Log In
Download eZHealth

Privacy Policy

Last updated: 11 August 2022

The eZHealth services are provided by Interpharma Solutions Philippines, Inc., its affiliates and participating partners. This Privacy Policy sets out how Interpharma Solutions Philippines, Inc. and its affiliates (hereinafter collectively referred to as “ISPI”, “our”, “us” or “we”) processes personal data in accordance with the data protection laws that apply to us.

 

This Privacy Policy outlines our general practices in relation to the collection, use, disclosure (hereinafter referred to as “processing”) and protection of the personal data you provide through our website, application, platforms, forms, products, services, or social media pages or otherwise (hereinafter collectively referred to as the “Platform”), or when you communicate with us and/or our authorised agents through various media and communication channels. This Privacy Policy also explains your rights and the choices available to you regarding the use of, your access to, and how to update and correct your personal data. Where any of our services deviate from this Privacy Policy, we will outline them in a service-specific addendum to this Privacy Policy. References to the term “Privacy Policy” herein shall include such addendum.

 

In this Privacy Policy, “personal data” generally refers to any information that can be used, directly or indirectly (e.g. in combination with other types of data that we may have access to), to identify an individual (i.e. the “data subject”). Local data protection laws may have differing definitions of this, and to the extent that our definition used here conflicts with the law, the stricter definition will apply.

I. Processing of Personal Data

In the course of your dealings with us, we may process personal data about you or any other person for the purposes stated in this Privacy Policy. This may occur when you voluntarily provide such personal data to us, or, where necessary, we receive such personal data from third parties or from the public domain.

In your interaction with us or by your usage of the Platform, we may collect and process the following categories of personal data, including, but not limited to:

  • personal contact information, which includes your name, mailing address, email address, social network details, or phone number;
  • sensitive personal data such as information relating to your health;
  • account login information, which includes your account login ID/email address, screen name, password in unrecoverable form, and/or security question and answer;
  • business contact information, which includes your occupation, designation and employer information;
  • information relating to your citizenship, nationality, identification card or passport details, such as but not limited to government issued picture identification like Senior Citizen ID, Persons With Disability (“PWD”) ID or your PhilHealth ID;
  • your Health Maintenance Organisation (“HMO”) card number or similar identification number (“HMO ID number”);
  • information related to your insurance coverage;
  • if you are a healthcare professional, your business address, specimen signature, Professional Regulation Commission ID (“PRC ID”), Certificate of Good Standing issued by the PRC, certifications necessary to prove your specialisation, continuing education, and qualification for practising as a healthcare professional, your bank account number or other payment-related details, career information, and the prescriptions and referrals that you have issued via our Platform;
  • demographic information and interest, which includes your date of birth, age, gender, marital status, geographic location, favourite products and services, shopping information, and household or lifestyle information;
  • transaction and financial information, which includes bank account and payment card details, payments to and from you, and other details of products and services you have purchased or acquired from us;
  • technical data, which includes internet protocol (IP) address, operating system type, web browser type and version, your device information, and information collected through the use of cookies;
  • usage data, which includes information about how you use our websites, applications, products and services;
  • marketing and communications data, which includes your preferences for receiving marketing materials from us and our third parties and your communication preferences;
  • photographs, audio and visual recordings of you taken or recorded at our premises and/or during our events;
  • geolocation data;
  • your conversations with us (be it via chat or in person phone calls), when you interact with us via our communication channels; and
  • other information permitted by applicable laws or as notified to you at the point of transacting with us.

II. Source of Personal Data

The personal data processed by us are obtained from various legitimate and transparent sources, including, but not limited to the following:
  • through your access or use of our Platform;
  • when you create an account with us;
  • when you browse, order, purchase or subscribe to our products and/or services;
  • when you apply to participate and/or participate in our patient support, healthcare support, patient engagement and prescription information programmes;
  • any emails or correspondence that we receive from you;
  • when you communicate to us and/or our authorised agents through various media and communication channels, and any direct and indirect interactions with us;
  • when completing any applications or forms for transactional or other purposes;
  • when you participate in any event, prize draws, or competitions organised by us or indirectly through a third party;
  • when completing any surveys that we send to you for research purpose;
  • video or recordings of events and/or activities at our premises;
  • data from publicly available sources that we collect in accordance with applicable laws, i.e. data that is published by you, social media profiles, directories, signages;
  • data that we obtain legally from authorised third parties, including, but not limited to, credit reporting agencies, regulatory and enforcement agencies, healthcare providers, and other government or government-linked entities;
  • our related and/or associated companies, contractors, third-party service providers, and business partners;
  • marketing services providers or partners; and
  • mailing lists.

