Privacy Policy

Last Updated: 07/19/2025

AsaDoc (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at www.AsaDoc.com (“Website”) or use our services (“Services”). Please read this policy carefully. By accessing or using the Website and Services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect personal information from users in the course of providing our Services. This information may be collected directly from you when you interact with our Website or Services, or indirectly through the use of cookies and other tracking technologies. The types of personal information we may collect include:

1.1 Personal Identification Information

Personal identification information refers to any data that can be used to identify an individual. The types of personal information we may collect include, but are not limited to:

• Name – Full name of the user or individual submitting data.
• Phone Number – Contact phone number for communication purposes.
• Email Address – Contact email address to communicate with the user and provide updates.
• Medical History – Health-related data, including but not limited to past diagnoses, treatment information, and medical records. This information is collected only with explicit user consent.
• Payment Details – Payment information including credit card details, debit card details, and billing address. All financial data is processed securely via third-party payment processors.
• IP Address – A unique string of numbers identifying your device on the internet, used to track your activity on the Website.
• Browser Type and Technical Data – Information about the type and version of your web browser, operating system, and other technical data necessary for ensuring the optimal functioning of our Website and Services. This also includes data about the device used to access our Website (e.g., mobile device, desktop computer).

1.2 Usage Data

In addition to the personal data directly provided by you, we also collect certain usage data to understand how our Website and Services are accessed and utilized. This data is used for analytical purposes and to enhance the functionality of the Website. The usage data we collect includes, but is not limited to:

• Pages Visited – Information regarding the specific web pages you visit during your session on the Website.
• Time Spent on the Website – Duration of your visit and engagement with different sections of the Website.
• Device Information – Details about the device from which you are accessing the Website, including device type, operating system, and unique device identifiers.
• Interaction with Content – Information about how you interact with content on the Website, such as clicking on links, buttons, and other interactive elements.

1.3 Cookies and Tracking Technologies

To improve your experience with the Website and facilitate the functionality of our Services, we use cookies and other tracking technologies. By accessing our Website or Services, you consent to our use of these technologies in accordance with this Privacy Policy. The following outlines our use of cookies and other tracking technologies:

• Cookies – Small text files that are stored on your device when you visit the Website. Cookies are used to store preferences, session information, and to track your browsing behavior across sessions. They help us provide a more personalized and efficient experience.
  • Session Cookies – These cookies are temporary and expire once you close your browser. They help us maintain your session while you navigate the Website.
  • Persistent Cookies – These cookies remain on your device for a set period or until you delete them. They allow us to recognize you when you return to the Website, remembering your preferences or login information.
• Web Beacons (Clear GIFs) – These are small, invisible graphics embedded within the Website or email communications that allow us to track the effectiveness of certain content and measure user engagement.
• Other Tracking Technologies – This includes technologies such as local storage, fingerprinting, and tracking pixels. These technologies help us improve Website performance, analyze trends, and understand user behavior.

1.4 Consent to Data Collection

By using the Website and Services, you provide your consent for the collection, use, and storage of your personal information as described in this Privacy Policy. For sensitive data, such as medical history or payment details, explicit consent will be requested before collection. If you do not agree to our data collection practices, you may choose not to provide personal information, though this may limit your ability to fully use certain Services.

1.5 Third-Party Analytics and Services

We may utilize third-party analytics and services providers to gather, analyze, and process certain information regarding the usage of the Website. These third parties may collect information about your activities over time and across different websites and services. Some of the third parties we may engage with include, but are not limited to:

• Google Analytics – A web analytics service that tracks and reports Website traffic. For more information on how Google uses your data, please visit Google Privacy Policy.
• Advertising Partners – Third-party services that may use cookies to display relevant advertisements to you based on your browsing behavior.

1.6 Opt-Out of Data Collection

While cookies and tracking technologies improve your experience, you have the option to manage your preferences regarding their use. You may choose to disable cookies through your browser settings, though please note that doing so may limit some functionality of the Website. Additionally, you can manage your preferences for third-party advertisements or analytics by visiting the appropriate settings in your browser or by opting out through services such as the Network Advertising Initiative.

2. How We Use Your Information

We use the personal information we collect for a variety of purposes, as outlined below. By using our Website and Services, you consent to the collection and use of your personal information in accordance with this Privacy Policy.

2.1 Providing Services

We use the personal information we collect to provide, operate, and maintain our Website and Services. This includes, but is not limited to:

• Processing Transactions: Handling payments, billing, and related financial transactions for Services rendered.
• Responding to Inquiries: Addressing user inquiries, requests for information, customer support, and feedback.
• Account Management: Creating and managing user accounts, verifying identities, and ensuring account security.

