HOMEGSH2ABOUTJOIN OUR COMMUNITYNEWS

Personal Data Protection Notice for GreenSHeart Sdn Bhd

GreenSHeart Sdn Bhd (“GreenSHeart”) respect and are committed to the protection of your personal data and your privacy. In this Personal Data Protection Notice, “we”, “us” and “our” refers to GreenSHeart, and “you” and “your” include third parties whose personal data you have provided to GreenSHeart.

Your data controller is GreenSHeart Sdn Bhd.


This Personal Data Protection Notice explains how we collect and handle your personal data, including your sensitive personal data, in accordance with the Malaysian Personal Data Protection Act 2010. Please note that GreenSHeart may amend this Personal Data Protection Notice at any time without prior notice and will publish the amended or revised Personal Data Protection Notice on our website or by email.


We may collect and process personal data of children under the age of 18 years old. If you are under 18 years old, please obtain your parent's or guardian's consent before you provide your personal data to GreenSHeart. If we learn that we have collected such data from a child under 18 without verification of parental consent, we will delete the data. If you believe we might have any data from or about a child under 18 without parental consent, please contact us using the information provided below.


Note that your sensitive personal data (e.g. your physical or mental health or condition, or biometric data) and your medical information (e.g. patient medical history, diagnostics, allergies) will not be shared or disclosed to any entity unless where you have provided your express, written consent.

(1) Personal data


1.1 Type of Personal data


“Personal data“ means any data which relates to you or any other third party related to you which was collected or provided to GreenSHeart for the purposes stated in Section 2 below.

We process your personally identifiable data, which may include your name, NRIC number, contact details, financial and banking account details, medical history and information, information regarding your family, relatives or third party that you provide to us, your preferences in relation to products and services you purchase from us, location tracking/GPS information, and all other data which are provided by you to GreenSHeart via these channels:


  1. GreenSHeart's website and 3 party websites affiliated with GreenSHeart;
    rd
  2. mobile application from GreenSHeart;
  3. electronic forms from GreenSHeart;
  4. physical forms from GreenSHeart;
  5. email; and/or
  6. social media and communication messaging platform.

1.2 Source of personal data

(i) Patient or potential patient/customer, parent or guardian of patients or potential patients/customers: GreenSHeart collects your personal data directly from you. Your personal data may also be collected from cookies through the use of our website.

1.3 Obligatory personal data

All data requested for in the relevant forms is obligatory to be provided by you unless stated otherwise. Should you fail to provide the obligatory data, we would be unable to process your request and/or provide you with relevant services.

(2) Purposes of collecting and further processing (including disclosing) your personal data

For patients or potential patients/customers, parents or guardians of patients or potential patients/customers, independent consultants, potential independent consultants, vendors, suppliers or service providers: Your personal data is collected and further processed by GreenSHeart as required or permitted by law and to give effect to your requested commercial transaction, including the following:


  • to facilitate your medical practice within GreenSHeart, including sharing your personal data with other independent consultants within GreenSHeart for purposes medical research;
  • to administer and communicate with you in relation to your medical practice;
  • to process your credit account application; ;
  • to assess your credit worthiness;
  • to process any payments relevant to you;
  • for insurance purposes;
  • for internal investigations, audit or security purposes;
  • to conduct machine learning research;
  • to be collected and stored into a central repository that is accessible by GreenSHeart's related companies, subsidiaries, holding companies, and affiliate companies;
  • to create and deliver personalised products and services that are unique to you to enhance your customer experience;
  • to provide you with a more seamless customer experience;
  • to support research and innovation of our products and services;
  • to store and carry out data analytics processes;
  • to improve our products and services;
  • for the matching of loyalty points provided by a third party/business partner to advertise and market products and services to you;
  • for collaborations with a business partner to advertise and market products and services to you;
  • to comply with GreenSHeart's legal and regulatory obligations in the conduct of its business;
  • to send you season's greetings, special occasion messages, or other similar communications;
  • to ensure that the content from our website is presented in the most effective manner for you and for your computer and/or device; and
  • for GreenSHeart's internal records management.
  • Where you have indicated your consent to receiving marketing or promotional updates from GreenSHeart, you may opt-out from receiving such marketing or promotional material at any time. You may select the “unsubscribe” option provided in GreenSHeart's email blasts or you may contact GreenSHeart at the details provided in Section (6) below.

Data Analytics Processing

We will use and share your data for analytics and measurement purposes to understand how our products and services are used, to help improve the products and services we offer, to provide you with more personalised products and services, and to provide a more seamless customer experience.

For example, we analyse data about your choices and preferences in relation to the products and services you purchase from us to send you targeted advertisements and promotional materials. We also process data about the ads you interact with to help us and advertisers understand the performance of various ad campaigns.