III. Lawful Basis and Purpose of Processing Personal Data

We must have a lawful basis to process personal data. We typically rely on at least one of these lawful bases to do so:

  • where we have the data subject’s consent for the disclosed purposes;
  • where the processing is necessary and related to the fulfilment of a contract with the data subject or in order to take steps at the request of the data subject prior to entering into a contract;
  • where the processing is necessary for compliance with a legal obligation to which we are subject;
  • where the processing is necessary to protect vitally important interests of the data subject, including life and health;
  • where the processing is necessary in order to respond to a national emergency, or to comply with the requirements of public order and safety; or
  • where the processing is necessary for the purposes of the legitimate interests pursued by us, a third party or parties to whom the data is disclosed, except where such interests are overridden by fundamental rights and freedoms of the data subject which require protection under local laws.

We generally rely on consent to process personal data. In addition, the table below summarises some of the common purposes for which we may process personal data and our legal basis for doing so:

Purpose

  • To create and administer your account (where applicable)
  • To enable you to access or use the Platform
  • To verify your identity and age (where needed)
  • If you are a patient, to verify your eligibility or entitlement to HMO benefits and applicable discounts, to process payment of claims for the healthcare professionals that you consulted (if applicable), to process the payments you have made in the course of your usage of the Platform
  • If you are a healthcare professional, to verify your eligibility and competency to provide services over the Platform, to process payment to you
  • To provide you with our products and services, including to process your requests
  • To provide patient support, healthcare support services, patient engagement and prescription information, including to provide, manage and administer patient support and homecare programmes
  • To provide you with discounts, bonuses, rebates and the like for your orders and purchases
  • To provide support for our products and services
  • To contact and communicate with you, including to respond to your requests, enquiries, and to provide you with status updates on your requests
  • To communicate information, notices, and updates
  • To fulfil any other request(s) that you may have submitted to us

Legal Basis

Where necessary to perform our contract with you

 

Where required to comply with a legal obligation

 

Where it is in our legitimate interests to ensure that services requested of us are effectively and appropriately delivered

  • To deal with any product safety issue or product complaint, and to contact and communicate with you in relation to the same
  • To undertake remediation activities
  • To resolve disputes or to investigate any

    complaints you made or made against you

Where required to comply with a legal obligation

 

Where it is in our legitimate interests to ensure that complaints are investigated and appropriately resolved

  • To do adverse event and safety reporting in respect of any product or service
  • To improve patient care and safety in relation to the use of medicines and all medical and paramedical interventions
  • To improve public health and safety in relation to the use of medicines
  • To detect problems related to the use of medicines and communicate the findings in a timely manner
  • To encourage safe, rational and more effective use of medicines
  • To promote understanding, education and clinical training in pharmacovigilance andeffective communication to the public
  • For contact tracing in the event of disease outbreak

Where required to comply with a legal obligation

 

 

Where it is in our legitimate interests to:
(a) ensure that pharmacovigilance is done; and/or
(b) promote public health and safety

  • To process invoices and payment
  • To conduct due diligence on the third

    parties we transact with

  • For internal functions such as reporting,

    and audit and risk management

  • To maintain our operations or client

    relationship management systems

  • To maintain and upkeep customer or company records and development in the

    ordinary course of business

  • For our internal record keeping
  • For the preparation and execution of all

    necessary documents, agreements and/or

    contracts

  • For general operation and maintenance of

    the Platform

Where required to comply with a legal obligation

 

Where it is in our legitimate interests to:
(a) ensure the smooth operation of our business; and/or
(b) keep accurate records of our business

  • To develop and improve our product and service offerings by analysing and assessing the information we have access to, such as by conducting data analytics and market research
  • To develop, show, measure, and track advertising (including, but not limited to, content, survey, and promotions of the Platform or products and services of ours, our subsidiaries, related and/or associated companies, business partners, and other third parties) and to collect information about you and on how you interact with it while you use the Platform

Where it is in our legitimate interests to:
(a) develop new product or service offerings to meet the needs of our
customers; and/or
(b) improve user experience when using
our products and service offerings, including the Platform

  • To implement and/or facilitate risk and fraud controls and payment processing
  • To prevent, detect, or investigate any

    potential breaches, illegal activities or

    prohibited content on the Platform

  • To enforce and exercise rights stated in this

    Privacy Policy or any contract

  • To comply with any legal or regulatory requirements relating to all the commercial transactions, our conduct of the business or activities or our provision of products and/or services, and to make disclosure under the requirements of any law, regulations, directives, court orders, by law, guidelines, circulars or codes applicable to us or any member of our group of companies from time to time
  • To cooperate with regulators and law enforcement bodies</li?