2.2 Improving Our Services

We continuously strive to enhance the functionality, usability, and user experience of our Website and Services. To achieve this, we use personal and usage data for the following purposes:

• Website Optimization: Identifying and resolving performance issues, improving website load times, and enhancing navigability.
• User Behavior Analysis: Monitoring user engagement to analyze trends, preferences, and behavior to better tailor our Services to meet user needs.
• Service Development: Innovating and introducing new features or updates to enhance your experience and the overall value of our Services.

2.3 Marketing and Communications

We may use your contact information to send you promotional materials, newsletters, and other marketing communications about our products and services. You will receive such communications only if you have:

• Opted-In to Receive Communications: You will have the option to subscribe to newsletters, promotional updates, or marketing emails at the time of account creation or through subsequent interactions.
• Consent Withdrawal: You may withdraw your consent to receive marketing communications at any time by clicking the “unsubscribe” link in the emails or by contacting us directly as provided in the “Contact Us” section of this Privacy Policy.

2.4 Compliance and Legal Obligations

We may use your personal information to comply with legal obligations, resolve disputes, and enforce our legal agreements, terms, and policies, including but not limited to:

• Legal Compliance: Ensuring compliance with applicable laws and regulations, including data protection and privacy laws.
• Dispute Resolution: Addressing any legal disputes that may arise, including claims or complaints related to your use of the Website or Services.
• Regulatory Requests: Responding to lawful requests from government agencies, regulatory bodies, or law enforcement.

3. How We Store and Protect Your Information

We take the privacy and security of your personal information seriously. We implement a range of security measures to protect your personal data, and we retain your data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by applicable laws.

3.1 Data Security

We implement a variety of security measures designed to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: We use industry-standard encryption techniques to secure sensitive data such as payment details and medical information.
• Secure Servers: Personal information is stored on secure servers located in facilities with strict access control measures.
• Access Control: We limit access to your personal data to authorized personnel only, based on the principle of least privilege, to reduce the risk of data breaches.

Despite our best efforts to protect your personal information, no data transmission or storage system can be completely secure. Therefore, we cannot guarantee the absolute security of your information.

3.2 Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or for as long as required by applicable laws or regulations. This includes retaining data to:

• Fulfill any contractual obligations
• Comply with legal requirements
• Resolve disputes
• Enforce agreements and policies

Upon your request for data deletion, we will delete your personal information in accordance with applicable laws, except when retention is required for business or legal purposes.

3.3 International Data Transfers

As AsaDoc plans to operate in multiple jurisdictions, including the United States, Canada, Europe, Australia, and other countries, your personal data may be stored, processed, or transferred to servers located outside of your home country. By using our Website or Services, you explicitly consent to the transfer of your personal data to countries that may have different data protection laws than those of your home country.

In the event of an international data transfer, we will ensure that appropriate safeguards are in place to protect your personal data, such as by utilizing standard contractual clauses or other legally recognized mechanisms for international data transfers.

4. Sharing Your Information

We take your privacy seriously and will not share your personal data without your consent except as outlined below.

4.1 Third-Party Service Providers

We may share your personal data with third-party service providers who assist us in providing, maintaining, or enhancing our Website and Services. These third parties are authorized to use your personal data only for the purposes outlined in this Privacy Policy and are bound by contractual agreements that ensure the confidentiality and security of your information. Third-party service providers may include:

• Payment Processors: Companies that handle payment transactions securely.
• Cloud Storage Providers: Services that store your personal data in the cloud.
• Analytics Services: Third-party companies that help us understand how users interact with the Website and Services (e.g., Google Analytics).

These service providers are prohibited from using your personal data for any purposes other than to provide services on our behalf.

4.2 Legal Disclosure

We may disclose your personal data if required to do so by law or in response to a valid legal request. This may include disclosing your data in the following circumstances:

• Compliance with Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests.
• Corporate Transactions: In the event of a merger, acquisition, sale, or transfer of assets, your personal data may be transferred as part of the transaction. We will ensure that appropriate safeguards are in place during such transfers to protect your personal data.

4.3 No Sale of Personal Data

We do not sell, rent, or trade your personal data to third parties for any marketing purposes. Your personal data is not shared with third parties for their independent marketing or promotional use.

5. Your Rights and Choices

As a user, you have certain rights regarding your personal data. We respect and honor these rights and are committed to ensuring that you have control over how your personal data is used.

5.1 Access and Correction

You have the right to access the personal information we hold about you. You may request details of the personal data we have collected, including the purposes for which it is being used. Additionally, you have the right to request corrections to any inaccuracies or omissions in your personal data to ensure it is complete and up to date.

5.2 Deletion of Personal Data

You have the right to request the deletion of your personal data, subject to the following conditions:

• We will delete your personal data upon request, except where retention is required by applicable laws, regulations, or as necessary for legitimate business purposes (e.g., for accounting, tax purposes, or to comply with legal obligations).
• To make such a request, please contact us using the information provided below. We will respond to your request within the timeframe required by applicable law.

