Hospital Advisor is a web based platform at www.hospitaladvisor.org.hk ("Website"), which aims to help patients with their hospital choice in Hong Kong. Hospital Advisor is operated by HospitalAdvisor Limited ("Hospital Advisor", "we", "us" or "our").
|"Hospital"||means any of the public or private hospitals in Hong Kong, including any healthcare professional that is an employee, contractor or consultant of such hospitals;|
|"Other Data"||has the meaning given in paragraph 2.2;|
|"Patient"||means a patient who was admitted to or received health care services from a Hospital;|
|"Personal Data"||means any data relating directly or indirectly to a living individual, from which it is practicable for the identity of that individual to be ascertained;|
|"Review"||means any review of a Hospital provided, uploaded, transmitted, submitted or posted on the Website;|
|"You"||means you, a Patient or a friend or relative of a Patient.|
2. Personal Data Collection
2.1 The types of Personal Data we may collect from you from time to time include:
2.2 We also collect from you the following data ("Other Data"):
2.3 The Other Data will not amount to contain or otherwise be linked in anyway to your Personal Data. The Other Data will be stored separately from your Personal Data in our servers. We will not be able to ascertain your identity in relation to the Other Data, as it will be fully anonymised and aggregated on our system.
2.4 We may also collect non-personally identifiable information about you, such as your use of our websites, personal preferences, etc.
2.5 By providing the Personal Data to us, you acknowledge that such provision is fair and reasonable in the circumstances.
3. Purposes for which the Personal Data and Other Data are Collected and Used
3.1 We may use the Personal Data you provide to us for one or more of the following purposes:
3.2 We may use the Other Data you provide for any of the following purposes:
4. Disclosure and Transfer of Personal Data and Other Data
4.1 We will not disclose or transfer the Personal Data to any other parties. We may disclose, transfer and/or sell any part of the Database and/or the Reports (which do not contain any Personal Data) to the Hospitals, our advisors and partners, insurance companies, pharmaceutical companies, universities, researchers, international health organisations and other parties interested in healthcare.
4.2 We may disclose the Personal Data when required by law or court order of any jurisdiction, or as requested by any government or law enforcement authorities or administrative organs.
4.3 We may disclose the Personal Data as is necessary to bring a legal action or defend any legal action in relation to you.
5. Personal Data Security and Retention
5.1 The mobile number you provide to us will be deleted from our server once you have successfully completed your application for your user account.
5.2 The Personal Data you provide to us will be kept by us in the appropriate form only for as long as is necessary to fulfil the purposes (or a directly relation purpose) mentioned above, after which it will be destroyed. We will retain your Personal Data for two years following the termination of your user account, in order to enable us to address any enquires or disputes that arise between us and you concerning your user account. Only anonymised data generated from the Other Data, where it is not possible to ascertain your identity, is retained for analytical and statistical purposes for more than two years following the termination of your user account.
5.3 In order to ensure the correct use and to maintain the accuracy of the Personal Data, as well as preventing unauthorised or accidental access, processing, erasure or other use of the Personal Data, we have implemented various physical, electronic and management measures to safeguard and secure the Personal Data we collect.
6.2 Cookies contain information about you and your preferences. For example, a cookie might contain a record of which pages within the site you visited, to help the site customise the view for you the next time you visit.
6.3 Only the information that you provide, or the choices you make while visiting a website, can be stored in a cookie. For example, the site cannot determine your email address unless you choose to type it. Allowing a website to create a cookie does not give that or any other site access to the rest of your computer, and only the site that created the cookie can read it.
7. Log Files
We may also collect information regarding your IP address, browser type, domain name and access time. This information is used for our own research purposes and is not linked to any personal information, so it is separated from the Personal Data. In rare instances, IP addresses may be used to assist in deterring and/or preventing abusive or criminal activities on the website.
8. Our Commitment to Data Security
8.1 To maintain the accuracy of the Personal Data, as well as preventing unauthorised access and ensuring the correct use of the Personal Data, we have carried out appropriate physical, electronic and management measures to safeguard and secure the Personal Data we collect online. We use an industry standard for encryption over the Internet and/or mobile application, known as Secure Socket Layer (SSL) protocol, to protect the Personal Data. When you type in sensitive information such as credit card details, it will be automatically converted into codes before being securely dispatched over the Internet and/or through a mobile application.
8.2 The Personal Data you provide to us will be stored in a database for no longer than is necessary. The website has a firewall in place, which should protect the Personal Data collected from you against unauthorised or accidental access. However, complete confidentiality and security is not yet possible over the Internet and/or mobile applications, and privacy cannot be assured in your communications to us. You acknowledge that personal information is disclosed at your own risk, and may be subject to unauthorised use by others. This may result in, among other things, you receiving unsolicited messages from other parties. We are not responsible in any manner for direct, indirect, special or consequential damages, howsoever caused, arising out of the communication of information to us. You are encouraged to protect against unauthorised access to your password and credit card details. Make sure you sign out from your account when finished, particularly when using a shared computer.
9. How to Access or Correct Your Data or Contact Us
You are entitled to access or correct your Personal Data held by us. Any data access request or data correction request, or any other data privacy related queries, may be made by contacting our Data Privacy Officer at firstname.lastname@example.org .