Privacy Policy

WeeMed Technologies Inc. (Company ID: 00085209) is committed to protecting your privacy rights. This comprehensive policy explains how we collect, use, store, and protect your personal data in full compliance with GDPR, CCPA, PDPA, and other applicable international data protection laws.

Last Updated: June 7, 2025

1. Company Information & Contact Details

Data Controller Information:

• Company Name: WeeMed Technologies Inc.

• Company Registration: 00085209 (Taiwan)

• Registered Address: 20F-1, No. 186, Sec. 2, Taiwan Blvd., West Dist., Taichung City, Taiwan

• Customer Service: +886-4-23016388

• Email: service@weemed.ai

• Data Protection Officer (DPO): privacy@weemed.ai

• EU Representative: [To be appointed for GDPR compliance]

• Business Hours: Monday-Friday 09:00-18:00 (GMT+8)

2. Legal Basis & Data Categories

We process personal data based on the following legal grounds:

GDPR Article 6(1) - Lawful Basis:

• (a) Consent: Explicit consent for marketing communications

• (b) Contract: Performance of service agreements

• (c) Legal Obligation: Compliance with healthcare regulations

• (f) Legitimate Interests: Service improvement and security

GDPR Article 9 - Special Category Data:

• Health data processing with explicit consent (Art. 9(2)(a))

• Public health purposes (Art. 9(2)(i))

• Vital interests protection (Art. 9(2)(c))

Data Categories Collected:

• Identity Data: Name, ID numbers, passport details

• Contact Data: Email, phone, postal address

• Corporate Data: Company name, tax ID, business registration

• Technical Data: IP addresses, browser data, device information

• Usage Data: Service interactions, preferences, analytics

• Health Data: Risk assessments, screening results, government API data

• Financial Data: Payment information (processed by third-party providers)

2. Purpose of Data Processing

We process your personal data for:

• Service Provision: Providing chronic disease risk assessment services you request

• Service Improvement: Improving our products and service quality

• Communication: Communicating service-related matters and important notifications

• Legal Compliance: Complying with legal requirements including GDPR obligations

• Research Analysis: Conducting internal research to enhance service efficiency

• System Maintenance: Performing system maintenance, troubleshooting, and security monitoring

3. Data Sharing and Disclosure

We do not share or disclose your personal data to third parties except:

• Explicit Consent: With your explicit consent (GDPR Article 6(1)(a))

• Legal Requirements: When required by law (GDPR Article 6(1)(c))

• Legitimate Interests: To protect our rights, property, or safety (GDPR Article 6(1)(f))

• Service Partners: With our partners under confidentiality agreements

• Government Cooperation: Cooperation with government agencies under legal basis

4. Your Rights (GDPR Articles 15-22)

Under GDPR and applicable data protection laws, you have the right to:

• Access: Request access to your personal data

• Rectification: Request correction of inaccurate data

• Erasure: Request deletion of your personal data (right to be forgotten)

• Restrict Processing: Request restriction of processing

• Data Portability: Receive your data in a structured, machine-readable format

• Object: Object to processing based on legitimate interests

5. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the Republic of China (Taiwan). For EU residents, GDPR rights take precedence. For disputes, parties agree to the jurisdiction of Taichung District Court as the court of first instance.