Privacy Policy

Effective Date: 1st January 2022; Last Updated: 1st January 2022

Thank you for choosing to be part of our community at SPACE (MEDTECH) PTE. LTD.("Company", "we", "us", "our"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at dpo@spacemedtech.com.

This privacy notice applies when you use any of our services (the “Services”, which include the Website and Apps, i.e., https://spacemedtech.com (the “Website”) and mobile applications (the “Apps”)) but not limited to the above. We appreciate that you are trusting us with your personal information and we take your privacy very seriously. In this privacy notice, we seek to explain to you in the clearest way possible on what information is collected, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

This privacy notice is based on the Personal Data Protection Act (PDPA) and other global privacy laws where we operate. It applies to all information collected through our Services (which, as described above, includes our Website and App), as well as, any related services, sales, marketing or events.

Please read this privacy notice carefully as it will help you understand what we do with the information collected.

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services or otherwise when you contact us.

The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make and the products and features you use. The personal information we collect may include the following:

Personal information provided by you

When you register to use the Services, we may collect your name and other personal information such as personal identification number, email address, date of birth, language, gender or password. We may also collect medical information about your pertinent medical conditions, medication details and other relevant information. If you are a healthcare professional, we additionally collect your Medical Registration Number.

All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, information about how and when you use our Services and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies.

Other information we collect includes:
  • Log and Usage Data Log and usage data is service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take e.g. which features you use), device event information (such as system activity, error reports (sometimes called ‘crash dumps’) and hardware settings).
  • Device Data. We collect device data such as information about your computer, phone, tablet or other device you use to access the Services. Depending on the device used, the data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, internet service provider and/or mobile carrier, operating system and system configuration information.

Information collected through our App

In Short: We collect information regarding your mobile device, push notifications, health data when you use our App.

If you use our App, we also collect the following information which is primarily needed to maintain the operation and security of our App, troubleshooting, internal analytics and reporting purposes:
  • Mobile Device Access. We may request access or permission to certain features from your mobile device, including your mobile device’s camera, microphone and other features. If you wish to change our access or permissions, you may do so in your device’s settings.
  • Push Notifications. We may request to send you push notifications regarding your account or certain features of the App. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s settings.
  • Health data. We may collect your health data such as SpO2, blood pressure, etc.

Please note that you are not required to provide the information/permissions we request. However, if you choose not to do so, in many cases, we will not be able to provide you with our full range of Services or respond to your requests.

PLEASE NOTE:

Payment Information

We use third-party payment gateways to process any payments related to our Services. When you proceed to make payments, you may need to provide your personal details (such as name, address, contact number, etc.), financial information (such as bank account number, credit card details) to our third-party service providers. All information that you provide when making a payment is stored and processed by the third-party service provider, and not by us. Hence, such use is governed by the respective provider’s privacy policy and relevant Terms. We advise you to read their Terms and privacy notices before proceeding with their service and to contact the third-party service provider directly if you have any questions. Please note that we do not collect or store any of your direct financial information; we may only receive and store transaction reference numbers/summary that does not include your bank/card details. We cannot be held liable for any loss, damage, theft or other action arising from the third-party service provider’s failure to keep your details secure.

In Short: We process your information for purposes based on legitimate business interests, the fulfilment of our contract with you, compliance with our legal obligations, regulatory requirements and/or your consent.

We use personal information collected via our Services for a variety of purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal and regulatory obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:
  • To facilitate account creation and sign up / log in process. If you choose to link your account with us to a third-party account (such as your Google or Facebook account), we use the information you allowed us to collect from those third parties to facilitate account creation and sign up / log in process for the performance of the contract.
  • To deliver and facilitate delivery of services. We may use your information to provide you with the requested services.
  • Fulfil and manage your orders. We may use your information to fulfil and manage your orders, payments, returns, and exchanges made through the Services.
  • To respond to your inquiries/offer support. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.
  • To send you administrative information. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions and policies.
  • To send you marketing and promotional communications. We may use the personal information you provide us for our marketing purposes, if this is in accordance with your marketing preferences. For example, when expressing an interest in obtaining information about us or our Services, subscribing to marketing or otherwise contacting us, we will collect personal information from you. You can opt-out of our marketing emails at any time (see “WHAT ARE YOUR PRIVACY RIGHTS?” below).
  • Deliver targeted advertising to you. We may use your information to develop and display personalised content, advertise tailored to your interests and/or location and to measure its effectiveness.
  • Request feedback. We may use your information to request feedback and to contact you about your use of our Services.
  • To enable user-to-user communications. We may use your information in order to enable user-to-user communications with each user’s consent.
  • To manage user accounts. We may use your information for the purposes of managing our account and keeping it in working order.
  • To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (e.g. for fraud monitoring and prevention).
  • To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
  • Compliance with regulatory requirements. We may use and retain your personal information to comply with regulatory requirements, such as maintaining a record of complaints, enquiries, recalls, adverse events associated with our products.
  • To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

In Short: Our working principle is not to share your information with others, with the exception of some cases as highlighted below.

