menu

Privacy Policy

Updated on :12/07/2025

At Medtravel.Ai, we value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your data.

MedTravel.AI Privacy Policy

Last updated: December 2025

MedTravel.AI (“we,” “our,” “us”) is a medical tourism facilitation platform that connects patients with accredited international hospitals and healthcare providers. We are not a healthcare provider, do not deliver medical treatment ourselves, and do not store or process medical information beyond what is needed to perform coordination services.

We are committed to protecting your privacy and handling your personal information responsibly, in compliance with Canadian privacy laws (PIPEDA & applicable provincial legislation) and HIPAA-aligned best practices for safeguarding health-related information.

By using our website, platform, or services, you agree to the practices outlined in this Privacy Policy.

1. What Information We Collect

We collect only the information required to provide cost estimates, coordinate medical travel, and connect you with healthcare partners.

1.1 Personal Information

  • Full name

  • Email address

  • Phone or WhatsApp number

  • Date of birth (optional)

  • Country/City of residence

1.2 Medical Information (Patient-Provisioned Only)

  • Medical history summaries

  • Diagnostic reports and scans

  • Prescriptions

  • Doctor notes

  • Previous treatment history

  • Any documents you voluntarily upload

Note: We do not create medical records. We only pass along the information you provide.

1.3 Travel Information

  • Passport (if voluntarily uploaded)

  • Preferred travel dates

  • Visa documentation (optional)

1.4 Website & Technical Information

  • Device information

  • IP address

  • Cookies (for analytics and site functionality)

  • Form submission data

2. How We Use Your Information

We use your information solely for medical tourism coordination, including:

2.1 To Provide Quotes & Cost Estimates

We share medically necessary information only with hospitals and doctors you choose.

2.2 To Arrange Medical Tourism Services

  • Hospital/doctor matching

  • Appointment scheduling

  • Treatment discussions

  • Travel coordination & guidance

2.3 To Communicate With You

  • WhatsApp, email, or phone communication

  • Follow-ups

  • Document requests

  • Post-treatment check-ins

2.4 To Improve Our Platform

  • Analytics (anonymized)

  • Service optimization

3. Legal Basis for Processing (PIPEDA Compliance)

We collect, use, and disclose personal information based on:

  • Your consent (explicit when uploading medical documents)

  • Service delivery (coordinating treatment & travel)

  • Legitimate interest (improving our services)

  • Compliance with applicable laws

You may withdraw consent at any time by emailing: privacy@medtravel.ai

4. How We Protect Your Information

MedTravel.AI uses security measures aligned with HIPAA best practices:

4.1 Data Protection Measures

  • Encrypted data transmission (HTTPS/SSL)

  • Secure cloud storage (SOC 2 / ISO 27001 compliant providers)

  • Restricted internal access based on “need-to-know”

  • Secure document upload portals

  • Regular security audits

4.2 No Local Storage

We do not store sensitive documents on personal devices or local computers.

4.3 Staff Training

All staff and contractors receive privacy, confidentiality, and data handling training.

5. How We Share Information

We share your information only when necessary to provide services.

5.1 With International Healthcare Providers

We may share:

  • Medical reports

  • Treatment history

  • Contact information
    Only with hospitals you authorize.

5.2 With Travel Partners

If applicable, and only with your consent:

  • Passport documents

  • Travel preferences

5.3 With Third-Party Service Providers

These include:

  • Cloud storage platforms

  • CRM systems

  • Encrypted communication tools

All partners follow strict confidentiality and data security agreements.

5.4 We Do NOT Sell Personal Information

We never sell, rent, or trade your data to advertisers or third parties.

6. International Transfer of Information

Because medical tourism involves international hospitals, your personal and medical information may be transferred outside Canada.

We ensure:

  • Transfers occur only with your consent

  • Hospitals receiving data follow strong privacy and security standards

  • Only the minimum required information is shared

7. Data Retention

We retain information only as long as necessary for service delivery and legal requirements.

Default retention:

  • Leads (basic info): up to 24 months

  • Medical documents: deleted upon patient request or after 12 months of inactivity

  • Communications: 12–24 months

You may request deletion anytime.

8. Your Rights

Under PIPEDA, you have the right to:

✔ Access your personal information
✔ Request corrections
✔ Withdraw consent
✔ Request deletion of your records
✔ Limit what information we share with hospitals
✔ Ask how your data is used or stored

To exercise these rights, contact: privacy@medtravel.ai

We will respond within 30 days.

9. Children’s Privacy

Our services are not intended for individuals under 18.
We do not knowingly collect or store information from minors.

10. HIPAA Clarification

MedTravel.AI is not a HIPAA-covered entity, as we do not provide medical treatment or electronic billing.

However:

  • We voluntarily follow HIPAA-aligned security standards

  • All medical information is treated as Protected Health Information (PHI) according to best practices

  • Hospitals we work with may be subject to HIPAA/HIPAA-equivalent laws depending on jurisdiction

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes to our practices or legal requirements. Updates will be posted on this page with a revised date.

12. Contact Us

For privacy-related questions, concerns, or data requests:

📧 privacy@medtravel.ai
🌐 www.medtravel.ai
📍 Vancouver, British Columbia, Canada