(3) Disclosure of personal data

3.1 Classes of third parties

Your personal data may be disclosed to relevant third parties (in or outside of Malaysia) as required under law, pursuant to the relevant contractual or business relationships, or for the purposes stated in Section 2 Purposes of collecting and further processing (including disclosing) your personal data above (or directly related to those purposes). The aforesaid relevant third parties may include the following:


  1. professional advisors and corporate service providers, including auditors, lawyers, company secretaries, and consultants;
  2. advertising and marketing partners;
  3. payment processors;
  4. cloud and hosting services;
  5. customer support and communication;
  6. market research and survey;
  7. social media platforms;
  8. business partners and affiliate networks including third party private healthcare institutions;
  9. analytics and tracking providers;
  10. other service providers and entities, including insurance companies or collaborating research institutes and laboratories;
  11. law enforcement agencies, including the local police;
  12. relevant governmental authorities, statutory authorities, local councils, government healthcare institutions and industry regulators including Bank Negara Malaysia, Bursa Malaysia Berhad, Ministry of Health, Ministry of Education, Ministry of Works, LHDN/IRB, KWSP/EPF, Personal Data Protection Commissioner, MHTC (Malaysian Healthcare Tourism Council) SOCSO, Securities Commission Malaysia, Malaysian Medical Council and Department of Statistics Malaysia;
  13. relevant accreditation bodies such as the Malaysian Society for Quality in Health (MSQH);
  14. our independent consultants and specialists within GreenSHeart; and
  15. in the case of pre-employment health screenings, to the patient's employer/prospective employer.


In the event of a potential, proposed, or actual sale of business, disposal, acquisition, merger, or re-organisation (“Transaction”), your personal data may be required to be disclosed or transferred to a third party as a result of the Transaction. You hereby acknowledge that such disclosure and transfer may occur and permit GreenSHeart to release your personal data to the other party and its advisers/representatives.

3.2. Transfer of your personal data outside Malaysia.

It may be necessary for us to transfer your personal data outside of Malaysia if any of the third parties mentioned in Section 3 (Disclosure of personal data) above including our service providers or business partners who are involved in providing any services to us are located or have processing facilities in countries outside of Malaysia.

You consent to us transferring your personal data outside Malaysia to such third parties and for the purposes set out in Section 2 (Purposes of collecting and further processing (including disclosing) your personal data).

We shall take necessary steps to ensure that any such third parties, whether within Malaysia or are based outside of Malaysia, are contractually bound to protect your personal data to a relevant standard that is comparable to applicable laws and that they can only process your personal data under our instructions.

(4) Websites

4.1 Links to other sites

Links to other sites is provided for your convenience and information. These sites may have their own privacy statement in place, which we recommend you review if you visit any linked websites. We are not responsible for the content on the linked sites or any use of the site.

4.2 Location enabled products or applications

Location-enabled products or applications transmit your location data to us. We do not use the data sent or provided other than to provide the service you request. Location-enabled features are opt-in, and you have control over your participation and can turn these services off at any time or uninstall them. Some mobile applications will utilise Google Analytics (or similar tool) to help us better serve you through improved products, services, and revisions to the mobile applications. This collected data will not identify you to us. It may, however, let us know anonymously, which services and features you are using the most within the application, as well as device type and hardware features, country and language of download.

4.3 Cookies

A cookie may be used in the processing of your data. A cookie is a text file placed into the memory of your computer and/or device by our computers. A copy of this text file is sent by your computer and/or device whenever it communicates with our server. We use cookies to identify you. We may also collect the following data during your visit to our website and/or the fully qualified domain name from which you accessed our site, or alternatively, your IP address:


  • the date and time you accessed each page on our website;
  • the URL of any webpage from which you accessed our site (the referrer); and
  • the web browser that you are using and the pages you accessed.


Some web pages may require you to provide a limited amount of personal data in order to enjoy certain services on our websites (system login credentials, email address, and contact details, etc.). This personal data will only be used for its intended purposes, i.e. to respond to your message or deliver the requested services.

(5) Right to access and correct personal data


You have the right to access and correct your personal data held by us (subject always to certain exemptions). We will make every endeavour to ensure your personal data is accurate and up to date. Therefore, we ask that if there are changes to your data, you should notify us directly.

If you would like to access or correct your personal data, please contact our Customer Service Department or email your enquiry to the contact details in Item 6 below.


(6) Limiting the processing of personal data, withdrawal of consent, further enquiries, transmission of personal data and complaints

If:


  1. you would like to obtain further information on how to limit the processing of your personal data or withdraw your consent on personal data processing;
  2. you would like to request to limit your personal data or withdraw your consent on personal data processing (note that we may retain your data where there is a legal basis to do so, or where your data is necessary for ongoing medical related services);
  3. you request the transmission of your consented personal data to another organisation, in a compatible suitable machine-readable form;
  4. you have any further queries; or
  5. you would like to make a complaint in respect of your personal data, you may contact

Personal Data Protection Officer
Tel:+60132878670
Email:Jafni Suhail

For information on all other businesses, please submit your enquiry to [To be updated].

