← Back

Privacy Policy

VisitCare PH · Last updated May 2026 · RA 10173 Compliant

⚕️ Health Data Notice

VisitCare PH handles health-related information classified as Sensitive Personal Information under RA 10173. We apply extraordinary diligence to protect your data.

Full Privacy Policy document available upon request. Email privacy@visitcareph.com

What we collect

Name, contact details, location, health-related service information, payment references, government IDs (for Professionals), biometric face photos (for Professionals), and device/usage data.

Why we collect it

To facilitate bookings between patients and PRC-licensed health professionals or TESDA-certified caregivers, process payments, validate provider credentials against PRC LERIS and TESDA records, prevent fraud, and comply with Philippine law. Legal basis: consent (RA 10173 Sec 12), contract performance, and legitimate interest.

Who we share it with

Xendit Philippines (payments), AWS Rekognition Singapore (biometric verification for Professionals only), PhilSMS (SMS notifications), and government authorities when required by law.

Biometric data (Professionals only)

Professional face photos are processed for one-time identity verification during onboarding. Biometric data is classified as Sensitive Personal Information under RA 10173 Sec 3(l). Face photo files are stored in encrypted cloud storage (AWS, Singapore region) for the duration of the provider engagement. No biometric data is processed under Chinese government jurisdiction.

Data retention

Patient data: 5 years after last booking. Professional data: duration of engagement + 2 years. Minor patient data: 2 years after 18th birthday or 10 years, whichever is longer.

Your rights (RA 10173)

You have the right to access, correct, and delete your personal data. You may withdraw consent at any time by contacting privacy@visitcareph.com. Withdrawal may affect your ability to use the Platform.

Data security

We implement appropriate technical and organizational measures including row-level security, encrypted storage, and access controls per our Information Security Management System (ISMS v1.0).

NPC Registration

VisitCare PH will register with the National Privacy Commission (NPC) as required under RA 10173 and NPC Circular 16-01. Registration will be completed prior to or upon reaching the applicable threshold. Our Data Protection Officer (DPO) is designated at privacy@visitcareph.com.

Contact

Data Protection Officer: privacy@visitcareph.com · Compliance: compliance@visitcareph.com