Privacy Policy
Last updated: October 20, 2025
Voyomed ("Voyomed," "we," "us," or "our") is committed to protecting your personal data and respecting your privacy. We have created this Privacy Policy ("Policy") to help you understand what personal information we collect, how we use it, where we store it, and how we protect it when you use our website https://voyomed.com ("Website") and our services.
- We collect only the information necessary to provide you with our medical tourism services
- We protect your sensitive medical data with industry-standard security measures
- You have full control over your personal data
- We comply with GDPR, CCPA, HIPAA, and other international privacy regulations
If you do not agree with any part of this Privacy Policy, please discontinue use of our Website and Services.
1. CONTACT INFORMATION & DATA CONTROLLER
| Controller | Voyomed |
|---|---|
| info@voyomed.com | |
| Phone | +(44) 7383 078038 |
| Data Protection Officer | privacy@voyomed.com |
For all privacy-related inquiries, questions, or to exercise your rights, please contact us at privacy@voyomed.com.
2. WHO ARE OUR USERS?
We serve four categories of users:
- Visitors - Individuals browsing our Website without creating an account
- Clients - Registered users who use our medical tourism services
- Partners - Healthcare providers, clinics, and hospitals listed on our platform
- Representatives - Medical professionals and clinic staff representing our partner institutions
3. CATEGORIES OF DATA WE COLLECT
We collect three main categories of data:
3.1 Automatically Collected Data
When you visit our Website, certain technical data is collected automatically to operate, maintain, and improve our services.
| Category | Description | Legal Basis |
|---|---|---|
| Website Interaction Data | Your interaction with our Website, including pages viewed, features used, navigation patterns, and actions taken | Legitimate interest |
| Device & Connection Data | Device type, operating system, browser type, IP address, connection settings, referring/exit URLs, device identifiers, crash data, and approximate geolocation based on IP address | Legitimate interest |
| Cookies & Similar Technologies | Analytics cookies, performance cookies, and functional cookies (see our Cookie Policy for details) | Legitimate interest / Consent |
3.2 Information You Provide to Us
For Visitors & Clients:
| Category | Data Collected | Legal Basis |
|---|---|---|
| Contact Information | Full name, email address, phone number, country of residence | Performance of contract |
| Account Data | Username, password, profile photo, communication preferences | Performance of contract |
| Medical Information | Medical history, current conditions, symptoms, diagnostic reports, X-rays, CT scans, MRI results, medication history, allergies, prior treatments | Performance of contract |
| Trip Data | Preferred destination countries, travel dates, accommodation preferences, budget range | Performance of contract |
| Guardian Data | Name, relationship, contact information (when applicable for minors or patients requiring assistance) | Performance of contract / Legal obligation |
| Communication Records | Emails, phone call recordings, chat messages, consultation notes with your consent | Consent / Performance of contract |
| Payment Information | Billing address, payment method details (processed securely through third-party payment processors) | Performance of contract |
For Partners & Representatives:
| Category | Data Collected | Legal Basis |
|---|---|---|
| Business Contact Information | Name, title, clinic/hospital name, business email, business phone, business address | Performance of contract |
| Professional Credentials | Medical licenses, certifications, specializations, education background, years of experience | Performance of contract |
| Professional Profile | Areas of expertise, treatment success rates, publications, scientific activity | Performance of contract |
3.3 Data from Third-Party Sources
| Source | Data Collected | Legal Basis |
|---|---|---|
| Social Media Platforms | Name, email, profile photo (when you choose to register via social media) | Consent |
| Partner Healthcare Facilities | Treatment progress, appointment dates, medical reports (shared with your authorization) | Performance of contract |
| Payment Processors | Transaction confirmation, payment status | Performance of contract |
4. HOW WE USE YOUR DATA
4.1 Primary Purposes
| Purpose | Description | Legal Basis | Data Used |
|---|---|---|---|
| Provide Website Access | Maintain website functionality, provide access to features, improve user experience, troubleshoot technical issues | Performance of contract | Contact data, Account data, Device data |
| Deliver Our Services | Match you with suitable healthcare providers, coordinate medical consultations, arrange travel and accommodation, facilitate communication between you and medical facilities | Performance of contract | Contact data, Medical data, Trip data, Guardian data |
| Customer Support | Respond to your inquiries, provide assistance, resolve issues, follow up on treatments | Performance of contract | Contact data, Communication records, Medical data |
| Communication | Send appointment confirmations, treatment updates, service notifications, respond to your requests | Performance of contract | Contact data, Account data |
| Research & Development | Analyze usage patterns, improve our services, develop new features, enhance safety and security | Legitimate interest | Automatically collected data, Device data, Cookies |
| Safety & Security | Prevent fraud, detect abuse, ensure platform security, comply with legal obligations, protect against illegal activities | Legitimate interest | All collected data as necessary |
| Legal Compliance | Comply with court orders, governmental requests, tax obligations, legal reporting, and audit requirements | Legal obligation | All data categories as required |
| Marketing Communications (Partners & Representatives only) | Send newsletters, service updates, industry news (you can opt-out anytime) | Consent | Contact data |
4.2 Additional Purposes
If we need to process your data for purposes not listed above, we will obtain your explicit consent and clearly explain how your data will be used.
