Privacy Policy

Lasted update: March 26, 2020

WeDoctor Global Pandemic-Fighting Platform is a product we present to provide healthcare consulting services to you. We have adopted this Privacy Policy pursuant to the prevailing laws and regulations in the People’s Republic of China (“PRC”) and such laws and regulations applicable in the countries in which you may reside (“Laws”) to illustrate how we may collect, use and store your personal information and the rights you may have.

Section 1           Definition

WeDoctor Global Pandemic-Fighting Platform” refers the platform (“Platform”) developed by us for the provision of healthcare consulting and information services to the users during the Covid-19 pandemic (“Pandemic”);

Platform Service Provider” refers to the providers of the healthcare consulting services and the software technical services for the Platform, i.e. Wuzhen Online Hospital (Tongxiang) Co., Ltd., WeDoctor Cloud (Hangzhou) Holding Co., Ltd. and Hangzhou WeiYao Information and Technology Co., Ltd, respectively or jointly.

User” refers to whoever uses the products or services made available by the Platform, which is more often referred to as You or User in this policy.

Personal Information” refers to the information in relation to any identified or identifiable individual (“Data Subject”). An identifiable individual refers to any individual that may be directly or indirectly identified, in particular, by name, ID number, address data, online handle, or one or more individually specific physical, psychological, genetic, spiritual, economic, cultural, or social identities.

Special Individual Data” refers to the personal data that reveals an individual’s ethnic or national origin, political views, religious or philosophical beliefs and union membership and genetic data, biometric data, and individual health, sexual life or sexual orientation data for the sole purpose of individual identification, including the personal profiles related to criminal conviction and crimes.

Section 2           Privacy Policy

This Section of Privacy Policy will help you understand the following:

I.     What information may we collect from you?

II.     How do we use your information?

III.    How do we use cookies?

IV.   Storage of information

V.    How we protect your information?

VI.   Do we share your information?

VII.  The rights you are entitled to as a Data Subject

VIII. How do we protect minors’ Personal Information?

IX.   How is this policy updated?

X.    How to Contact Us

I.       What information may we collect from you?

We will collect and process the information from you solely for such purposes as described below in this policy:

1.     Account information: You need to log into the Platform to enjoy our healthcare consulting services to which effect we may receive such third-party (a “third party” includes Facebook, Google and Wechat) account information as authorized by you to be shared (such as nickname and email). You may be contacted by the email if and when necessary for Pandemic fighting purpose. Your third-party account will be linked to your account with the Platform whereby you may log into and enjoy the services available on the Platform directly with your third-party account. Subject always to the applicable laws and regulations, we may only use such personal information of yours pursuant to our agreement with such third parties and upon verification of the legality of the sources of the personal information.

Upon your logging into the Platform, you need to provide your nickname, gender, age, and country of residence. We collect such information for the purposes of fighting the Pandemic and better provision of healthcare consulting services.

2.     Consulting related information: While you are using the healthcare consulting services on the Platform, we may request for access to your camera or need the information regarding your symptoms, the number of the days for which the symptoms have persisted, body temperature and description of the symptoms to advising you on the Pandemic related issues in which case you may elect to provide photos related to the Pandemic. We collect such information for the purposes of fighting the Pandemic and better provision of healthcare consulting services.

You may add other individuals (family contacts) to your profile to receive our healthcare consulting services for other people by providing the nickname, age, gender and country of residence thereof. You must ensure that you have been authorized or given consent by such persons before providing such information. Where any minor’s personal information is concerned, you must obtain prior express consent of the guardian of the minor.

3.     Device information and logs: While you are using the Platform, we may collect the information about the device you are using (such as model, operating system, version, mode, type and status of access to the Internet, device unique identifier, and other software and hardware characteristics information), device location information (such as IP address), and logos such as your operation logos and service logos (for example, the information you searched for and viewed on the Platform) to ensure your normal access to our services, maintain the normal operation of our services, improve and optimize your experience and secure your account.

Please note that no specific individuals may be identified with such information as sole device information and log information. If we use such non-Personal Information in combination with other information to identify a specific individual or use the same in combination with Personal Information, then the non-Personal Information shall be deemed as Personal Information for purpose of such combination. Unless with your authorization or otherwise provided by the Laws, we will process such Personal Information to make it anonymous and unidentifiable.

II.     How do we use your information?

For purpose of provision healthcare consulting information to you and our legitimate interests, we will use your Personal Information under the following circumstances:

1.     For purpose of fighting the Pandemic, we may use such account information and consulting related information as set out in Section I.

2.     For the purpose of providing you with secure and reliable services, we may use or consolidate your account information, device information and relevant network logs to assess your account exposure, detect and prevent security incidents and carry out recording, auditing, analysis and other necessary actions according to law.

