1. Overview
Go4Health Global Ltd. ("we," "our," or "us") is committed to protecting your privacy and maintaining the confidentiality of your personal and medical information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our medical tourism services, visit our website, or interact with us.
HIPAA Compliant
GDPR Compliant
ISO 27001
We are fully compliant with:
- Health Insurance Portability and Accountability Act (HIPAA)
- General Data Protection Regulation (GDPR)
- Data Protection Act 2018 (UK)
- California Consumer Privacy Act (CCPA)
- Other applicable international data protection laws
3. How We Use Your Information
3.1 Primary Purposes
- Medical Care Coordination: Facilitating consultations, treatments, and medical services
- Travel Arrangements: Organizing transportation, accommodation, and logistics
- Communication: Providing updates, support, and emergency assistance
- Legal Compliance: Meeting regulatory and legal requirements
3.2 Secondary Purposes
- Quality improvement and service enhancement
- Research and analytics (anonymized data only)
- Marketing communications (with your consent)
- Fraud prevention and security monitoring
4. Information Sharing and Disclosure
4.1 Authorized Sharing
We share your information only with your explicit consent or as required for your medical care:
- Healthcare Providers: Partner hospitals, doctors, and medical staff
- Travel Partners: Airlines, hotels, and transportation services
- Insurance Companies: For coverage verification and claims processing
- Legal Authorities: When required by law or court order
4.2 Service Providers
We may share information with trusted third-party service providers who assist us in:
- IT services and data storage
- Payment processing
- Communication services
- Quality assurance and compliance monitoring
All service providers are bound by strict confidentiality agreements and data protection requirements.
5. Data Protection and Security
5.1 Security Measures
- Encryption: All data is encrypted in transit and at rest using AES-256 encryption
- Access Controls: Role-based access with multi-factor authentication
- Network Security: Firewalls, intrusion detection, and regular security monitoring
- Physical Security: Secure data centers with restricted access
- Regular Audits: Annual security assessments and penetration testing
5.2 Data Backup and Recovery
- Regular automated backups with geographic redundancy
- Disaster recovery procedures and business continuity planning
- Data integrity monitoring and verification
6. Your Rights and Choices
Under applicable data protection laws, you have the following rights:
6.1 Access and Portability
- Request access to your personal data
- Receive a copy of your data in a portable format
- Request transfer of your data to another provider
6.2 Correction and Deletion
- Correct inaccurate or incomplete information
- Request deletion of your personal data (subject to legal requirements)
- Object to processing of your data
6.3 Communication Preferences
- Opt-out of marketing communications
- Choose communication methods and frequency
- Withdraw consent for non-essential processing
To exercise your rights: Contact our Data Protection Officer at privacy@go4healthglobal.com or use our contact form.
7. Special Protections for Medical Data
7.1 HIPAA Compliance
As a healthcare service provider, we comply with HIPAA requirements for protected health information (PHI):
- Medical information is shared only for treatment, payment, and healthcare operations
- Written authorization required for non-routine disclosures
- Minimum necessary standard applied to all disclosures
- Patient rights regarding medical records are fully honored
7.2 International Medical Data Transfers
- Medical data transfers use secure, encrypted channels
- Partner hospitals meet international data protection standards
- Cross-border transfer agreements ensure continued protection
- Patient consent obtained for all international medical data sharing
8. Cookies and Tracking Technologies
8.1 Types of Cookies
- Essential Cookies: Required for website functionality
- Analytics Cookies: Help us understand website usage
- Marketing Cookies: Used for targeted advertising (with consent)
- Preference Cookies: Remember your settings and preferences
8.2 Cookie Management
You can control cookies through:
- Browser settings to accept, reject, or delete cookies
- Our cookie preference center on the website
- Third-party opt-out tools for marketing cookies
9. International Data Transfers
As a global medical tourism provider, we may transfer your data internationally for legitimate business purposes:
9.1 Transfer Safeguards
- Standard Contractual Clauses (SCCs) for EU data transfers
- Adequacy decisions where available
- Binding Corporate Rules (BCRs) for intra-group transfers
- Additional security measures for sensitive data
9.2 Countries We Transfer Data To
- European Union member states
- United States (with appropriate safeguards)
- Canada (adequacy decision)
- Other countries where our partner hospitals are located
10. Data Retention
10.1 Retention Periods
- Medical Records: 10 years from last treatment or as required by law
- Personal Information: 7 years from last service or longer if required
- Financial Records: 7 years for tax and regulatory compliance
- Marketing Data: Until consent is withdrawn or 3 years of inactivity
10.2 Secure Disposal
When data is no longer needed, we ensure secure deletion using:
- Cryptographic erasure for encrypted data
- Secure overwriting for unencrypted data
- Physical destruction of storage media when necessary
- Certificate of destruction for sensitive data disposal
11. Policy Updates
We may update this Privacy Policy to reflect:
- Changes in our services or business practices
- New legal or regulatory requirements
- Enhanced security measures or technologies
- Feedback from patients and stakeholders
We will notify you of material changes through:
- Email notification to registered users
- Prominent notice on our website
- Direct communication for significant changes affecting your rights