This Terms & Conditions and Privacy
Notice (“Policy”) describe how MyDocLab Sdn. Bhd., its respective subsidiaries,
affiliates, associated companies and jointly controlled entities (collectively
“MyDocLab”, “we”, “us” or “our”) collect, use, process and disclose your
Personal Data through the use of MyDocLab’s mobile
applications and websites (respectively “Apps” and “Websites”), as well as
products, features and other services globally, operated by MyDocLab
(collectively, “Services”). This Policy applies to our customers, agents,
vendors, suppliers, partners, contractors and service providers (collectively
“you”, “your” or “yours”).
MyDocLab may amend and update this Policy at
anytime and the any amendments will be effective upon posting of updated Policy
on the application services. Your consent will be bound by the updated Policy
by continuing to use the Apps and Websites, upon any posting of Policy updates.
MyDocLab is a mobile application to offer several types of diagnostic
test services. It allows the users to conveniently access to a range of
diagnostic tests at the healthcare facilities of interest.
Product & Services offered
MyDocLab offers several types
of diagnostic tests for the users. It allows the users to conveniently access
diagnostic tests at the healthcare facilities of interest.
During signing up an account,
your personal information will be collected by MyDocLab.
You must be of legal age in
order to form a binding contract.
Upon signing up, you agree that
your personal information provided is correct, accurate and up to date.
Account credentials are to be
kept confidential and you are responsible for maintaining your credentials and
for all activities that occur under your account.
MyDocLab reserves the right to
take necessary actions in regard to the security of your account information
and the App.
Healthcare facilities that
register in MyDocLab are independent professionals and only delivers diagnostic
services to the MyDocLab users.
Healthcare facilities should
strictly follow SOPs in performing the diagnostic tests.
MyDocLab does not generate any
health passes that determine the functionality of publicly available COVID-19
status, such as determining the individual’s eligibility for travel or entry
into public spaces. MyDocLab only provides test certificates for the users to
know their test outcomes.
MyDocLab is not a substitute
for medical advice. Users of the application should consult their Healthcare
Professional before making any health, medical or other decisions based upon
the data contained herein.
Healthcare providers should
exercise their own independent clinical judgment when using the mobile app in
conjunction with patient care.
We maintain strict
confidentiality of all client information. The client data is protected under
the Personal Data Protection Act 2010 (PDPA) of Act 709.
Prepayment is required before
testing can be initiated.
Our payment terms are advance
and full payment. Client will need to satisfy payment through MyDocLab mobile
application when client registers and makes booking for the test. We accept all
Visa and Mastercard.
The fee to be charged is as
indicated in the App.
Such fees are subject to change
at the discretion of MyDocLab at any time without prior notice.
Retesting is generally governed
by our SOP for handling out-of-specification findings. Client authorized
retesting will be billed accordingly. MyDocLab should not be held responsible for
any damage or loss incurred as the result of retesting requirement.
All test results are issued in a clear and accurate report. This
report will be sent to the customer account in the MyDocLab mobile application.
Reports are submitted for exclusive use by our clients. No reference to the
work, the results, or to MyDocLab may be made in any form of advertising, news
release or other public announcement without written authorization from MyDocLab.
Any arising conflicts pertaining to the services that require
reissuance of report is subjected to MyDocLab’s
decision and approval.
Conditions of Reporting
It is presumed that the tests performed on the specimen belong to
the patient named or identified.
Results of tests may vary from laboratory to laboratory and also in
same parameters from time to time for the same patient. Should the results
indicate an unexpected abnormality, the same should be reconfirmed.
In the event where sample re-collection is required, the collection
of fresh specimen will be done upon authorization by
The time for re-collection of the sample shall be advised by MyDocLab
upon payment by client.
Sample Retention, Discard and
MyDocLab follows strict guidelines specified by Ministry of Health
Malaysia for sample retention and discard after completion of testing. Due to
the hazardous risk possessed by the sample, any request to return the sample to
the client will not be entertained.