3.     Without your prior consent, we shall not use any information for any purpose not specified herein or other than those for which such information is collected.

4.     Exemption of Authorization or Consent

Under applicable laws and regulations, your authorization or consent is not required if: -

(1)    your Personal Information is collected or used for the interests of national security or national defense;

(2)    your Personal Information is collected or used for the protection of public interests regarding public health or of significant interests (such as against epidemics or infectious diseases);

(3)    your Personal Information is collected or used for the protection of the life, property and other significant legitimate interests of the Data Subject or other persons where your personal consent can hardly be obtained;

(4)    the Personal Information collected is voluntarily made to the public by you, unless the Personal Information may not be processed under the laws of the country in which you reside;

(5)    your Personal Information is collected or used as is necessary for entering into a contract at your request;

(6)    your Personal Information is collected or used as necessary for statistics or academic research by academics for public interests and the Personal Information contained is made unidentifiable in the provision or description of the academic results to other people; and

(7)    your Personal Information is collected or used as permitted by the Laws.

Please be aware that, according to the applicable laws, if we take technical measures and other necessary measures to process the Personal Information to make the data recipients unable to identify any specific individual or reinstate the information, or if we conduct research, statistical analysis and forecast based on the information collected and made unidentifiable to support business decision making from a product or service perspective and to improve the Platform’s products and services (including machine learning or model algorithm training with anonymous data), we will not give you notice or obtain your consent in connection with such uses of the processed data.

III.   How do we use cookies?

We may place secure cookies on your computer or mobile devices to serve you in a more efficient and convenient manner and maintain your login status.

You may configure your cookie setup and manage the cookies with your browser. Please note that if you stop accepting cookies, you may not be able to have the best service experience.

IV.   Storage of information

1.     You understand and agree that the information about you generated from your use of the Platform will be transmitted to the PRC and stored on secure and reliable servers within the territory of the PRC.

2.     We only retain your Personal Information within such time as required for the purposes described in this policy. For instance: we may process and retain your data while our contractual (client) relationship persists; when you have deregistered your account with the Platform, we will delete or anonymize your account information; when the Pandemic has ended, we will delete or anonymize your consulting related information, unless otherwise provided by the Laws.

V.     How we protect your information?

We have taken reasonable and practicable security measures in line with industry standards to protect the information provided by you and to prevent the information from unauthorized access, public disclosure, use, modification, damage or loss. For example, we will adopt encryption technologies (such as SSL) and anonymization to protect your Personal Information. Further, we have set up the Personal Information Protection Group to carry out Personal Information security impact assessment regarding the processing of Personal Information. We have deployed an internal control system where the staff members who may have access to your information are authorized on a need-to-know and minimum disclosure basis. All the processing of your information is systematically monitored. We will provide continuous training to staff members regarding appliable laws and regulations and privacy standards and make them better aware of information security.

Should any security incident occur to any Personal Information, we will launch our emergency plan to prevent the escalation of the incident and inform you by way of notification, announcement or otherwise.

Our major information systems have completed the information security assessment (level 3) and filing and received ISO27001 certification.

VI.   Do we share your information?

We don’t take the initiative to share your Personal Information with any third part outside of WeDoctor Group (for purpose hereof, “share” includes co-share, transfer and public disclosure). If we need to share your information with any third party for the provision of services to you, we will assess the legality, appropriateness and necessity for such third party to collect information. We will request that such third party take action to protect your information and strictly abide by the Laws and regulatory requirements. In addition, we will seek your approval or confirm that the third party has obtained your approval by way of letter of confirmation, texts of confirmation under specific scenarios or popped window.

Under any one of the following circumstances, we may share your information without your prior approval:

1.     If you log into the Platform with a third-party account (such as a Facebook account), such third party may collect data from you and the collection and processing of such data shall be subject to the privacy policy adopted by the third party;

2.     As required in any legal proceeding or at the request of any regulatory authority, we may disclose your data pursuant to applicable laws or in the legal procedures relevant to legal proceedings procedures;

3.     Your data may be disclosed as part of the merger, acquisition or asset sale (such as a service agreement) or the services transferred to WeDoctor Group or any other company; and

4.     Any other exempted circumstances under clause 4, Section 2 of this policy.

VII. The rights you are entitled to as a Data Subject

As a Data Subject, you may: -

(1)   access your Personal Information

You have the right to access your Personal Information unless otherwise provided by the Laws. You may access your Personal Information by following the steps below:

Account information. You may access or edit your profiles in your account, change your password or add an extra linked mailbox by logging into your account, “My Center - Account Setting”.

Management of family contacts. You may add, delete and change your contacts by logging into your account, “My Center - Family Contacts”.

If you are unable to access the Personal Information by following the above steps, you may contact us at any time pursuant to Section 10 of this policy.

