Effective Date: January 14, 2025

Consent for Sensitive Data Processing.

Hedfirst is committed to protecting your privacy and ensuring transparency about how your sensitive personal data is processed. This document explains the purpose, scope, and conditions of processing your sensitive data and seeks informed consent.

Purpose of Collecting and Processing Sensitive Data

By providing consent, you authorize Hedfirst to process your sensitive personal data, including but not limited to:

  • Health and medical information (diagnoses, treatments, prescriptions, etc.)
  • Information on mental or emotional well-being
  • Biometric data (if applicable)
  • Other legally defined categories of sensitive data

Sensitive data is processed strictly for the following purposes:

  • Delivering telehealth services, including diagnosis, treatment, and follow-up care.
  • Facilitating communication between you and healthcare providers.
  • Complying with legal, regulatory, and administrative requirements.
  • Improving the quality of care and conducting de-identified research and analysis.

What is Sensitive Data?

Sensitive data refers to personal information that reveals details about your health, genetic and biometric data, racial or ethnic origin, sexual orientation, or any other data that requires extra protection under privacy laws.

Hedfirst will process sensitive data only when:

  • It is necessary to provide the healthcare services you request.
  • It complies with applicable legal obligations, such as public health or reporting requirements.
  • You provide explicit consent.

Your Rights Regarding Sensitive Data

You have the right to:

  • Withdraw Consent: At any time, you may withdraw your consent for the processing of sensitive data without affecting the legality of prior processing.
  • Access Your Data: Request access to your data to review, update, or correct inaccuracies.
  • Limit Processing: Restrict the use of your sensitive data under certain conditions.
  • Data Portability: Obtain a copy of your data in a machine-readable format.
  • File Complaints: Lodge a complaint with a data protection authority if you believe your rights have been violated.

Data Security

Hedfirst implements robust security measures to protect your sensitive data, including encryption, secure access controls, and regular audits. Your data will only be accessed by authorized personnel who have a legitimate need to use it to deliver care or fulfill legal obligations.

We will not disclose your sensitive data to third parties without your explicit consent, except as required by law or as necessary to provide healthcare services.

Retention Period

Your sensitive data will be retained only as long as it is necessary for the purposes listed above or as required by law. After the retention period, your data will be securely deleted or anonymized.

Legal Basis for Processing

The legal basis for processing your sensitive data includes:

  • Your Explicit Consent: As outlined in this agreement.
  • Compliance with Legal Obligations: When required by law.
  • Protection of Vital Interests: In cases of emergency.
  • Public Interest: To improve healthcare systems or services.

Acknowledgment of Consent

By continuing to use Hedfirst's services, you confirm that you have read and understood the information provided regarding the processing of your sensitive personal data. You acknowledge the purposes and legal bases for data processing and voluntarily provide your consent for the collection, use, and storage of your sensitive data as outlined above.

If you have any questions or wish to withdraw your consent, please contact us at support@hedfirst.com.