Where required to comply with a legal obligation

 

Where it is in our legitimate interests to:
(a) prevent and investigate legal disputes, potential breaches, illegal activities or prohibited content;
(b) enforce contractual rights; and/or
(c) cooperate with regulators and law
enforcement bodies

  • To facilitate the conduct of due diligence exercises or the actual transfer of assets in the event of potential, proposed or actual business transfer, whether in whole or in part, sale of business, disposal, acquisition, merger, spin-off, joint venture, assignment, reorganisation of ISPI’s business, assets or stock or similar transaction

Where required to comply with a legal obligation

 

Where it is in our legitimate interests to undertake any corporate restructuring for the growth or optimisation of our businesses

  • To send you information or invitations to events, seminars, conferences, initiatives and promotions and talks which may be of interest to you
  • To organise and manage professional events and congresses, including your participation in such events
  • To promote and communicate news and information about the Platform, products and services of ours, our subsidiaries, related and/or associated companies, business partners, and other third parties, and such communications may be initiated from us or through third parties
  • To deliver online behavioural advertising (i.e., to show you online advertisements for products and/or services which may be of interest to you based on your previous behaviour, and to show you advertisements and content on social media platforms)
Where it is in our legitimate interests, and subject to obtaining your consent when required under applicable laws, to provide you with marketing information that may be of interest to you

IV. Consequences of Refusal or Failure to Provide Personal Data

Unless stated otherwise, the personal data provided to us are wholly voluntary in nature and you are not under any obligation or duress to do so. However, in some circumstances if you do not provide us with your personal data described in this Privacy Policy, we shall not be held liable for any of the consequences arising therefrom. These include:
  • the inability for us to provide you with the products and/or services you requested, either to the same standard, or at all;
  • the inability to enrol you to the relevant patient programme(s);
  • the inability for us to provide you with the information about the products and/or services that you may want, including information about discounts or special promotions, or our new products and/or services;
  • the inability for us to tailor the content of the Platform to your preferences and your experience of using the Platform may not be as enjoyable or useful;
  • the inability to complete the relevant transactions with you; and
  • the inability to comply with any applicable law, regulation, direction, court order, by law, guideline and/or code applicable to us.

V. Disclosure of Personal Data

In order for us to fulfil the purposes listed above, we may disclose your personal data to the following parties, including, but not limited to:

  • if you are a patient, the service providers on our Platform from whom you have requested services from (e.g. the healthcare professional you choose to consult, our pharmacy partner responsible for fulfilling your order, our laboratory diagnostic facility partner responsible for fulfilling your request)
  • the various entities within our group of companies (including those incorporated in the future), licensees, or business partners, including (where applicable) authorised personnel from the sponsor for the patient programme that you are enrolled to;
  • our employees, agents, representatives, partnerships, joint venture entities, contractors, third- party service providers, subcontractors, or other parties as may be deemed necessary by us to facilitate your dealings with us;
  • our suppliers, manufacturers, and business alliance partners of our products and/or services;
  • relevant holders of the marketing authorisation of our products and/or services;
  • parties whom we have obligations to report safety issues or product complaints;
  • our professional advisers, including but not limited to our lawyers, accountants, auditors, and

    other financial or professional advisors appointed in connection with our business;

  • any person, government authority, statutory authority, industry regulator or other relevant third party whom we are compelled or required to do so pursuant to any law, or if we have good faith belief that such disclosure is necessary to protect and/or defend our rights and interests or in connection with an investigation of fraud, infringement, piracy, tax avoidance and evasion or

    other unlawful activity;

  • potential acquirers and other stakeholders in the event of potential, proposed or actual business

    transfer, whether in whole or in part, sale of business, disposal, acquisition, merger, spin-off, joint venture, assignment, reorganisation of ISPI’s business, assets or stock or similar transaction; and

  • any other party requested or authorised by you for the above purpose or any other purpose for which your personal data was to be disclosed at the time of its collection or any other purposes directly related to any of the above purposes.

    Third parties are legally tasked with processing the personal data in line with the principles specified by us. Third parties are also held legally responsible for securing the personal data at an appropriate level of security in relation to applicable data protection laws and widely accepted industry standards.