(2)   modify your Personal Information

You may request corrections if you find any error in your Personal Information processed by us. You may request for correction by following the steps provided in “accessing your Personal Information” above.

(3)   delete your Personal Information

You may delete part of your Personal Information by following the steps provided in “accessing your Personal Information” above.

You may request for the deletion of Personal Information if:

1.     we process your Personal Information in violation of the Laws;

2.     we collect and use your Personal Information without your express consent;

3.     we process your Personal Information in material breach of any agreement with you;

4.     you no longer use the products or services available on the Platform or you have deregistered your account.

Where we decide to respond to your request for deletion, we will make the subjects from which we obtained your Personal Information aware thereof and request for the prompt deletion of your Personal Information to the largest extent possible unless otherwise provided by the Laws or unless you have granted separate authorization to such subjects.

(4)   revise or withdraw your consent

You may revise your consent regarding the scope of the Personal Information that we may collect or withdraw your consent by deleting the information provided by you, switching off certain parameters of the device / application access or changing your options in the “Personal Center” of the Platform.

(5)   restrict data processing

If you wish to restrict our processing of your Personal Information, please let us know. You may restrict data processing if:

1.     your data is illegally processed but you do not want the data deleted;

2.     you request that we retain such data of yours as would have been deleted by us (under usual circumstances) for purposes of instituting, launching or responding to any legal action;

3.     you have disputed the accuracy of your Personal Information, pending our verification;

4.     your objection to data processing is pending our verification.

Please expressly state the extent of and the reason for your request in your submission and provide us with the email address or mobile phone number used for logging into the Platform.

We will contact you to verify your identity before responding to your request.

(6)   deregister your account

You may contact our customer service (“Personal Center – Help and Feedback - My Customer Service”) to complete the deregistration of your account or check the deregistration process (“Personal Center - Account Setting”). Please think twice before taking action as all data loss incurred from account deregistration are at your own risks.

Subject to the service agreements in relation to the separate services provided by us and the appliable laws and regulations of the PRC, your account may be deregistered or deleted. Once your account is reregistered or deleted, all service-related information and data in connection with the account and in connection with the separate services will be deleted or made anonymous pursuant to the service agreements as applicable.

(7)   have the right to data portability

Subject to technical viability and to the laws and regulations in your country of residence, you may request that we transfer your Personal Information to a third party designated by you. After the transfer of the information, you shall request such third party to take preventative measures to secure your information.

(8)   receive response to any of your above requests

In exercising any of your rights set out above in this Section, you may contact us pursuant to Section 10. As our efforts to secure your information, we may require you to place your request in writing or have your identity verified in any other manner before processing your request.

Unless otherwise provided by law, we will respond to your request within one month upon the verification of your identity.

VIII.         How do we protect minors’ Personal Information?

Minors are not allowed to create an account without the consent of their parent or guardian. If you are a minor, we require that you ask your parent or guardian to read this policy carefully and that you may only use the Platform’s services or products or provide any information to us with the consent of your parent or guardian.

Subject always to the laws and regulations and the express consent of a parent or guardian or for the sole purpose of protecting minors, we may use or share minors’ Personal Information collected from the use of the Platform’s services or products with the consent of their parent or guardian.

IX.   How is this policy updated?

We may update this policy if and when necessary. Please view the latest version of this policy in the setup part in your personal center on a regular basis. We will inform you of any material changes to this policy by way of notification, pop window or banner when you log in and when a new version is available.

X.     How to Contact Us

You may exercise your rights as a Data Subject by following the guidance in Section 5. If you have any questions, complaints or comments on your rights as a Data Subject or on our processing, you may contact us in the following manner:

1.     You may write feedbacks to us (“WeDoctor Global Pandemic Fighting Platform - Feedbacks”) or contact us through our customer service center (https://gh.wy.guahao.com/aiassistant?mode=AiAssistant_qqkyzwkf);

2.     We have set up a dedicated team for the protection of Personal Information. You may give notice to us in writing at WeDoctor Personal Information Protection Group, 13F, Block D, 198 Qidi Road, Xiaoshan Economic and Technological Development Zone, Xiaoshan, Hangzhou, Zhejiang 311215.

We will review the issues and respond within 30 days upon the verification of your identity.

Special Provisions:

1.     This policy is made in both Chinese and English. In the event of any discrepancy between the Chinese and the English, the Chinese version shall prevail.

2.     The entering into, interpretation and implementation of and dispute resolution under this policy shall be governed by the laws of the People’s Republic of China.

3.     This policy is entered into in Xiaoshan, Hangzhou, the People’s Republic of China.

4.     We may enter into amicable negotiation over any dispute arising from this policy or the implementation thereof. If such negotiation fails, you may file a legal action with the competent people’s court in Xiaoshan.