(7) Data Security

We have implemented reasonable physical, technical and procedural measures to secure your personal data from accidental loss and from unauthorised or accidental access, use, alteration, and disclosure. All data you provide to us is stored on our secure servers. The measures we implement include the following:


  1. registering our employees handling personal data into a system/registration book before being allowed access to personal data;
  2. terminating our employee's access rights to personal data after his/her resignation or cessation of employment, termination of contract or agreement, or adjustment in accordance with changes in GreenSHeart;
  3. controlling and limiting our employee's access to personal data system for the purpose of collecting, processing and storing of personal data;
  4. providing user ID and password for authorised employees to access personal data;
  5. terminating user ID and password immediately when our employee who is authorised to access personal data is no longer handling the data;
  6. establishing physical security procedures as follows:
    1. controlling the movement in and out of the data storage site;
    2. storing personal data in an appropriate location which is unexposed and safe from physical or natural threats;
    3. providing a closed-circuit camera at the data storage site (if necessary); and
    4. providing twenty-four (24) hours of security monitoring (if necessary);
  7. updating the back-up/recovery system and anti-virus software to prevent personal data intrusion;
  8. safeguarding the computer systems from malware threats to prevent attacks on personal data;
  9. prohibiting the transfer of personal data through removable media devices and cloud computing services unless consent has been obtained from the top management of GreenSHeart and appropriate safeguards have been implemented;
  10. recording any transfer of data through removable media devices and cloud computing services unless consent has been obtained from the top management of GreenSHeart and appropriate safeguards have been implemented;
  11. ensuring that personal data transfers through cloud computing services comply with the personal data protection principles in Malaysia, as well as with personal data protection laws of other countries;
  12. maintaining a proper record of access to personal data periodically and making such record available for submission when directed by the Personal Data Protection Commissioner;
  13. ensuring that all our employees involved in processing personal data always protect the confidentiality of the data subject's personal data; and
  14. binding any third party appointed by us with a contract for operating and carrying out personal data processing activities.


We also ensure that any third-party service providers storing or processing your personal data have implemented similar acceptable standards of security.

Unfortunately, the transmission of data via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted on our website or other electronic transmission means.

(8)Retention of Personal Data

We will process your personal data for as long as we have a legal basis to do so. Your personal data will be stored only for the period necessary to fulfil the purposes stated above after which we will ensure that your personal data is deleted if it is no longer necessary to store it..

We also implement the following measures for the management and deletion of personal data stored by us:


  1. maintaining a system for proper records of personal data disposal periodically and making such records available for submission when directed by the Personal Data Protection Commissioner;
  2. conducting reviews and disposing of all unwanted personal data that are in the database from time to time;
  3. preparing and maintaining a personal data disposal schedule for inactive data with a twenty-four (24) month period or in accordance with the guidelines set by the Ministry of Health under “Jadual Pelupusan Rekod Perubatan 2016”;
  4. disposing of personal data collection forms used in commercial transactions within a period of fourteen (14) days, except if/unless the forms carry legal values in relation to the commercial transaction; and
  5. prohibiting the storage of personal data through removable media devices and cloud computing services unless written consent is obtained from an officer authorised by the top management of GreenSHeart

(9) Conflict

In the event of any conflict between this English language Personal Data Protection Notice and its corresponding Bahasa Malaysia Personal Data Protection Notice, the terms in this English language Notice shall prevail.

This Personal Data Protection Notice was last updated on 24 July 2025***.***

GreenSHeart User Consent and Privacy Policy

GreenSHeart app is designed by GreenSHeart Sdn Bhd (“Company” or “Our” or us”)to assist you in personalizing your health data for tracking and alerts.

GreenSHeart can consolidate data from your Android phone to comprehensively view your health information in one convenient place to track and be alerted on your health status.

All of your data is stored locally on your Android phone, and you are in control of whether you want your data to be stored in the cloud for the purpose of sharing with your healthcare providers.

This User Consent and Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use our GreenSHeart App and tells You about Your privacy rights and how the law protects You.

We use Your Personal data to provide and improve the user of our GreenSHeart App. By using GreenSHeart App, You agree to the collection and use of information in accordance with this Privacy Policy.