VI. Protection of Personal Data

We ensure that all appropriate confidentiality obligations and technical and organisational security measures are in place to protect the confidentiality and security of your personal data collected through the various methods described in this Privacy Policy to prevent any unauthorised access, unauthorised or unlawful alteration, disclosure or processing of such information and data, and the accidental loss or destruction of or damage to such information and data.

Some of the security measures we put in place include, but are not limited to:

  • storing your personal data in systems that are protected by secured networks;
  • putting in place role-based access controls to limit access to such personal data only to employees who have a need to know this information for the purpose of performing their official duties, and authorised third parties who are contractually bound to take reasonable

    measures to keep your personal data secure;

  • regularly monitoring our systems for possible vulnerabilities and attacks, and regularly reviewing

    our information collection, storage and processing practices to update our physical, technical

    and organisational security measures; and

  • verifying the identity of a requester before they can access or modify the personal data that they have legitimate access or modification rights to.

Compliance with these provisions will be required by all authorised third parties who may access the personal data as described above.

VII. Your Rights

Depending on the data protection laws in the country where you reside, in respect of the personal data which you have submitted to us, you may have the right at any time to:

  • request for access to your personal data in our records;
  • request to make correction of your personal data in our records in the event the information is

    inaccurate, misleading, out-of-date or incomplete upon validation and verification of the new

    information provided;

  • request to cease processing your personal data for the purposes of marketing;
  • object to the processing of your personal data, request to restrict or limit processing of your

    personal data, or request portability of your personal data;

  • withdraw your consent for us to continue processing your personal data; and
  • lodge an inquiry or complaint to the relevant data protection authority about our collection and use of your personal data.

Should you wish to exercise any of the abovementioned rights and such right is recognised within your country, please write in to us using the information found at Part XIV (Contact Us) below. In respect of requests for access to or to make correction of your personal data in our records, such requests must be supported with submission of the relevant documents as may be required by us. Depending on the nature and sensitivity of the request, we may require you to submit these documents in person so as to verify your identity from time to time to the address found at Part XIV (Contact Us) below. We will only make appropriate corrections based on the verifiable/verification and updated information provided by you. Your request may also be subject to payment of a fee in accordance with applicable legal requirements.

 

With regard to the withdrawal of consent, you may withdraw, in full or in part, your consent given to us.

You may request for deletion of your personal data by us, and we will use commercially reasonable efforts to honour your request. However, please note that we may be required to keep such information and not delete it for such period of time required by law or in order to fulfil our legal obligations. When we delete any information, it will be deleted from the active database but may remain in our archives. We may also retain your information for fraud prevention and detection or similar purposes.

 

Your exercise of any of the rights or withdrawal of consent referred to above is, in each case, subject to any applicable legal restrictions, contractual conditions, and a reasonable time period. This may also be subject to whether it would affect the operation of our business and our ability to meet our legal obligations.

We may also, in accordance with the data protection laws applicable to us, refuse to comply with your request. If we refuse to comply with such request, we will inform you of our refusal and reason for our refusal.

VIII. Retention of Personal Data

The personal data you submit to us will only be retained for as long as is required for the purpose for which it was collected or as permitted by applicable laws.

 

Even though our systems are designed to carry out data deletion processes according to the above guidelines, we cannot promise that all data will be deleted within a specific timeframe due to technical constraints. When we no longer need to use your personal data, it is removed from our systems and records or anonymised so that you can no longer be identified from it.

IX. International Transfers of Personal Data

To provide our products and services, we may transfer your personal data to our affiliates and authorised employees, agents and third parties in the jurisdictions where we operate or where we deem it appropriate or desirable (unless applicable laws provide otherwise) for the purposes stated in this Privacy Policy. In particular, we may transfer your personal data to our overseas affiliate(s) where our information technology storage facilities and servers may be located. There may be a possibility that the data protection levels in other jurisdictions do not completely meet the requirements of the data protection laws in the country where you reside, but all such transfers are performed in accordance with the requirements of applicable laws.

X. Links to Other Websites or Applications

The Platform may contain links to and from the websites and applications of our partner networks, advertisers, patient program sponsors and/or other third parties. If you click on a link to any of these websites or applications, you will leave the Platform and be redirected to the website or application you selected. As we cannot control the activities of third parties, we cannot accept responsibility for any use of your personal data by such third parties, and we cannot guarantee that they will adhere to the same data privacy practices as us. We encourage you to review the privacy policy of these websites or applications before providing any personal data.