5.3 Opting Out of Marketing Communications

You may opt out of receiving marketing emails or other communications at any time. To do so, follow the unsubscribe link provided in the email or contact us directly to request removal from our marketing communications list.

5.4 Data Portability

Where applicable under data protection laws, you have the right to request that we provide you with your personal data in a structured, commonly used, and machine-readable format. You may also request that we transfer your personal data to another data controller, provided that such transfer is technically feasible.

5.5 Right to Object

You have the right to object to the processing of your personal data for specific purposes, including:

• Direct Marketing: You may object to the use of your personal data for direct marketing purposes at any time.
• Profiling: If applicable, you may object to any profiling activities we engage in, provided such profiling is based on your personal data.

To exercise any of the rights outlined above, please contact us as described in the Contact Us section below.

6. Children’s Privacy

The Website and Services are not directed to children under the age of 18, and we do not knowingly collect personal data from individuals who are under 18 years of age. If we discover that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete such data from our records and prevent further collection.

6.1 Parental Consent

In the event that personal data is collected from a child under the age of 18 (with parental consent), we will ensure that the parent or guardian has authorized such collection, in compliance with applicable data protection laws.

7. Links to Third-Party Websites

Our Website may contain links to third-party websites, services, or resources that are not controlled or operated by AsaDoc. These third-party websites have their own privacy policies, and we are not responsible for the content, privacy practices, or data security practices of such third-party websites.

7.1 No Responsibility for Third-Party Content

By clicking on a link to a third-party website, you acknowledge and agree that AsaDoc is not responsible for, and has no control over, the privacy practices, policies, or content of those external websites. We encourage you to review the privacy policies of any third-party websites you visit.

8. Changes to This Privacy Policy

We may update, modify, or revise this Privacy Policy at any time to reflect changes in our practices or to comply with applicable laws and regulations. Any changes will be posted on this page, and the revised Privacy Policy will become effective immediately upon its posting.

8.1 Modifications

The “Last Updated” date at the top of this Privacy Policy will be revised whenever changes are made. We reserve the right to make such changes at our discretion.

8.2 Notification of Changes

Although we are not obligated to notify you individually about changes to this Privacy Policy, we may, at our discretion, provide notifications of material changes via email or other communication channels. By continuing to use our Website and Services after such changes have been posted, you agree to the revised Privacy Policy.

9. Compliance with International Standards

9.1 GDPR (General Data Protection Regulation) Compliance:

9.1.1 Lawfulness of Processing: We ensure that all processing of personal data of residents within the European Union is based on lawful grounds as stipulated by Article 6 of the GDPR. Our processing activities are conducted with the necessary consent obtained, under contract obligations, or on other legal bases defined under the regulation.

9.1.2 Rights of Data Subjects: We uphold the rights of data subjects as outlined by the GDPR. This includes:

• The right to be informed about the collection and use of their personal data.
• The right of access to their personal data to verify the lawfulness of processing.
• The right to rectification if personal data is inaccurate or incomplete.
• The right to erasure (‘right to be forgotten’) under certain circumstances.
• The right to restrict processing, allowing data subjects to request the suspension of processing of their personal data.
• The right to data portability, enabling data subjects to receive and reuse their personal data across different services.
• The right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling).

9.1.3 Data Protection Measures: We implement advanced technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems and services.

9.1.4 Cross-border Data Transfers: Data transferred outside the European Union is protected under adequacy decisions or appropriate safeguards such as standard contractual clauses or binding corporate rules.

9.2 HIPAA (Health Insurance Portability and Accountability Act) Compliance:

9.2.1 Protection of Protected Health Information (PHI): In compliance with HIPAA, we implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information (ePHI).

9.2.2 Minimum Necessary Use and Disclosure: We adhere to the ‘minimum necessary’ standard for the use, disclosure, and request of PHI, ensuring that only the minimum necessary PHI is accessed, used, or disclosed necessary to perform a job function.

9.2.3 Patient Rights Under HIPAA: We support and facilitate the exercise of patient rights under HIPAA, including:

• The right to access and obtain a copy of their PHI.
• The right to amend their health records.
• The right to an accounting of disclosures, detailing when and to whom PHI has been released.
• The right to request restrictions on certain uses and disclosures of their health information.

9.2.4 Breach Notification: We comply with the HIPAA Breach Notification Rule, which requires covered entities and their business associates to provide notification following a breach of unsecured PHI. This includes notifications to affected individuals, the Secretary of Health and Human Services, and in some cases, to the media.