MyDocLab mobile application is our online booking application with
Integrated Payment Gateway for customers who wish to avail to our service by
making an advance/full payment to MyDocLab Sdn. Bhd.
For samples that are not yet collected. The entire amount paid will
be refunded in the below events:
If registration and booking has
been done but the service cannot be provided at the agreeable time.
If customer has done multiple duplicate
registration and booking due to system errors.
If MyDocLab had not made any
adequate attempt to provide service.
In all other scenarios other than the mentioned above, RM10 will be
deducted as cancellation charges.
For sample collected, processed but fully cancelled by laboratory
(all tests unreported) due to technical reasons, MyDocLab will collect fresh
specimens and process the same free of cost upon authorization from client.
Alternatively, the client reserves the right to ask for refund which shall be
granted in full to the client as the case may be.
All refunds are processed as fund transfer in the name of the
beneficiary within 14 working days from the date of cancellation.
Conditions of Sale, Warranty
and Limit of Liability
MyDocLab provides services to its clients on a fee-for-service
basis. All services are performed by MyDocLab in accordance with the service
notes, terms and conditions specified in the test schedule.
The only warranty that MyDocLab offers is that it will perform its
services with due care in accordance with its outlined SOPs and generally prevailing
industry standards and applicable government regulations. The only remedy for
breach of this warrant will be to require MyDocLab to repeat the services or to
be credited for fees paid for services performed.
1.1. This Terms & Conditions and Privacy Notice (“Policy”) describe
how MyDocLab Sdn. Bhd., its respective subsidiaries, affiliates, associated
companies and jointly controlled entities (collectively “MyDocLab”, “we”, “us”
or “our”) collect, use, process and disclose your Personal Data through the use
of MyDocLab’s mobile application and websites (respectively “Apps” and
“Websites”), as well as products, features and other services globally,
operated by MyDocLab (collectively, “Services”).
1.2. This Policy applies to our customers, agents, vendors, suppliers,
partners, contractors and service providers (collectively “you”, “your” or
1.3. MyDocLab is a data user, so are our Clients
In respect of any User and the processing of all
their Personal Data (including but not limited to Linking Data and Portal
Data), MyDocLab acts as a data user. For further information on how
MyDocLab collects, uses and discloses Users’ Personal Data, refer Item 4
Due to the way MyDocLab for Business works,
MyDocLab does not process any Personal Data for and on behalf of the Client.
Accordingly, MyDocLab is not the data processor of the Client, but an
independent data user in respect of all Personal Data that it processes in
the course of providing MyDocLab for Business feature. Likewise, the Client is
an independent data user of the Personal Data (e.g. the Linking Data and Portal
Data) that it discloses to and/or receives from MyDocLab.
As independent data users, MyDocLab and the
Client individually determine the purposes and means of processing Personal
Data, subject to the provisions set out in the Terms & Conditions and
Privacy Notice. MyDocLab and the Client are also individually responsible to
ensure the protection of Personal Data under their charge.
respects and is committed to protect clients’ personal data and information
shared with MyDocLab in strict accordance with the requirements of the Personal
Data Protection Act, Malaysia, 2010 (PDPA). The below notice will explain how
MyDocLab collects and handles client’s personal information.
with us, submitting information to us or signing up for services offered by
MyDocLab, client hereby agrees and gives consent to MyDocLab as well as its
representatives and/or agents collecting, using, disclosing and sharing amongst
themselves your Personal Data, and disclosing such Personal Data to MyDocLab
authorised service providers and relevant third parties in the manners set
forth in this Privacy Notice.
Please note that
MyDocLab may amend this Privacy Notice at any time without prior notice and
will notify client of any such amendment via our website.
Some of the
Personal Data that we collect are sensitive in nature. This includes Personal
Data pertaining to your race, national ID information, religious beliefs,
background information (including financial and criminal records, where legally
permissible), health data, disability, marital status and biometric data, as
applicable. We collect this information only with your consent and/or in strict
compliance with applicable laws.
provide Personal Data of other individuals to us
situations, you may provide Personal Data of other individuals (such as your
spouse, family members or friends) to us. For example, you may add them as your
emergency contact. If you provide us with their Personal Data, you represent
and warrant that you have obtained their consent for their Personal Data to be
collected, used and disclosed as set out in this Policy.