We may also offer you the opportunity to use your social media login. If you do so, please be aware that you share your profile information with us depending on your social media platform settings. We encourage you to visit the relevant social media platform and review its privacy policy to understand how your personal data is shared and used in this context.

XI. Marketing and Promotions

We may use your personal data to market products, services, events, seminars, conferences, initiatives, and promotions and talks of ours (i.e., those of our subsidiaries, related and/or associated companies), business partners, sponsors and/or advertisers. We may communicate such marketing to you by way of post, phone call, email, short message service (SMS), social media and/or any other appropriate communication channels, depending on what you have agreed to with us. If you wish to unsubscribe to the processing of your personal data for marketing and promotions, you may click on the “Unsubscribe” link in the relevant email or message you receive from us. Alternatively, you may contact us using the information found at Part XIV (Contact Us) below. Please note that once we have received your request to unsubscribe, it may take up to fourteen (14) working days for us to process your request and to be reflected in our systems. Therefore, you may still receive marketing communications during this period of time. Please also note that, even if you opt-out from receiving marketing communications, you may still receive administrative communications from us, such as order or other transaction confirmations, and other important non-marketing related announcements.

XII. Language

In the event of any inconsistency between the English version and the local language version of this Privacy Policy, the English version shall prevail.

XIII. Amendments to Privacy Policy

ISPI reserves the right to modify, update and/or amend this Privacy Policy at any time. We will take reasonable steps to ensure amendments to this Privacy Policy are communicated by posting all amendments prominently on the Platform and other places we deem appropriate for a reasonable period of time. Amendments to this Privacy Policy will be effective immediately once published on any of the Platform unless otherwise noted. We invite you to check this Privacy Policy periodically to be informed of any relevant amendments to it, especially before providing any information to us. Your continued access or usage of the Platform and/or providing your personal data to us, following any amendments to this Privacy Policy, indicates your consent to the practices described in the revised Privacy Policy. If you do not agree, you should immediately discontinue your use of the Platform, cease providing to us any of your personal data and notify us in writing in the manner described in Parts VII (Your Rights) and XIV (Contact Us).

XIV. Contact Us

If you have any feedback or questions about this Privacy Policy and the way we handle your personal data, or you wish to exercise any of your rights above, please contact our main data controller:

Interpharma Solutions Philippines, Inc.
Km. 14 West Service Road South Superhighway cor Edison Ave. Brgy. Sun Valley, Paranaque City, Philippines
Email: zpsdataprivacy@zuelligpharma.com

Alternatively, you may also contact us by sending us a message via our website.

Last updated: 13 May 2021

Interpharma Solutions Philippines, Inc. and its Affiliates and principals for which it acts as personal information processor (collectively, “ISPI”, “We”, “Us”) recognize the importance of respecting your right to privacy. It is for this reason that we have adopted this Privacy Policy (“Policy”) in relation to the collection and Processing (as defined below) of your Personal Information (as defined below) by us, whether as personal information controller or personal information processor, through the use of our eZHealth Application (“eZHealth”).

 

This Policy is incorporated into the eZHealth Terms and Conditions of Use (“Terms of Use”). To safeguard your Personal Information, we developed this Policy, which is primarily designed for Health Care Professionals in the Philippines who are using eZHealth. This Policy applies to all Personal Information obtained by ISPI through your use of eZHealth or from other legitimate sources. Capitalized terms used in this Policy, such as ‘Personal Information’ and ‘Processing’, shall have the same meaning ascribed to them in Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012, and its Implementing Rules and Regulations, as may be amended, supplemented or re-enacted from time to time (collectively, the “Act”). Other capitalized terms found in this Policy shall have the same meaning ascribed to them in the Terms of Use.

 

This Policy governs the Processing of Personal Information that we receive from you and other legitimate sources as well as those that we generate pertaining to you, and other important aspects relating to protection and privacy of your Personal Information.

What Personal Information We Collect and Process

The following Personal Information may be supplied by you or collected from you and other legitimate sources as a result of your access to or use of eZHealth:

(i) full name;
(ii) email address;
(iii) clinic address, including street name and number;
(iv) phone number (optional);
(v) specimen signature;
(vi) Professional Regulation Commission (“PRC”) ID;
(vii) bank account number or Gcash number;
(viii) Certificate of Good Standing issued by PRC;
(ix) Certification necessary to prove specialization, continuing education, and qualification for practicing as a Health Care Professional;
(x) awards and recognitions received;
(xi) photograph or video images or voices or sounds;
(xii) unique identifiers associated with your mobile device, Internet Protocol (“IP”) Address, browser, type, user session, traffic data, location data and log in details like password, fingerprint and facial recognition information; and
(xiii) ePrescriptions and referrals that you issued via eZHealth.