We may process or share your data that we hold based on the following events:
  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  • Third-Party Service Providers: We may share your data to third-party service providers that we engage to perform any specific services on our behalf. In such cases, we make sure that relevant measures (e.g. a Non-Disclosure Agreement) are in place with the third party to appropriately and responsibly handle the data.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfil the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Regulatory Authorities and Auditors: We may share your information to regulatory authorities and auditors only to the extent needed to comply with regulations, standards and relevant audits.
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

In Short: We may use cookies and other tracking technologies to collect and store your information.

Use of cookies is a common industry practice and we may use them along with other tracking technologies (like web beacons and pixels). Cookies are files with small pieces of data that are stored locally on your computer while you are accessing our Services. These cookies are helpful in improving the interaction between the user and the Website, providing personalized advertisements, etc., thereby contributing to enhanced user experience. You can manage your cookie preferences and have the option to disable them. It is to note that some features of the Website may be affected if you do not allow certain cookies.

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, regulatory or other legal requirements).

When we have no ongoing legitimate business need, legal or regulatory requirement to retain your personal information, we will either delete or anonymize such information, or, if this is not possible (e.g. because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures that are designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure. So, we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

We will never send you any form of communication requesting confidential information such as bank account numbers, credit card details, usernames or passwords and you should not respond to them with such information. Please do not click any links or open any attachments that comes with such email/text message, and notify us at dpo@spacemedtech.com.

In Short: You have the right to access your personal information in most instances. You may request to review, change, or terminate your account at any time.

We take great effort to ensure your information is accurate and up-to-date. Depending on the region you are residing, you may have the right to request access to the personal information we collected from you, change that information, or delete it in some circumstances. If you make a request to access or amend or delete your personal data, we will try our best to comply with such request and take action as soon as possible. You can also request to review, change or terminate your account and personal information at any time. However, there are some circumstances in which we may not be able to accommodate such requests if we believe doing so would violate any law, legal or regulatory requirement or cause the information to be incorrect. We may also retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations and/or enforce our Terms of Use.

In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Cookies and similar technologies
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services.

Marketing emails
Opting out of email marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send. You will then be removed from the marketing email list — however, we may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes. To otherwise opt-out, you may access your account settings and update your preferences.

California
Under California Civil Code Section 1798.83, California residents who use our Services are entitled to request certain information regarding disclosure of personal information to third-parties for direct marketing purposes during the preceding calendar year. To make such a request or other requests based on your right as a California resident, contact us at dpo@spacemedtech.com. However, it is to note that we will not collect personal information and share them with a third party for that third-party’s direct marketing purposes.

European Economic Area
If you are a resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

Switzerland
If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.

In Short: We are not responsible for the safety of any information that you share with third-party providers who advertise, but are not affiliated with us.

The Services may contain advertisements from third parties that are not affiliated with us and which may link to other websites, online services or mobile applications. Any data collected by third parties is not covered by this privacy notice. We are not responsible for the content, privacy, security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Services. We advise you to review the policies of such third parties and contact them directly to respond to your questions.

Most web browsers, some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting that you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

In Short: We do not knowingly collect data from or market to children under 18 years of age, or the equivalent age as specified by law in your jurisdiction.

We do not knowingly solicit data from or market to children under 18 years of age or the equivalent age specific by law in your respective country’s jurisdiction. By using the Services, you represent that you are at least 18, or the equivalent legal age, or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from minors has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under the legal age, please contact us at dpo@spacemedtech.com.

In Short: Yes, we may update this notice from time to time.

We may update this privacy notice from time to time. The updated version can be noted from the “Last Updated Date” and it will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

If you have questions or comments about this notice or your privacy rights, you may email our Data Protection Officer at dpo@spacemedtech.com.