Home
Privacy Policy

Privacy Policy

This Privacy and Data Protection Policy (“Privacy Policy”) sets out the basis on which Rx Ventures Pte. Ltd. and our related companies (“&you,” “we,” “us,” or “our”) may collect, use, disclose, or otherwise process personal data of our customers when you use our website at andyou.ph (the “Platform”) in accordance with the Personal Data Protection Act 2012 (“PDPA”).

This Privacy Policy applies to personal data in our possession or under our control, including personal data in the possession of organizations that we have engaged to collect, use, disclose, or process personal data for our purposes.

If you do not agree to this Privacy Policy and our Terms and Conditions, please do not use the Platform. Your continued use of the Platform and our services constitutes your acknowledgement and acceptance of this Privacy Policy.

 

OUR ROLE IN YOUR PRIVACY

It is important to understand the roles regarding your personal data under applicable data protection laws.

  • When you browse our Platform or manage your account, &you acts as the Data Controller for the personal data we collect, such as your contact details and technical data.

  • When you receive medical services, the Medical Partner you consult with is the Data Controller for your sensitive health and medical information. They are solely responsible for your medical care and for determining the purposes for processing your health data. In this capacity, &you acts as the Data Processor, providing the technology platform and processing your data only upon the documented instructions of the Medical Partner to facilitate the services.

PERSONAL DATA

1.1. “Personal data” means data, whether true or not, about an individual who can be identified from that data or from that data and other information to which we have or are likely to have access.

1.2. Depending on your interaction with us, some examples of personal data which we may collect from you include:

  • Identity & Contact Data: Your name, residential address, email address, telephone number, gender, and date of birth.

  • Health & Medical Data: Information relating to your medical history, health status, diagnoses, consultation notes, laboratory testing results, and prescriptions that you provide or that are generated by healthcare professionals on our Platform.

  • Financial Data: Billing information, such as credit card or online payment system account information, processed securely by our third-party payment partners.

  • Technical Data: Information about the computer or mobile device you are using, including your IP address, browser type, connection speed, and real-time location if enabled.

COLLECTION, USE, AND DISCLOSURE OF PERSONAL DATA

2.1. We generally do not collect your personal data unless:

  • it is provided to us voluntarily by you directly;

  • it is disclosed by an authorized third party (such as your insurer or employer processing claims on your behalf); or

  • collection and use is permitted or required by law.

We shall seek your consent before collecting any additional personal data or before using your personal data for a purpose not previously notified to you (except where permitted by law).

2.2. We may use your personal data for the following purposes:

  • To Provide and Manage Services: To connect you with doctors, create treatment plans, process orders, verify your identity, and handle payments.

  • To Manage Our Relationship: To respond to queries, provide support, and send service updates and notifications.

  • For Platform Improvement: To analyze usage patterns, improve features, personalize experiences, and create de-identified/anonymized information for research and statistical purposes.

  • For Marketing & Communications: To send you health-related information and, with your specific consent, promotional offers or updates.

  • For Security & Compliance: To detect fraud, comply with laws and court orders, and protect the rights and safety of &you and our users.

2.3. We may disclose your personal data under strict confidentiality protocols to:

  • Healthcare Service Providers: Licensed doctors, specialists, and pharmacies who provide care and treatment.

  • Third-Party Service Providers: Contractors who support our business (e.g., logistics, couriers, hosting providers, analytics).

  • Payment Processors: Secure processors that handle financial transactions. We do not store full payment details.

  • Related Companies: Our parent company, subsidiaries, or affiliates, subject to this Privacy Policy.

  • Legal & Regulatory Authorities: When required by law or to assist investigations.

2.4. As you use the Platform, certain information may also be collected automatically:

  • Cookies: Session and persistent cookies to improve usability and advertising.

  • Web Analytics: Services such as Google Analytics to analyze site usage.

  • Device & Location Data: To help deliver localized services (if enabled).

  • Do Not Track: Our Platform does not currently respond to DNT signals.

WITHDRAWING CONSENT

3.1. The consent you provide for the collection, use, and disclosure of personal data will remain valid until withdrawn by you in writing. You may do so by contacting our Data Protection Officer at privacy@andyou.ph.

3.2. We may require a reasonable time to process your request and to notify you of the consequences, including the possibility that we may no longer be able to provide services.

3.3. Withdrawing consent does not affect our right to continue processing data where permitted by law.

 

ACCESS, CORRECTION, AND ACCURACY

4.1. You have the right to request access to the personal data we hold about you, or to request corrections. Requests may be submitted in writing to our Data Protection Officer.

4.2. Please ensure that the personal data you provide is current, complete, and accurate. We generally rely on the information provided by you or your authorized representative.

4.3. We will respond to your requests as soon as reasonably possible and in any event within the period required by law. In some cases, we may charge a reasonable fee for access requests; if so, you will be informed in advance.

 

PROTECTION OF PERSONAL DATA

5.1. We use appropriate administrative, physical, and technical measures such as encryption, access controls, and secure hosting to safeguard personal data against unauthorized access, disclosure, modification, or destruction.

5.2. While no system is entirely secure, we regularly review and enhance our security protocols to reduce risks.

 

RETENTION OF PERSONAL DATA

6.1. We retain personal data for as long as necessary to fulfill the purpose for which it was collected, or as required by law.

6.2. Once data no longer serves its purpose and is no longer legally required, it will be securely deleted or anonymized.

 

TRANSFERS OUTSIDE OF SINGAPORE

7.1. We generally do not transfer personal data outside of Singapore. If a transfer is necessary, we will ensure that the receiving country offers a standard of protection comparable to that provided under the PDPA.

 

EFFECT OF PRIVACY POLICY AND CHANGES

8.1. This Privacy Policy applies in conjunction with any other notices, consent clauses, or contractual terms relating to the collection or use of personal data.

8.2. We may revise this Privacy Policy from time to time without prior notice. You may check the “Last Updated” date below to confirm the most recent version. Your continued use of the Platform constitutes acceptance of any changes.

 

CONTACT US / DATA PROTECTION OFFICER

If you have any questions, concerns, or requests about this Privacy Policy or your personal data, please contact our Data Protection Officer at:

📧 privacy@andyou.ph

Last updated: September 01, 2025