If you do not provide certain requested Personal Information to us, we may not be able to provide you with access to and use of eZHealth or its services, or to fulfill one or more of its functions applicable to you.

 

We may also collect or receive Personal Information relating to you from other legitimate sources such as our clients, partners, service providers and government authorities that have the right or authority, or which may have been permitted or authorized by you, to provide or share with us your Personal Information.

 

The notes and communications, including information contained therein, relating to the medical consultation between you and a User conducted via eZHealth shall be protected by end-to-end encryption and are not collected and processed and cannot be accessed or decrypted by ISPI notwithstanding that they may be saved or stored in your eZHealth account or the eZHealth account of the concerned User.

 

ISPI shall not have access to any information you directly provide to platforms outside eZHealth, that are operated or controlled by third parties. Other than your bank account number or Gcash number that we will use for the remittance to you of the Consultation Fees due to you, we do not collect or Process your financial information, like bank account, credit or debit card, GCash, e-wallet, e-payment or similar details, that you may provide to our electronic payment partners. For your information and security, you shall be prompted/notified before being directed to an external platform.

Why We Collect Your Personal Information

Your Personal Information will be collected when you use eZHealth. You will also be requested to provide your Personal Information upon registration or creation of your account, and every time you use eZHealth. You will also need to provide Personal Information when you communicate with us or when you use eZHealth to communicate with third parties like the Users.

 

Any Personal Information supplied by you or collected from you or other legitimate sources because of your use of eZHealth will be used for one or more of the following purposes:

(i) To create, administer, and update your account;
(ii) To enable you to utilize or access a feature or function of eZHealth;
(iii) To allow us and the Users to verify your identity to determine your professional qualifications and competency and to decide whether to provide you with access to Personal Information;
(iv) To deposit or remit payment to you for professional services rendered using eZHealth;
(v) To contact you physically or electronically, to respond to your queries, or to send you notifications for alerts, appointments or reminders you set up in eZHealth;
(vi) To enable communication between you and third parties;
(vii) To offer you additional products and services and to communicate or inform you about marketing and promotion programs that may be of interest to you;
(viii) To enable us to better understand your needs and interests and personalize your experience with eZHealth;
(ix) To monitor and analyze the use of eZHealth;
(x) To make announcements and/or provide you with eZHealth updates and modifications;
(xi) To enforce this Policy and the Terms of Use;
(xii) To comply with banking, data protection, tax, health and other applicable laws and regulations;
(xiii) To comply with data collection, contract tracing, patient or disease case investigation and reporting or notification obligations to governmental or health authorities that are imposed on us by applicable laws or regulations or that we undertake pursuant to contracts, agreements or arrangements with partners, government authorities or third parties who engage your services or employ you through the eZHealth or whose products or services are provided, rendered or delivered, partially or wholly, through eZHealth; and
(xiv) For other legitimate purposes allowed by applicable laws or incidental to the foregoing.

During account creation, your PRC ID shall be validated through automated means against publicly available information to confirm that you are qualified to practice your profession as a Health Care Professional. This automated processing will involve the automated comparison of your PRD ID details with the information provided by regulatory authorities like the PRC. You understand that you may or may not be allowed to open an account in eZHealth based on the results of such automated validation.

To Whom Do We Disclose Your Personal Information

Your Personal Information will be displayed in your profile page in eZHealth. You are aware that Users desiring to engage your services through eZHealth will have access to the following Personal Information pertaining to you:

(i) name;
(ii) professional license number;
(iii) complete clinic address;
(iv) specialization and awards received if any;
(v) clinics and/or hospitals where you practice; and
(vi) time and availability,

and for the above purpose, your prior consent will be solicited and required through eZHealth.

 

The Users interested in engaging your services through eZHealth will need the foregoing Personal Information to enable them to ascertain and evaluate your qualifications and to contact you.

 

You acknowledge that we will not be held responsible for the collection and/or Processing of your Personal Information by the Users. This Policy does not apply to the Users or third parties that you share your Personal Information with. They may have their own policies for collecting and Processing your Personal Information, and you are solely responsible for obtaining these privacy policies from them, and for understanding, accepting and consenting to them. Nevertheless, we highly recommend that you safeguard your Personal Information and carefully think before disclosing or agreeing to the disclosure or sharing of any Personal Information.

