Privacy Policy

Last updated: January 2025

1. Introduction

OriEast ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal and medical information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical tourism services.

2. Information We Collect

Personal Information

  • Name, email address, phone number
  • Nationality and passport information
  • Travel dates and preferences
  • Payment information

Medical Information

  • Medical history and current health conditions
  • Diagnostic reports and medical records
  • Treatment preferences and requirements
  • Insurance information

3. How We Use Your Information

We use your information to:

  • Coordinate medical appointments and treatments
  • Arrange travel, accommodation, and transportation
  • Communicate with healthcare providers on your behalf
  • Process payments and manage bookings
  • Provide customer support and follow-up care
  • Improve our services and user experience

4. Data Protection Standards

HIPAA Compliance

We adhere to the Health Insurance Portability and Accountability Act (HIPAA) standards for protecting sensitive patient health information. Our systems and processes are designed to ensure the confidentiality, integrity, and availability of all protected health information (PHI).

GDPR Compliance

For our European patients, we comply with the General Data Protection Regulation (GDPR). You have the right to access, rectify, erase, restrict processing, and port your personal data. You may also withdraw consent at any time.

5. Information Sharing

We may share your information with:

  • Healthcare Providers: Partner hospitals and medical professionals for treatment coordination
  • Service Partners: Hotels, transportation providers, and visa agencies
  • Payment Processors: Secure payment processing services
  • Legal Requirements: When required by law or to protect our rights

6. Data Security

We implement industry-standard security measures including encryption, secure servers, access controls, and regular security audits. All data transmissions are encrypted using SSL/TLS protocols. Our staff undergoes regular training on data protection and privacy practices.

7. Data Retention

We retain your personal and medical information for as long as necessary to provide our services and comply with legal obligations. Medical records are typically retained for 7 years after your last interaction with us, unless longer retention is required by law.

8. Your Rights

You have the right to:

  • Access your personal and medical information
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal requirements)
  • Opt-out of marketing communications
  • Request a copy of your data in a portable format

9. Cookies and Tracking

Our website uses cookies and similar technologies to enhance your browsing experience, analyze site traffic, and personalize content. You can manage cookie preferences through your browser settings.

10. Contact Us

For privacy-related inquiries or to exercise your rights, please contact our Data Protection Officer:

Email: [email protected]
Address: OriEast Medical Tourism, Beijing, China
Response Time: Within 30 days