Back to HomeMessage us

Privacy Policy

Effective Date: January 3, 2026
Last Updated: January 3, 2026

This Privacy Policy explains how WELLSERV MEDICAL CORPORATION (“WellServ”, “we”, “us”) collects, uses, shares, and protects personal data when you use our websites, mobile apps, and related services (collectively, the “Services”).

We process personal data in accordance with the Philippines Data Privacy Act of 2012 (Republic Act No. 10173) and its implementing rules and regulations.

1. Who We Are (Personal Information Controller)

Personal Information Controller (PIC):
WELLSERV MEDICAL CORPORATION

Business Address:
Jose Abad Santos Ave., Brgy. Malapit, San Isidro, Nueva Ecija, PH, 3106

Email:
wellservmedicalcorporation@gmail.com

Data Protection Officer (DPO) / Privacy Contact:
King Jan Pocholo R. Satoh
wellservmedicalcorporation@gmail.com
+63 966 048 1902

2. What Data We Collect

Depending on your use, we may collect:

A) Account & Identity Data

  • Name, date of birth, sex, contact number, email, address
  • Patient ID and internal identifiers
  • Login and access credentials (e.g., access codes, PIN hashes), authentication tokens

B) Health & Medical Data (Sensitive Personal Information)

  • Laboratory requests and results, vital signs, diagnoses or assessments, prescriptions, imaging-related references, and medical history details encoded by you or your healthcare provider
  • Visit or encounter information (date, time, branch or clinic, attending provider)

C) Usage & Device Data

  • App and web interactions, pages viewed, and features used
  • Device identifiers (e.g., device model, operating system, browser type), app version, language, and time zone
  • IP address and approximate location derived from IP address

D) Communications

  • Messages you send to us (support requests), call logs or notes, and feedback

E) Advertising & Measurement Data (Mobile-enabled only)

  • Ad impressions, ad interactions, and related identifiers used for ad delivery and measurement, which may include device advertising identifiers, subject to platform permissions and your choices

Third-party advertising SDKs may collect some of this data directly as independent controllers or processors depending on configuration.

3. Why We Collect Data (Purposes)

We process personal data for the following purposes:

  1. Provide healthcare-related services such as viewing laboratory results, prescriptions, and visit-related records
  2. Patient identification and record matching to ensure the correct information is shown to the correct person
  3. Operational and regulatory compliance, including medical recordkeeping and responding to lawful requests
  4. Customer support and service communications (e.g., password or PIN recovery, incident follow-ups)
  5. Security, fraud prevention, and abuse prevention
  6. Analytics and service improvement, including performance monitoring, bug fixes, and user experience enhancements
  7. Advertising and monetization for the mobile app, including ad delivery and measurement, and where applicable, personalized ads subject to consent and permissions

4. Legal Bases for Processing (Philippines)

Under the Data Privacy Act and its rules, we rely on one or more of the following legal bases depending on context:

  • Consent – when you agree to specific processing, particularly for sensitive personal data, optional features, or advertising and tracking-related processing
  • Contract or Service Performance – to deliver the Services you request, such as accessing your account or medical records
  • Legal Obligation – to comply with applicable laws, regulations, and lawful government or regulatory requests
  • Legitimate Interests – to protect system security, prevent fraud, and improve service reliability, balanced against your rights and freedoms
  • Sensitive Personal Information Conditions – health data is generally prohibited to process unless lawful conditions apply, such as consent specific to purpose or other conditions allowed by law

5. How We Share Data

We do not sell your medical or health-related data.

We may share data only in limited circumstances:

A) With Service Providers (Processors or Sub-processors)

  • Hosting and database service providers
  • Error monitoring and logging providers
  • Analytics service providers
  • Email or SMS providers for notifications, if used
  • Advertising providers for ad serving and measurement, if enabled

B) With Healthcare Providers and Internal Staff

  • Authorized healthcare professionals and internal personnel who require access for patient care, consultations, and operational purposes, subject to role-based access controls

C) For Legal and Safety Reasons

  • To comply with lawful requests, enforce our terms and policies, prevent harm, and protect the rights and safety of patients, staff, and the public

D) Business Changes

  • In the event of a merger, acquisition, or organizational restructuring, personal data may be transferred subject to appropriate legal and security safeguards

6. Cookies and Web Technologies (Web Version)

The web version of our Services, which is primarily used by authorized staff and doctors during consultations and operations, uses cookies and similar technologies to function properly.

These technologies may be used for the following purposes:

  • Authentication and session management, including keeping staff and doctors securely logged in
  • Security, including preventing unauthorized access and protecting patient data
  • Operational functionality, such as maintaining system preferences and workflow continuity during consultations
  • Performance monitoring and troubleshooting

Cookies used on the web platform are generally essential for system operation and are not used to display third-party advertising on the web interface. You may configure your browser to block cookies; however, doing so may affect the availability or proper functioning of the web-based Services.

7. Advertising, Tracking, and Your Choices (AdMob / Google Mobile Ads)

If the mobile app displays advertisements, we may use Google Mobile Ads / AdMob to display and measure ads.

Your available controls may include:

  • iOS App Tracking Transparency (ATT) prompts for tracking-related access, where applicable
  • Android Advertising ID controls
  • Consent prompts for personalized versus non-personalized ads, where applicable

8. International / Cross-Border Data Transfers

Some service providers may store or process data outside the Philippines. When cross-border transfers occur, we implement organizational, technical, and contractual safeguards to protect personal data in accordance with the Data Privacy Act and guidance from the National Privacy Commission.

9. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, including compliance with legal, regulatory, and operational requirements.

Certain records may be retained for longer periods where required or permitted by law, or for the establishment, exercise, or defense of legal claims.

When data is no longer required, we securely delete, anonymize, or de-identify it.

10. Security Measures

We implement reasonable and appropriate security safeguards, which may include:

  • Role-based access controls
  • Encryption in transit (HTTPS/TLS) and encryption at rest where supported
  • Audit logs and system monitoring
  • Secure credential handling (e.g., hashed secrets) and least-privilege access controls
  • Vendor security reviews and incident response procedures

No method of transmission or storage is completely secure, but we strive to protect personal data using industry-standard practices.

11. Your Rights (Data Subject Rights)

Subject to limitations under applicable law, you may request:

  • Access to your personal data
  • Correction of inaccurate or incomplete data
  • Erasure or blocking of data, where applicable
  • Data portability, where applicable
  • Objection to processing, where applicable
  • Information about how your personal data is processed and disclosed

You may contact us at wellservmedicalcorporation@gmail.com.

You may also file a complaint with the National Privacy Commission (NPC).

12. Children’s Privacy

Our Services are intended for patients and authorized users. If we learn that we have collected personal data of a child without proper authority or consent, we will take appropriate steps to delete or restrict processing as required by law.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted at /privacy with a revised “Last Updated” date. Material changes may also be communicated through the app or website.

14. Contact Us

Privacy Contact / Data Protection Officer:
King Jan Pocholo R. Satoh

Email:
wellservmedicalcorporation@gmail.com

Address:
San Isidro, Nueva Ecija, PH, 3106