Data Protection Officer. Reasonable fees may apply for access requests.

12.We will respond to requests within a reasonable timeframe, typically 14 business days.

PROTECTION OF PERSONAL DATA

13. We implement measures to safeguard your personal data from unauthorized access, use, or disclosure, including encryption and access restrictions.

14. However, no data transmission over the Internet is completely secure, and we cannot guarantee absolute security.

TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE

15. Personal data transferred to other jurisdictions will be protected in accordance with PDPA standards.

DATA PROTECTION CONTACT

16. If you have inquiries or requests regarding personal data, please contact our Data
Protection Officer:
Email: hello@andyou.com.ph

EFFECT OF PRIVACY POLICY AND CHANGES

17. This Privacy Policy is effective in conjunction with other notices or agreements related to personal data.

18. We reserve the right to revise this Privacy Policy, with updates posted on the Platforms. Continued use of our services indicates acknowledgment and acceptance of changes.

Effective Date: 28 December 2024
Last Updated: 28 December 2024