Privacy Policy

If you are located in the European Union, MedPath China processes your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Data We Collect

• Personal identification information (name, email, phone number)
• Medical records and health information you voluntarily submit
• Payment information (processed securely via Wise)
• Usage data and cookies for website optimization

2. Legal Basis for Processing

We process your data based on:

• Contractual necessity: To provide our medical concierge services
• Consent: For marketing communications (optional)
• Legal obligation: Compliance with healthcare regulations
• Legitimate interests: Website security and fraud prevention

3. Your GDPR Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate information
• Request erasure ("right to be forgotten")
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent at any time

To exercise these rights, contact us at [email protected]

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Your CCPA Rights

• Right to Know: Request disclosure of personal information we collect
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of sale of personal information (we do not sell your data)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To submit a CCPA request, email [email protected] or call our privacy hotline.

We implement industry-standard security measures to protect your data:

• 256-bit SSL encryption for all data transmission
• HIPAA-compliant data storage and handling
• Regular security audits and penetration testing
• Access controls and authentication protocols
• Encrypted backups with geographic redundancy

We retain your personal information only as long as necessary:

• Active accounts: Duration of service plus 7 years (medical records)
• Inactive accounts: 2 years after last activity
• Payment records: 7 years (tax and accounting requirements)
• Marketing data: Until you unsubscribe or request deletion

We only share your data with:

• Partner hospitals: Only with your explicit consent for treatment coordination
• Payment processors: Wise (formerly TransferWise) for secure payments
• Service providers: Hosting, email, and analytics services under strict confidentiality agreements
• Legal authorities: Only when required by law or court order

We never sell your personal information to third parties.

We use cookies and similar technologies to:

• Maintain your session and preferences
• Analyze website traffic and usage patterns
• Improve our services and user experience
• Prevent fraud and ensure security

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

If you have questions about this Privacy Policy or wish to exercise your rights, contact us: