Privacy Policy

Heartland Family Clinic Pte. Ltd.

Effective Date: 1 April 2026

1. Introduction

Heartland Family Clinic Pte. Ltd. (“we”, “our”, or “us”) is committed to protecting your personal data in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”) and applicable healthcare confidentiality regulations. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you interact with us via our website, in-person visits, phone, email, messaging platforms, or social media.

2. Personal Data We Collect

We may collect personal data from you through various channels, including but not limited to:

  • Clinic visits, consultations, and medical treatments
  • Registration as a patient
  • Enquiries via phone, email, website contact forms, or messaging platforms (e.g., WhatsApp)
  • Interactions with our social media accounts (e.g., Facebook)
  • Comments submitted on our website
  • Website browsing (cookies, analytics, and device information)

Types of personal data may include:

  • Name, NRIC/FIN (or other identification numbers)
  • Contact information (phone, email, address)
  • Date of birth, gender, and demographic data
  • Medical and health-related information
  • Appointment and visit records
  • Payment and billing information
  • IP address, browser, and device information

3. Purpose of Collection, Use, and Disclosure

We collect, use, and disclose personal data only for purposes that are reasonably necessary and directly related to the services we provide, including:

  • Registration, management, and provision of medical care and treatment
  • Scheduling, reminders, and management of appointments
  • Responding to enquiries via any channel (phone, email, website, messaging, or social media)
  • Processing payments and insurance claims
  • Maintaining medical records and clinic administration
  • Improving clinic services and patient care
  • Ensuring the security of our patients and website
  • Complying with legal and regulatory obligations

We will not use your personal data for purposes other than those listed above without your consent, except where permitted or required by law.

4. Medical Confidentiality

As a healthcare provider, we maintain strict confidentiality of your medical and health-related information. Disclosure is limited to:

  • Healthcare professionals directly involved in your care and treatment on a need-to-know basis
  • Other service providers or insurers involved in administrative, billing, or claims processing with your consent where required
  • Regulatory or governmental authorities when required by law

All staff and third parties are required to maintain confidentiality in accordance with MOH and PDPA requirements.

5. Comments

Visitors leaving comments on the website may have their submitted information collected (e.g., name, email, comment content) and their IP address/browser data for spam detection purposes.

If a Gravatar service is used to display profile pictures, an anonymised hash of your email may be sent to Gravatar. More information is available at: https://automattic.com/privacy/.

6. Cookies and Analytics

We use cookies and analytics tools to enhance user experience and monitor website performance. Cookies may:

  • Store preferences for convenience
  • Enable login sessions or functionality
  • Support anonymised analytics

You may disable cookies through your browser settings; some site features may not function fully without cookies.

7. Disclosure of Personal Data

We may disclose your personal data:

  • To healthcare professionals directly involved in your care and treatment, strictly on a need-to-know basis
  • To service providers (e.g., IT, website hosting, analytics) under confidentiality obligations
  • To insurers or third-party administrators for claims processing with your consent
  • To comply with legal or regulatory obligations

Disclosure beyond these purposes will only occur with your explicit consent, except where required or permitted by law.

8. Data Retention

We retain personal data only as long as necessary for business, medical, or legal purposes:

  • Medical records: retained in accordance with healthcare regulations
  • Website comments: retained as needed for moderation and functionality
  • Enquiry and appointment records: retained only as necessary to respond to your requests

9. Protection of Personal Data

We implement reasonable safeguards, including:

  • Physical and technical access controls
  • Staff confidentiality agreements and training
  • Secure storage and encrypted systems where appropriate

10. Your Rights

Under the PDPA, you have the right to:

  • Access personal data we hold about you
  • Request correction of inaccurate personal data
  • Withdraw consent for the use of personal data (subject to legal or regulatory requirements)

Requests will be handled in accordance with PDPA procedures.

11. Data Breach Procedures

In the event of a data breach, we will:

  • Investigate and contain the breach promptly
  • Notify affected individuals where required
  • Report to the Personal Data Protection Commission (PDPC) if required

12. Third-Party Services

We may engage third-party service providers, including hosting, analytics, and spam detection. These providers process data only as instructed and under confidentiality obligations.

13. Changes to This Policy

This Privacy Policy may be updated from time to time. Updates will be posted on this page with the revised effective date.

14. Contact Us

For questions or requests regarding personal data:

Heartland Family Clinic Pte. Ltd.
Email: admin@heartlandfamilyclinic.sg
Phone: +65 6250 0655

15. Data Protection Officer (DPO)

You may contact our Data Protection Officer at:

Email: admin@heartlandfamilyclinic.sg