2.1. Types of Personal Data MyDocLab Collects.
The types of Personal Data that MyDocLab
collects directly from client or from third parties may include (but not
client’s personal data
(name, age, gender, identity card number, passport number, date of birth,
origin, nationality, citizenship).
contact details (address,
email, phone numbers)
travel information (travel
history, flight information, airlines used to travel)
family information (marital
status, name of spouse, children and/or immediate family
medical or personal health
information (medical and healthcare history, health and mental condition and
demographic information (age
group, medical history, genetic characteristics)
(credit/debit card number, name of cardholder, card issuing country, card
expiry date and banking details)
photographs, CCTV recordings
and other images
other information related to
processing activities services used by the client (Refer to 4.1.2)
Below you will find an overview of the data
processing activities by MyDocLab, irrespective of whether or not the data is
subject to the GDPR and irrespective of whether MyDocLab is qualified under
Applicable Law as a data controller or processor. In the table below, data
which is not to be considered as personal data under the GDPR is indicated in
red. This data constitutes the bulk of the data processed by MyDocLab, being
the PCR-data and derived results, as well as anonymized and aggregate non-personal
Even though GDPR
does not apply to this type of data, MyDocLab wants to emphasize that it
handles all data – be it personal data under the scope of the GDPR or not –
with all due care.
Types of (Personal) Data processed by MyDocLab
Ways, purposes, means of the data processing activities.
Duration of the data processing
Categories of Data subjects
PCR-data and derived results
(Patient de-identified test data
including but not limited to raw
data, genetic data, results,
subject-information, used assay
Laboratory information (including but not limited to laboratories, devices)
Store, process, visualize.
To improve and/or expand the products and services offered by MyDocLab.
Stored for 10 years, or the
complete product lifecycle
period of the product as a
medical device (required by
Anonymized and aggregate non-personal data
(i.e. information that has been
stripped of subject-information
and aggregated with information
of others or anonymized so that
the subject cannot reasonably be
identified as an individual)
May be shared with third-parties e.g. through anonymized demo data, epidemiology analyses or summary reports.
Stored for up to 100 years
User identification information
(i.e. personal (e-)identification data such as e-mail address, name, title, geography, IP address, cookies, session information._
To improve and/or expand the products and services offered by MyDocLab.
Support services (including personalised follow-up regarding old and new features)
User information is stored within the Admin module in the West-European region.
Stored until 5 years after license expiry
(i.e. financial identification data: name, geography, identification number, etc.)
Used for accounting and compliance purposes.
Used for customer due diligence, embargo, and sanctions screening
To provide summary reports to diagnostic companies where applicable
Customer and accounting information is stored for 10 years
In addition, MyDocLab may from time to time
request for certain other personal information, that may be relevant to
MyDocLab services implementation.
All information requested is obligatory to be
provided by the client unless stated otherwise. MyDocLab would not be able to
process client’s request or provide relevant facilities and/or services and/or
transactions should the client fail to furnish MyDocLab with the necessary information.
2.2. How MyDocLab Collects Client’s Personal Data?
Any Personal Data is obtained by MyDocLab via;
Online booking through MyDocLab mobile
A person acting on behalf of the individual
whose data are provided.
Other sources and related links in connection
with providing of client’s needs and services.
2.3. How MyDocLab Uses Client’s Personal Data?
Purposes for which data may be used and/or
processed are as follows:
To process requested medical services and
To process any payments relevant to the client.
For insurance purposes.
For internal investigations, audit or security
To comply with MyDocLab’s legal and regulatory
obligations in the conduct of its business.
For MyDocLab’s internal record management.
For prevention, hindrance, reporting of any
crime including but not limited to fraud, bribery and money laundering.
Purposes relating thereto.