 

You are aware that our other partners, including government authorities and local government units, that engage your services or employ, whose products or services are provided, rendered or delivered, wholly or partially, through eZHealth, including those products and services relating to vaccination and testing for COVID-19 or other diseases, will have access to your Personal Information and you hereby agree or consent to the disclosure and sharing of your Personal Information to the said partners. The Personal Information shared or disclosed to such partners may be retained, stored or Processed by them for legitimate purposes determined by them and in such case, the Processing by them of your Personal Information shall be governed by the Act and applicable laws and the privacy policies and rules of the said partners and each of such partners will be deemed a personal information controller for such purpose.

 

The data sharing contemplated in this Policy adopts the security measures of ISPI embodied in this Policy for processing of Personal Information starting from collection, to storage, to use, to disclosure to retention until the destruction of Personal Information. Nevertheless, we highly recommend that you safeguard your Personal Information and carefully think before disclosing or agreeing to the disclosure or sharing of any Personal Information. If you would like to view the Data Sharing Agreements between ISPI and our other partners, including government authorities and local government units, we will send these to you upon request.

 

You acknowledge that we will not be held responsible for the collection and/or Processing of your Personal Information by our partners, including government authorities and local government units, who have been authorized by you or have other legal basis to access or obtain your Personal Information from us. They are considered third parties and this Policy does not apply to third parties that you share your Personal Information with or to whom your Personal Information is disclosed or shared with your consent. These partners will have their own policies for collecting and Processing your Personal Information, and you are solely responsible for obtaining these privacy policies from them, and for understanding and accepting or consenting to them. Nevertheless, we highly recommend that you safeguard your Personal Information and carefully think before disclosing or agreeing to the disclosure or sharing of any Personal Information.

 

You expressly agree that ISPI and its Affiliates will not be held liable for any losses or damages caused by such User’s or third party’s collection and/or processing of your Personal Information.

 

We may disclose your Personal Information to our Affiliates and independent contractors. These independent contractors assist us in operating eZHealth, data storage, maintenance services, web analytics, and payment processing. These third parties will have access to your Personal Information exclusively for the purpose of performing the tasks herein described and under contractual obligation to keep your Personal Information confidential and secure.

 

We may also disclose your Personal Information with the government, courts of law, law enforcement officials, our attorneys, professional advisers, dealers, sponsors or promoters, collection agencies, or other private individuals in order to comply with applicable laws, or to the extent required of us to disclose in order to prevent danger or harm to us, to any person or property, to exercise our rights, to avail of legal remedies available to us or to respond to claims and legal processes such as subpoenas, and other government and court orders. We may also disclose Personal Information that we believe to be contrary to law, unethical, or legally actionable in a court of law.

 

We may disclose or report your Personal Information to the Department of Health or other relevant government or health authorities if you use eZHealth for services relating to COVID-19 testing and/or vaccination as required by applicable laws and regulations. If you use eZHealth for services relating to COVID-19 testing and/or vaccination, we may be required under applicable laws or regulations to make a mandatory report or notification to the DOH or other relevant government or health authorities pertaining to you or the concerned Users or patients which may include your Personal Information.

 

Lastly, we may share your Personal Information in case of corporate transaction like a merger or acquisition of our company, or a sale of all, substantially all, or part, of our assets or businesses including eZHealth.

 

Except as expressly enumerated in this Policy, we do not share your Personal Information to any third party without your consent.

User Sharing of Personal Information

eZHealth provides options for Users to share their Personal Information with you. You understand that you will be acting as a personal information controller of such Personal Information to the extent that you act in your capacity as an independent Health Care Professional or practitioner and not as an employee or contractor of our other partners. This Policy does not apply to such collection and Processing of any Personal Information of Users by you. If you act as a personal information controller, you will need to have your own privacy policy for collecting and Processing the said Personal Information, and you are solely responsible for notifying the Users of your privacy policy, ensuring that they understand, accept and consent to them, and complying with the Act and all applicable laws and regulations with respect to your Processing of their Personal Information.

 

You expressly agree that ISPI and its Affiliates will not be held liable for any losses or damages caused by your collection and/or Processing of Personal Information of Users.

 

How We Protect Your Personal Information

We take all reasonable steps to ensure that your Personal Information is processed securely from collection to destruction.

 

We implement organizational, physical, and technical measures intended to protect your Personal Information end to end starting from collection until destruction against any accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing. In the same way, we conduct regular audits to make sure that the third parties to whom your Personal Information is shared has the same standards of integrity, confidentiality, and security.

