Privacy and User Data Policy

PIQYU Health Privacy and User Data Policy (Global Compliant)

Introduction

PIQYU Health, operated by Quiqup Innovations Private Limited, is committed to protecting your personal and sensitive health data in accordance with global data privacy regulations. This Privacy and User Data Policy (“Policy”) explains how we access, collect, use, and share your data through our app and website (collectively, the “Platform”) to provide at-home health checkup services.

Data We Collect (Following principles of Minimization and Purpose Limitation)

We adhere to the principles of data minimization and purpose limitation by only collecting the data essential to deliver our services. We categorize the data collected as follows:

  • Personal Data (Following GDPR and CCPA definitions): This includes information that can directly identify you, such as name, email address, phone number, date of birth, and billing address. We will only collect this data when necessary to process your orders, schedule appointments, and deliver your reports securely.
  • Sensitive Data (Following GDPR and CCPA definitions): This includes health information like medical history, test results, medications, and diagnoses. We understand the sensitive nature of this data and will only collect it with your explicit consent.

How We Use Your Data (Following principles of Lawfulness, Transparency, and Purpose Limitation)

We utilize your data solely for the following lawful purposes, adhering to the principle of transparency:

  • To process your health checkup test orders.
  • To schedule phlebotomist appointments for sample collection.
  • To securely deliver your test reports.
  • To communicate with you about your orders, appointments, and test results.
  • To improve our Platform and services, ensuring continued functionality and user experience.
  • To comply with legal and regulatory requirements, including mandatory reporting obligations.

Data Sharing (Following principles of Accountability and Transparency)

We share your data only with authorized third-party service providers who assist us in operating the Platform and delivering our services. These providers may include laboratories, phlebotomist companies, and data storage providers. We implement strict contractual agreements ensuring these providers:

  • Maintain the confidentiality and security of your data following global data privacy regulations.
  • Process your data only for the specific purposes outlined in our agreement with them.

We will not share your data with any other third party without your explicit consent, except as required by law or a court order.

Data Security (Following principles of Integrity and Confidentiality)

We prioritize the integrity and confidentiality of your data by implementing robust security measures:

  • Secure data storage using industry-standard encryption methods, both in transit and at rest.
  • Access controls to limit access to your data to authorized personnel with a strict “need-to-know” basis.
  • Regular security audits and penetration testing to identify and address vulnerabilities.
  • Employee training on data privacy and security best practices.

Data Retention and Deletion (Following principles of Storage Limitation and Data Minimization)

We adhere to the principles of storage limitation and data minimization by retaining your data only for as long as necessary to:

  • Fulfill the purposes described in this Policy.
  • Comply with legal and regulatory requirements.

You have the right to request deletion of your data, subject to certain legal exceptions. To exercise this right, please contact us at tech@piqyu.com.

Your Rights under Global Data Privacy Regulations

We empower you with control over your data, adhering to global data privacy regulations:

  • Right to Access: You have the right to request a copy of your personal data that we hold.
  • Right to Rectification: You have the right to request correction of any inaccuracies in your data.
  • Right to Restriction: You have the right to restrict the processing of your data in certain situations.
  • Right to Object: You have the right to object to the processing of your data for direct marketing purposes.
  • Right to Data Portability: In some jurisdictions, you have the right to request the transfer of your data to another service provider.
  • Right to Erasure (Right to be Forgotten): You have the right to request deletion of your data, subject to certain legal exceptions.

To exercise any of these rights, please contact us at tech@piqyu.com.

Changes to this Policy

We reserve the right to update this Policy periodically. We will notify you of any changes by posting the new Policy on the Platform.

Contact Us

If you have any questions about this Policy or your data privacy rights, please contact us at tech@piqyu.com.