2.4. Why MyDocLab Collects Client’s Personal Data?
Providing services and features
Provide you with Services across our various
Engage you to provide Services;
Create, administer and update your account;
Conduct due diligence checks;
Verify your identity;
Verify your age (where necessary);
viii. Make your experience more seamless, such as automatically filling in
your registration information (such as your name or phone number) from
one Service to another Service or when you participate in our surveys;
Perform internal operations necessary to provide
our Services, including troubleshooting software bugs and
operational problems, conducting data analysis, testing and
research, monitoring and analysing usage and activity trends;
Protect the security or integrity of the
Services and any facilities or equipment used to make the Services
enable our partners to manage and allocate fleet
fulfill the services to you as a data processor,
where you have provided consent to the data controller (i.e. the organisation
you had purchased goods or services from, and for whom MyDocLab is providing
services on behalf of) for such services to be rendered.
Safety and Security
Verifying your identity when you log in.
Using device, location, profile, usage and other
Personal Data to prevent, detect and combat fraud or unsafe activities;
Monitoring compliance with our terms and
conditions, policies and our partner’s and staff Code of Conduct; and
Detecting, preventing and prosecuting crime.
Investigate and address concerns;
Monitor and improve our customer support
Respond to questions, comments and feedback; and
Inform you about steps taken to resolve customer
Research and development and security
Testing, research, analysis and product
Understand and analyse client’s needs and
Protect client’s Personal Data, improve and
enhance the safety and security of our Services.
Develop new features, products and services, and
facilitate insurance and finance solutions.
To investigate and resolve claims or disputes,
or as allowed or required by applicable law.
When we are required, advised, recommended,
expected or requested to do so by our legal advisors or any local or foreign
legal, regulatory, governmental or other authority. For example, we may use
your Personal Data to: comply with court orders or other legal, governmental or
regulatory requirements; enforce our Terms of Service or other agreements; and
protect our rights or property in the event of a claim or dispute.
Utilize data in connection with mergers,
acquisitions, joint ventures, sale of company assets, consolidation,
restructuring, financing, business asset transactions, or acquisition of all or
part of our business by another company.
Marketing and promotions
We may use your Personal Data to market
MyDocLab, sponsors’ and advertisers’ products, services, events or promotions.
For example, we may: send you alerts, newsletters, updates, mailers,
promotional materials, special privileges, festive greetings; and notify,
invite and manage your participation in our events or activities.
We may communicate such marketing to you by
post, telephone call, short message service, online messaging service, push
notification by hand and by email.
2.5. Disclosure of Client’s Personal Data
Data held by MyDocLab relating to the client
will be kept confidential but MyDocLab may provide or disclose such information
to the following parties (whether within or outside of Malaysia)
Governmental agencies, governmental authorities
and other regulatory bodies.
Subsidiaries, associated companies, jointly
controlled entities and affiliates.
Relevant third parties as required under law for
the purposes stated in 4.3 above.
Independent consultants and specialists within
Professional advisers such as external auditors,
legal advisors, and/or financial advisers or any third party required by law,
regulation, subpoena, court order or other legal process.
Third part payers including insurance companies.
If a client has any queries or complaints
relating to this Privacy Notice or otherwise relating to misuse or suspected
misuse of client’s data, complaints may be submitted trough email at
2.7. Retention of Client’s Personal Data
MyDocLab retains your Personal Data for the
period necessary to fulfill the Purposes outlined in this Policy unless a
longer retention period is required or allowed by law. Once your Personal Data
is no longer necessary for the Services or Purposes, or we no longer have a
legal or business purpose for retaining your Personal Data, we take steps to
erase, destroy, anonymise or prevent access or use of such Personal Data for
any purpose other than compliance with this Policy, or for purposes of safety,
security, fraud prevention and detection, in accordance with the requirements
of applicable laws.
