We collect personal information from you when you register on our website, make a booking, or otherwise interact with our company. The personal information we collect may include your name, contact information, medical history, and payment information.
We use the information we collect for a variety of purposes, including to process your bookings, provide you with information about our services, and improve your experience on our website. We may also use your information to contact you with promotional offers or to send you newsletters.
We may share your personal information with the medical clinics that you visit as part of your medical tourism experience. This sharing is necessary in order to provide you with the medical services you have requested and to ensure that the clinics have the necessary information to provide you with appropriate care.
You have the right to access, update, or delete your personal information at any time. You can exercise these rights by contacting us through the contact information provided on our website.
We will retain your personal information for as long as necessary to provide you with our services or as required by law. If you wish to terminate your account, you may do so by contacting us through the contact information provided on our website. Please note that we may retain certain information as required by law or for legitimate business purposes.
Med Journey is committed to protecting the personal information of our clients. We have implemented appropriate technical and organizational measures to safeguard this information, in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and the Health Insurance Portability and Accountability Act (HIPAA) in the United States.
Some of the measures we have taken to protect personal information include:
Encrypting sensitive data: We use encryption to make data unreadable to anyone who does not have the decryption key. This helps protect against unauthorized access to personal information.
Implementing strong passwords: We require all employees to use strong, unique passwords for all accounts and systems.
Using secure servers: We store personal information on secure servers that are protected against unauthorized access or tampering.
Implementing access controls: We limit access to personal information to only those employees who need it in order to perform their job duties.
Regularly updating software: We ensure that all software is up-to-date with the latest security patches in order to protect against known vulnerabilities.
Providing secure communication channels: We use secure communication channels, such as SSL-encrypted websites or secure email, to protect personal information during transmission.
Conducting regular security audits: We regularly review and test our security measures to identify and address any potential vulnerabilities.
Providing employee training: We provide our employees with training on how to handle personal information and on security best practices.
Having a data breach response plan in place: In the event of a data breach, we have a plan in place to minimize the impact and protect the personal information of our clients.
We take the protection of personal information seriously and are committed to complying with all relevant laws and regulations. If you have any questions about our privacy practices, please do not hesitate to contact us.