Privacy Policy — Regenex Asia

Data protection is a priority for Regenex Asia Sdn Bhd. This policy explains how we collect, use, store and protect your personal data — including medical information — in accordance with the Malaysian Personal Data Protection Act 2010 (PDPA) and the GDPR where applicable to EU/UK data subjects.

1. Data Controller

Regenex Asia Sdn Bhd, Kuala Lumpur, Malaysia
Email: enquiry@regenexasia.com

2. What Data We Collect

Website visitors

IP address, browser type, device information and pages visited (via cookies and analytics). Any information you voluntarily submit through forms.

Patient enquiries

Name, email, phone/WhatsApp, country, condition/interest, treatment preferences, age, gender, medical history (if voluntarily shared), travel and language preferences.

Clinic and partner enquiries

Contact name, email, phone, organisation name and type, country, products of interest, partnership type, estimated volumes.

3. How We Use Your Data

To respond to enquiries, arrange consultations, develop treatment proposals, coordinate travel, manage partnerships, improve website functionality, send relevant communications (with consent), and comply with legal obligations.

4. Legal Basis for Processing

Under Malaysian PDPA: We process data with your consent, for contractual performance, or as required by law.

Under GDPR (EU/UK data subjects): We process data under Article 6(1) based on consent, contractual necessity, legal obligation or legitimate interests. Health data is processed under Article 9(2)(a) with explicit consent.

5. Medical Data — Special Handling

Medical and health-related information is classified as sensitive personal data. It is accessible only to authorised personnel, stored in secure systems, never shared for marketing purposes, retained only as necessary, and never published without explicit written consent.

6. Cookies and Analytics

Our website uses cookies for user experience and analytics. Third-party tools may include Google Analytics, Meta Pixel and WhatsApp. You can disable cookies in your browser settings.

7. Third-Party Data Sharing

We do not sell your personal data. We may share data with medical professionals involved in your care (with consent), partner clinics (with consent, limited to clinical needs), technology providers (under data processing agreements), and legal authorities (when required by law).

8. International Data Transfers

Your data may be transferred to and processed in Malaysia. For EU/UK data subjects, transfers are conducted with appropriate safeguards as required by the GDPR.

9. Your Rights

Under Malaysian PDPA: Access, correct, withdraw consent, limit processing.

Under GDPR (EU/UK): Additionally — erasure, data portability, object to processing, lodge complaints with a supervisory authority.

10. Data Retention

Enquiry data from non-patients is retained for 24 months before secure deletion. Medical records for treated patients are retained per Malaysian medical record-keeping requirements.

11. Data Security

We apply appropriate technical and organisational measures — including access controls, encryption, secure storage and staff training. No internet transmission can be guaranteed fully secure, but we maintain industry-appropriate protections.

12. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect data from children without parental consent. For paediatric enquiries, all data is managed through the parent or guardian.

13. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via the website or email.

14. Contact

Regenex Asia Sdn Bhd
Kuala Lumpur, Malaysia
Email: enquiry@regenexasia.com