Privacy Policy

Scope and Coverage

QueueMed Healthtech Sdn Bhd ("Qmed Asia", "we", "our", or "us") operates digital health products, including websites, mobile applications, APIs, and customer-deployed solutions. This Privacy Policy explains how we collect, use, disclose, transfer, and protect your personal data when you use our products and services, whether accessed directly, through partners, or through app marketplaces.

This policy applies to patients, healthcare professionals, business users, and visitors interacting with our services. By using our services, you agree to the data handling practices described in this policy.

Information We Collect

Information You Provide

Account and profile details, such as name, email, phone number, organization, and role.
Professional information, including healthcare credentials where relevant to the service.
Communications and support requests you send to us.

Health and Sensitive Data (Where Applicable)

Symptom check responses, appointment details, clinical notes, or related care records.
Health-related documents or files uploaded by users or healthcare organizations.
Other sensitive data categories only when needed for a specific healthcare function.

Automatically Collected Technical Data

Device and app details, including device model, operating system, app version, and unique identifiers.
Log and usage data, such as IP address, session events, crash reports, and feature interactions.
Approximate location data derived from IP address and other diagnostics information.

Cookies and Similar Technologies

On web services, we use cookies and similar technologies for authentication, performance, analytics, and preferences.
You can manage cookie settings through your browser controls.

Information from Partners and Integrations

Information provided by healthcare organizations, employers, or institutions that enable your access to our services.
Data from authorized integrations with third-party systems, where needed to provide requested workflows.

How We Use Personal Data

To provide, operate, and improve our services and app functionality.
To support healthcare operations, including scheduling, communication, and clinical workflows.
To authenticate users, secure accounts, and prevent fraud or abuse.
To respond to user inquiries and provide customer or technical support.
To monitor service quality, troubleshoot errors, and improve reliability.
To comply with legal obligations, regulatory requirements, and contractual commitments.

Device and Platform Permissions

Depending on the service module, device type, and feature you use, our applications may request access to device or browser capabilities. We request only the access needed to deliver the relevant function.

Camera: To capture profile photos, scanned documents, or clinical images when initiated by the user.
Photos/Files: To upload attachments or download files required by service workflows.
Notifications: To send reminders, care updates, and important service alerts.
Microphone (if enabled): For voice input, dictation, or audio communication features.
Location (if enabled): For location-based functions such as facility navigation or service localization.

You can manage permissions through your device operating system and browser settings. Disabling certain permissions may limit related features.

Service Context and Data Roles

Depending on the service context, we may act as a data controller (for example, for account management, platform administration, and support operations) or as a data processor/service provider on behalf of a healthcare organization or enterprise customer that controls the underlying patient or operational data. Where we process data for a customer, that customer may provide additional privacy terms.

Data Sharing and Disclosure

We do not sell personal data. We share personal data only when required for service delivery, legal compliance, or business operations:

With healthcare providers, hospitals, clinics, or organizations connected to your care or service account.
With vetted service providers (for hosting, infrastructure, analytics, communications, and support), under confidentiality terms.
With authorities, regulators, or law enforcement when legally required.
With advisors or counterparties for audits, mergers, acquisitions, or corporate restructuring, subject to appropriate safeguards.

Data Retention

We retain personal data only for as long as needed to provide services, fulfill legal and regulatory obligations, resolve disputes, and enforce agreements. Retention periods vary by product module, customer contract, and applicable laws. When data is no longer required, we delete or de-identify it using secure methods.

Data Protection and Security

We implement administrative, technical, and physical safeguards to protect personal data from unauthorized access, use, alteration, or disclosure.

Encryption in transit and at rest where appropriate.
Role-based access controls and authentication safeguards.
Security monitoring, logging, and incident response procedures.
Regular security testing, patching, and risk assessments.

Your Privacy Rights and Choices

Subject to local law, you may request to:

Access a copy of your personal data.
Correct inaccurate or incomplete data.
Delete your account or personal data, where applicable.
Restrict or object to specific processing activities.
Withdraw consent where processing is based on consent.
Receive data portability where legally available.

To request account deletion or exercise privacy rights, email hello@qmed.asia from your registered account email with the subject line "Privacy Request". We may verify identity before processing requests.

Children's Privacy

Our services are not directed to children except where a healthcare provider, institution, parent, or legal guardian lawfully uses our services for care delivery. If you believe personal data of a child has been collected inappropriately, contact us so we can review and take action.

International Data Transfers

We may process data in Malaysia and other jurisdictions where our partners and service providers operate. Where cross-border data transfers occur, we apply contractual, technical, and organizational safeguards to protect personal data in line with applicable data protection laws.

Legal Basis and Compliance

Depending on your location and service context, we process personal data based on one or more of the following:

Your consent.
Performance of a contract or service agreement.
Compliance with legal obligations.
Our legitimate interests in operating secure and effective services.

We aim to comply with relevant laws, including the Personal Data Protection Act 2010 (Malaysia), and other applicable privacy regulations depending on deployment context.

Third-Party Services and Links

Our services may integrate with third-party platforms, customer systems, or websites. Third-party services operate under their own privacy terms, and we are not responsible for their independent practices.

Changes to This Privacy Policy

We may update this policy periodically to reflect service changes, legal requirements, or security practices. Material updates will be communicated through appropriate channels, such as app notices, website notices, or direct communication where required.

Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: hello@qmed.asia

Address: 18-28, Menara Mutiara Sentral, Jalan Desa Aman 1, Cheras Business Centre, 56100 Cheras, Kuala Lumpur

Phone: +603-3310 0097

Last Updated: April 2026

If you continue to use our services after an update becomes effective, that use indicates acknowledgment of the updated policy.