2.8. Cookies And Advertising On Third Party Platforms
MyDocLab, and third parties with whom we
as HTML5 and Flash (sometimes called “flash cookies”), advertising identifiers
(including mobile identifiers such as Apple’s IDFA or Google’s Advertising ID)
and similar technology (“Cookies”) in connection with your use of the Websites
and Apps. Cookies may have unique identifiers, and reside, among other places,
on your computer or mobile device, in emails we send to you, and on our web
pages. Cookies may transmit Personal Data about you and your use of the
Service, such as your browser type, search preferences, IP address, data
relating to advertisements that have been displayed to you or that you have
clicked on, and the date and time of your use. Cookies may be persistent or
stored only during an individual session.
on the Websites and Apps to collect the same type of Personal Data for the same
purposes MyDocLab does for itself. Third parties may be able to associate the
Personal Data they collect with other Personal Data they have about client from
other sources. We do not necessarily have access to or control over the Cookies
Additionally, we may share non-personally
identifiable Personal Data with third parties, such as location data,
advertising identifiers, or a cryptographic hash of a common account identifier
(such as an email address), to facilitate the display of targeted advertising
on third party platforms.
If clients do not wish for your Personal Data to
be collected via Cookies on the Websites, you may deactivate cookies by
adjusting your internet browser settings to disable, block or deactivate
cookies, by deleting your browsing history and clearing the cache from your
internet browser. You may also limit our sharing of some of this Personal Data
through your App (Settings > Privacy > Ads) and mobile device settings.
2.9. Protection Of Personal Data
We will take reasonable legal, organisational
and technical measures to ensure that your Personal Data is protected. This
includes measures to prevent Personal Data from getting lost, or used or
accessed in an unauthorised way. We limit access to your Personal Data to our
employees on a need to know basis. Those processing your Personal Data will
only do so in an authorised manner and are required to treat your information
Nevertheless, please understand that the
transmission of information via the internet is not completely secure. Although
we will do our best to protect your Personal Data, we cannot guarantee the
security of your Personal Data transmitted through any online means, therefore,
any transmission remains at your own risk.
2.10. Clients’ Rights With Respect To Their Personal
In accordance with applicable laws and
regulations, you may be entitled to:
Ask us about the processing of your Personal
Data, including to be provided with a copy of your Personal Data;
Request the correction and/or (in some cases)
deletion of your Personal Data;
In some cases, request the restriction of the
processing of your Personal Data, or object to that processing;
Withdraw your consent to the processing of your
Personal Data (where we are processing your Personal Data based on your
Request receipt or transmission to another
organisation, in a machine-readable form, of the Personal Data that you have
provided to us where we are using your Personal Data based on consent or
performance of a contract; and
Complain to the relevant data privacy authority
if your data privacy rights are violated, or if you have suffered as a result
of unlawful processing of your Personal Data.
Where you are given the option to share your
Personal Data with us, you can always choose not to do so. If we have requested
your consent to processing and you later choose to withdraw it, we will respect
that choice in accordance with our legal obligations.
However, choosing not to share your Personal
Data with us or withdrawing your consent to our use of it could mean that we
are unable to perform the actions necessary to achieve the purposes of
processing described in Section 4.3 (Why MyDocLab Collects Client’s Personal
Data?) or that you are unable to make use of the Services.
After you have chosen to withdraw your consent,
we may be able to continue to process your Personal Data to the extent required
or otherwise permitted by applicable laws and regulations.
If you wish to make a request to exercise your
rights, you can contact us through our contact details set out in Contact Us
We will screen and verify all requests
beforehand. In order to verify your authority to make the request, we may
require you to provide supporting information or documentation to corroborate
the request. Once verified, we will give effect to your request within the
timelines prescribed by applicable laws.
2.11. Amendments And Updates
have the right to modify, update or amend the terms of this Policy at any time
by placing the updated Policy on the Websites. By continuing to use the Apps,
Websites or Services, purchase products from MyDocLab or continuing to
communicate or engage with MyDocLab following the modifications, updates or
amendments to this Policy, you signify your acceptance of such modifications,
updates or amendments.
2.12. Client continues usage of MyDocLab, services, facilities and or
account(s) is deemed consent for MyDocLab to collect, process and store the
data in accordance with the above.