9.3 PIPEDA (Personal Information Protection and Electronic Documents Act) Compliance:

9.3.1 Consent and Fair Information Practices: In compliance with PIPEDA, we ensure that all personal information is collected with explicit and informed consent from individuals. We employ fair information practices, clearly explaining the purpose of data collection before obtaining consent, and ensuring that such information is used only for the stated purposes.

9.3.2 Accountability and Governance: We have appointed a Privacy Officer who is responsible for our compliance with PIPEDA standards. Our governance framework includes policies and procedures to protect personal information, training employees, and conducting regular audits to ensure our practices align with PIPEDA’s requirements.

9.3.3 Safeguarding Personal Information: We implement robust security measures to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. These security measures are reviewed regularly to ensure the highest level of protection is maintained.

9.3.4 Individual’s Rights: Individuals have the right to access personal information held by us and to challenge its accuracy and completeness and have it amended as appropriate. This includes the right to request deletion of personal data when it is no longer necessary for fulfilling the collected purposes.

9.4 Compliance with the Privacy Act 1988 (Australia):

9.4.1 Adherence to Australian Privacy Principles (APPs): We conduct our operations in compliance with the APPs, ensuring that personal information is handled in a transparent and accountable manner. We manage personal data from collection to disposal, ensuring privacy is respected throughout its lifecycle.

9.4.2 Privacy by Design: We integrate privacy at all stages of developing marketing strategies, IT systems, and network infrastructures. This approach ensures privacy and compliance are considered at all levels of project planning and execution.

9.4.3 Cross-Border Disclosure of Data: When transferring personal information outside Australia, we ensure that such transfers are made to countries that provide similar levels of data protection as prescribed under the Privacy Act 1988, or we obtain contractual assurances to protect the data once it leaves Australia.

9.4.4 Handling of Privacy Complaints: We provide a clear and easy process for individuals to lodge privacy complaints, and we undertake to resolve such issues promptly and fairly. If a complaint cannot be resolved internally, individuals have the right to escalate the issue to the Office of the Australian Information Commissioner (OAIC).

9.5 Compliance with Additional International Privacy Laws:

9.5.1 Global Data Protection Compliance: We adhere to the data protection laws and privacy regulations of each country in which we operate. This includes implementing country-specific data protection strategies and compliance programs that reflect local legal frameworks and cultural expectations.

9.5.2 Regular Compliance Reviews: We conduct regular reviews of our privacy practices and policies to ensure continuous compliance with international data protection laws and regulations. These reviews help us to identify and mitigate risks, ensuring that personal data is managed securely and lawfully.

9.5.3 Training and Awareness: We provide ongoing training and awareness programs for our employees to ensure they understand their responsibilities under various data protection laws. This training helps foster a culture of privacy and security across our organization.

9.6 CCPA (California Consumer Privacy Act) Compliance:

9.6.1 Consumer Rights: In alignment with the CCPA, we recognize and facilitate the rights of California residents to access, know, and request the deletion of their personal information. We also support their right to opt-out of the sale of their personal information and provide mechanisms for consumers to submit these requests securely and conveniently.

9.6.2 Notice at Collection: We provide a clear and conspicuous notice at or before the point of collection of personal data, detailing the categories of personal data to be collected and the purposes for which the categories of personal data shall be used.

9.6.3 Data Minimization and Purpose Limitation: We adhere to the principles of data minimization and purpose limitation, collecting only the personal information that is necessary for the purposes specified at the time of collection and not using personal data for reasons incompatible with those purposes without notifying the consumer.

9.6.4 Non-Discrimination: We uphold the CCPA’s non-discrimination requirements by ensuring that consumers who exercise their privacy rights do not receive discriminatory treatment.

9.6.5 Service Provider Agreements: We enter into contractual agreements with service providers that dictate the processing of personal information on our behalf, requiring them to meet the data protection standards stipulated by the CCPA and use personal information strictly for the purposes specified in our contracts.

9.6.6 Training and Record-Keeping: We conduct regular training for our employees who handle personal information to ensure they understand the requirements of the CCPA. We also maintain records of consumer requests and our responses for at least 24 months as required by law.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, or if you wish to exercise any of your rights as outlined in this document, please contact us using the following contact details:

• Email: [Insert Contact Email]
• Business Address: Sharjah Research, Technology & Innovation Park (SRTI Park), Sharjah, UAE

We will make reasonable efforts to respond to inquiries in a timely manner, and we are committed to addressing any concerns or requests related to your privacy.

**Disclaimer**

AsaDoc provides informational and educational health coaching services and does not offer medical diagnoses, treatments, or prescriptions. Our platform and services are designed to supplement, not replace, professional medical advice from licensed healthcare providers. As such, AsaDoc is not responsible for compliance with healthcare regulations or frameworks, such as HIPAA, GDPR, or similar standards, as these apply to the provision of medical care. Clients should consult licensed medical professionals for diagnosis or treatment of medical conditions.