Types of Data Collected and Usage

  • Personal Patient Record Data

We will ask you to provide us with certain personally identifiable information that can be used by your healthcare providers to contact you and to make informed decisions about your health status. Personally identifiable information may include, but is not limited to:


  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Diagnosis
  • Comorbidities
  • Last hospital admission
  • Emergency contact details
  • Medication Data

We will ask you to provide us with certain medication data. The medication data can be used by you to keep track of your medication compliance data and to share with healthcare providers. Medication data that will be collected include, but is not limited to:


  • Name of medication
  • Dosage
  • Number of pills
  • Frequency
  • Symptoms Data

While using our GreenSHeart App, we will ask you to provide us with additional data that is relevant for you to understand whether your symptoms are related to heart failure status disease so you can be more aware of adapting your lifestyles to improve your quality of life. These data are also used for GreenSHeart to track and alert from your self-recording, whether it is above your usual severity.

The symptoms-related information may include, but is not limited to:


  • Types of symptoms
  • Type of activities that you are engaged in when experiencing the symptoms
  • The severity levels
  • Other information about heart failure symptoms includes the number of pillows used, etc.
  • Vital Signs Data

While using our GreenSHeart App, we will ask you to provide us with vital signs data. These vital signs data are also used for GreenSHeart to track and alert from your self-recording or via third party App whether your vital signs are outside of your usual normal range. The vital signs data may include, but is not limited to:


  • Heart rate
  • Blood pressure systolic and diastolic reading
  • Oxygen saturation
  • Weight
  • Respiratory rate
  • Physical activity data

While using our GreenSHeart App, we will ask you to provide us access to a third-party health app to provide data on your physical activity. Our GreenSHeart App consolidates these physical activity data to track your activity levels. The physical activity data may include, but is not limited to:


  • Step
  • Distance
  • Geolocation data

Data storage and security


Your personal health data recorded via GreenSHeart app and consolidated from a third-party App is stored locally on your mobile phone memory. If you choose to subscribe to our service to access your historical health records, then we will sync your data to the secured cloud to enable the sharing of your historical health data.

The security of Your Personal Health Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Retention of Your Personal Health Data


The Company will retain Your Personal Health Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or improve the functionality of Our Service, or We are legally obligated to retain this data for longer periods.

Law enforcement


Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements


The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:


  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability

Analytics


We may use third-party Service providers to monitor and analyze the use of our Service.

Changes to this Privacy Policy


We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.


We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.


You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page and can be found in our GreenSHeart link to privacy policy disclosure.

GreenSHeart User Consent and Privacy Policy for Research Purposes


GreenSHeart app will use your personal data recorded in GreenSHeart App for research purposes.


This User Consent and Privacy Policy For Research Purposes describes Our policies and procedures on the collection, use, and disclosure of Your information when You use our GreenSHeart App and tells You about Your privacy rights and how the law protects You.


We use your Personal Data to provide an individualized machine-learning prediction feature in the near future. This feature will allow our GreenSHeart to make early predictions 6-10 days and alert you on the risk of unstable heart status which can help prevent future hospitalization due to heart failure condition.


This machine learning algorithm will use your personal health data and may include other types of passive data already collected in your Android smartphone to make better-individualized prediction based on your lifestyle and environment.


By using GreenSHeart App, You agree to the collection and use of information for Research Purposes in accordance with this Privacy Policy.

User Consent to Using Your Personal Data for Research Purposes

Types of Data Accessed for Research Purposes

  • Personal Patient Record Data

We will use your recorded patient data to provide us with your demographic data for our GreenSHeart App machine learning prediction individualized to your diagnosis. The patient data that will be used for research purposes are:


  • Gender
  • Ethnicity
  • Diagnosis
  • Comorbidities
  • Last hospital admission
  • Medication Data

We will use your recorded medication data to track and learn your medication effectiveness. The data that will be used for research purposes are:


  • Date and time medication recorded
  • Name of medication
  • Dosage
  • Number of pills
  • Frequency
  • Symptoms Data

We will use your recorded symptom data to add to the accuracy of our machine-learning prediction of unstable heart failure status. The symptoms data that will be used for research purposes are:


  • Date and time symptoms recorded
  • Types of symptoms
  • Type of activities that you are engaged in when experiencing the symptoms
  • The severity levels
  • Other information about heart failure symptoms includes the number of pillows used, etc.
  • Vital Signs Data

We will use your recorded vital signs to add to the accuracy of our machine-learning prediction of unstable heart failure status. The vital signs data that will be used for research purposes are:


  • Date and time all vital signs recorded
  • Heart rate
  • Blood pressure systolic and diastolic reading
  • Oxygen saturation
  • Weight
  • Respiratory rate
  • Contextual data

We will access the contextual data whenever available to predict your physical activity levels in relationship to your heart status for future alerting feature. The data we will use are:


  • The time and date of the accessed data
  • Step
  • Distance
  • Geolocation data
  • Light exposure
  • stressor dataEnvironmental

We will access your environmental stressor data to add accuracy to our machine-learning prediction of unstable heart status. The data we will use are:


  • The time and date of the accessed data
  • Temperature
  • Humidity