Compliance

Privacy Policy

Effective date: February 26, 2026. This policy explains what data we collect, how cross-border sharing works for treatment coordination, and how deletion requests are handled.

Photorealistic scene of credential verification and registry checks

Data We Collect

Identity and contact details (name, email, WhatsApp, country).
Treatment intent, timeline preferences, and city preference.
Optional notes you provide for case triage.
Initial anonymous or partial-information enquiries are accepted before full case review.
Operational logs (response timing, form events, support history).

Cross-Border Medical Data Handling

Records are handled on a need-to-know basis by authorized coordination staff.
With patient consent, records may be shared with up to 3 shortlisted hospitals for case review and quote comparison.
Minimum-necessary fields are transferred for scheduling and triage.
Transfers occur over access-controlled channels with role-based permissions.
No sale of patient data to advertisers or data brokers.

Sensitive records should be uploaded only through approved secure channels.

Retention Period

Inquiry records: up to 24 months.
Operational quality logs: up to 36 months.
Deleted sooner when valid legal or patient deletion requests apply.

Deletion Workflow

Email a deletion request with your contact details and inquiry timestamp.
Identity verification is completed within 2 business days.
Data is erased or anonymized within 14 business days unless legal hold applies.
You receive a completion confirmation and scope summary.

Request deletion via Contact page.

Communication Channels

Email-only communication is supported and does not automatically slow the process. WhatsApp is optional.

Full quoting, hospital review, and booking require identity and medical details even if the first enquiry is anonymous.