 

ISPI implements data encryption, firewall, password-protection, authentication mechanisms and other security measures to safeguard your Personal Information.

Where and How Long Do We Keep Your Personal Information

Where and How Long Do We Keep Your Personal Information

 

We may hold your Personal Information in either electronic or hard copy form. We will retain your Personal Information to the extent that such retention is necessary to provide you with any of the features or functions in eZHealth, for us to comply with our legal obligations, to resolve disputes, and/or enforce our agreements with you, and for such purpose, we may continue to retain certain of your Personal Information even after your account is deleted or if you have opted to delete your Personal Information.

 

When your Personal Information is no longer needed, we shall take reasonable steps to either destroy or anonymize your Personal Information.

 

The following factors will be considered in disposing your Personal Information:

(i) Use and Purpose;
(ii) Content;
(iii) Importance;
(iv) Health and Safety; and
(v) Compliance with legal and regulatory requirements.

Notwithstanding anything to the contrary in this Policy, we may retain your information if it is reasonably necessary to comply with a law, or any government regulation or request and to safeguard the rights of any individual, to remedy any technical or security issues, to address fraud or other illegal acts. Nothing in this Policy shall limit your right to any legal defenses or objections that you have against any third party including government’s request for your Personal Information.

How To Access, Correct, and Delete Your Personal Information

Your electronic correspondence done using eZHealth is encrypted and kept in eZHealth for your convenience, but you can delete them at any time using the delete button save for some of the Personal Information anonymized by ISPI as explained in this Policy or the Personal Information retained by ISPI for purposes of archiving or preserving your Personal Information in case of investigation, disputes, or legal proceedings as mentioned in the Terms of Use.

 

You may access and correct your Personal Information in eZHealth. If you want a copy of your Personal Information, please email us in the email address provided below and we will provide you a copy of your Personal Information within a reasonable period upon receiving your request or such period as may be provided in applicable laws or regulations.

What Rights Do You Have

The Act affords you the following rights in relation to your Personal Information:

  • right to be informed;
  • right to access;
  • right to object;
  • right to erasure or blocking;
  • right to damages;
  • right to file a complaint;
  • right to withdraw your consent;
  • right to rectify; and
  • right to data portability.

Regarding the right to erasure, we emphasize that this is not an absolute right. A request for erasure may be denied when your Personal Information is still necessary for the fulfillment of the purpose/s for which said Personal Information was obtained or to be able to comply with a legal obligation which requires the processing of Personal Information, among others.

You may read more about your rights at: https://privacy.gov.ph/know-your-rights

How To Contact Us

For any questions, feedbacks, or complaints about your data privacy rights or this Policy, you may reach the ISPI Data Privacy Officer:

Postal address: Km 14 West Service Road South Superhighway cor Edison Ave. Sun Valley Paranaque City 1700 Philippines

Email: zpsdataprivacy@zuelligpharma.com

Telephone number: +632 79082222

Changes to this Privacy Policy

We reserve the right to modify or update this Policy as eZHealth evolves to keep up with the changes in the services that we provide, the government and regulatory requirements, to adapt to the ever-changing technology, and to align with industry practices. You can determine when this Policy was last revised by referring to the “LAST UPDATED” date at the top of this Policy. You should check this from time to time in eZHealth so you are updated on our latest Policy.

 

We will maintain our commitment to protect and value your privacy. Any changes made to this Policy shall be communicated to you by sending you a notification in eZHealth of said changes along with the date of effectivity. Unless otherwise stated in the changes, such changes will apply to all Personal Information that we collect or have collected.

 

If you do not want your Personal Information to be subject to any changes made to this Policy, you have to close your account and stop using eZHealth.

Consent and Warranties

Subject to the exceptions provided by law, this Policy and the Terms of Use, this consent shall be effective as of the date of execution of this Policy until revoked.

 

As the Data Subject, you have the right to withdraw your consent at any time. However, if you withdraw your consent, you will not be able to use eZHealth, unless if the withdrawal of consent pertains only to certain Personal Information or purposes of Processing Personal Information which may still allow you to continue to use eZHealth with limited functionalities. We will inform you of the effect of your withdrawal of consent upon your exercise of such right. If the effect of your withdrawal of consent will make you unable to use eZHealth and you would still like to proceed with such withdrawal of consent, please unsubscribe to eZHealth and delete the eZHealth application. The deletion of eZHealth shall be tantamount to a withdrawal of your consent with such effect.

Copyright © eZHealth 2022. All Rights Reserved

Scroll to Top