← Back to Home

Privacy Policy

Last Updated: December 29, 2024

1. Introduction

Health Centric ("Company," "we," "us," or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and health testing services (collectively, the "Services").

We operate in compliance with Panama Law 81 of March 26, 2019 (Personal Data Protection Law) and other applicable international data protection standards.

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our Services immediately.

2. Information We Collect

2.1 Personal Information

We may collect the following categories of personal information:

  • Identity Information: Full name, date of birth, gender, government-issued identification numbers
  • Contact Information: Email address, phone number, mailing address
  • Account Information: Username, password, account preferences
  • Payment Information: Credit card details, billing address, transaction history
  • Health Information: Medical history, test results, biomarkers, health conditions, medications, and other Protected Health Information (PHI)

2.2 Automatically Collected Information

When you access our Services, we automatically collect:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, click patterns)
  • Location data (with your consent)
  • Cookies and similar tracking technologies

2.3 Information from Third Parties

We may receive information from MINSA-certified laboratories, healthcare providers, insurance companies, and identity verification services that you have authorized to share information with us.

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Processing orders, conducting health tests, delivering results, and providing personalized health insights
  • Communication: Sending appointment reminders, test results, health recommendations, and service updates
  • Account Management: Creating and managing your account, processing payments, and providing customer support
  • Improvement: Analyzing usage patterns to improve our Services, develop new features, and enhance user experience
  • Legal Compliance: Complying with applicable laws, regulations, and legal processes
  • Safety and Security: Detecting, preventing, and addressing fraud, security breaches, and technical issues
  • Research: Conducting anonymized, aggregated research to advance health science (only with explicit consent)

4. Protected Health Information (PHI) & Ley 81 Compliance

As a provider of health-related services, we handle Protected Health Information (PHI) in accordance with Panama's Ley 81 regulations. This includes:

  • Implementing administrative, physical, and technical safeguards to protect PHI
  • Training all employees on Ley 81 privacy and security requirements
  • Maintaining Data Processing Agreements with all third parties who access PHI
  • Providing you with access to your health records upon request
  • Limiting PHI use and disclosure to the minimum necessary

You have the right to request restrictions on certain uses of your PHI, receive confidential communications, access and obtain copies of your health records, and request amendments to your PHI.

5. Disclosure of Your Information

We may share your information in the following circumstances:

  • Service Providers: CLIA-certified laboratories, payment processors, cloud hosting providers, and customer support services
  • Healthcare Providers: With your explicit consent, to physicians or healthcare providers you designate
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: For any other purpose with your explicit authorization

We do not sell your personal information or health data to third parties.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • 256-bit SSL/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication for account access
  • Regular security audits and penetration testing
  • Access controls and employee training
  • Secure data centers with physical security measures

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. Types of cookies we use:

  • Essential Cookies: Required for basic site functionality
  • Analytics Cookies: Help us understand how visitors use our site
  • Preference Cookies: Remember your settings and preferences
  • Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can control cookies through your browser settings. Disabling certain cookies may affect site functionality.

8. Your Rights Under Panama Law 81 of 2019

Under Panama's Personal Data Protection Law, you have the following rights:

  • Right of Access: Request information about the personal data we hold about you
  • Right of Rectification: Request correction of inaccurate or incomplete data
  • Right of Cancellation: Request deletion of your personal data (subject to legal retention requirements)
  • Right of Opposition: Object to certain processing of your personal data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us at privacy@healthcentric.com. We will respond within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than Panama, including the United States where our laboratory partners are located. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and Business Associate Agreements, to protect your data in accordance with applicable laws.

10. Data Retention

We retain your personal information for as long as necessary to provide our Services and comply with legal obligations. Health records are retained for a minimum of seven (7) years from the date of service, or longer as required by applicable law. You may request deletion of your account data, but certain information may be retained for legal, regulatory, or legitimate business purposes.

11. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. Health testing for minors requires parental or guardian consent and authorization.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on our website and updating the "Last Updated" date. Your continued use of our Services after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Health Centric

Data Protection Officer

Email: privacy@healthcentric.com

Address: Panama City, Panama

For complaints regarding data protection, you may also contact the Autoridad Nacional de Transparencia y Acceso a la Informacion (ANTAI) of Panama.