5. COOKIES & TRACKING TECHNOLOGIES
We use cookies and similar technologies to enhance your experience, analyze website performance, and remember your preferences.
What are Cookies?
Cookies are small text files stored on your device that help us recognize you and understand how you use our Website.
Types of Cookies We Use:
- Essential Cookies: Required for website functionality (e.g., security, login sessions)
- Analytical Cookies: Help us understand how visitors use our Website (e.g., Google Analytics)
- Functional Cookies: Remember your preferences and settings
- Performance Cookies: Monitor website performance and identify technical issues
Managing Cookies:
You can control cookies through your browser settings:
You can also opt-out of Google Analytics by using the Google Analytics Opt-Out Browser Add-on.
6. HOW WE SHARE YOUR DATA
6.1 When We Share Your Data
We may share your personal data under the following circumstances:
With Healthcare Partners:
- When you select a clinic or hospital, we share necessary medical information to facilitate your treatment
- All partners sign Data Sharing Agreements and Data Processing Agreements compliant with GDPR and applicable laws
- Partners act as independent data controllers when providing medical services
With Service Providers:
- Payment processors (for secure payment processing)
- Cloud hosting providers (for data storage)
- Communication platforms (for email and SMS services)
- Translation services (when needed for international coordination)
- Travel coordination services (for trip arrangements)
For Legal Reasons:
- To comply with court orders, legal processes, or governmental requests
- To enforce our Terms of Service
- To protect the rights, property, or safety of Voyomed, our users, or others
- To detect, prevent, or address fraud, security, or technical issues
Business Transfers:
- In the event of a merger, acquisition, bankruptcy, or sale of assets, your data may be transferred to the successor entity
6.2 International Data Transfers
We may transfer your personal data to service providers and partners located outside your country of residence. When we do so, we ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Other appropriate safeguards as required by law
Your data may be processed in the United States, European Union member states, Turkey, and other countries where our healthcare partners are located.
6.3 Data Security Audits
Before sharing data with any third party, we conduct security audits to ensure appropriate safeguards are in place.
7. HOW WE PROTECT YOUR DATA
7.1 Security Measures
We implement industry-standard physical, electronic, and procedural safeguards to protect your personal data:
- Encryption: Data is encrypted in transit (SSL/TLS) and at rest
- Access Controls: Limited access to authorized personnel only on a need-to-know basis
- Authentication: Multi-factor authentication for system access
- Regular Security Audits: Periodic assessments of our security infrastructure
- Employee Training: All staff receive data protection and privacy training
- Vendor Security Checks: Third-party service providers undergo security evaluations
- Secure Servers: Data stored on secure servers in GDPR-compliant data centers
7.2 Data Retention
We retain your personal data only as long as necessary to:
- Fulfill the purposes described in this Policy
- Comply with legal, tax, accounting, and regulatory obligations
- Resolve disputes and enforce our agreements
- Maintain fraud detection and prevention records
Typical Retention Periods:
- Account data: For the duration of your account plus 7 years for legal compliance
- Medical data: 10 years after last treatment or as required by medical records regulations
- Communication records: 5 years after last interaction
- Payment data: As required by tax and financial regulations (typically 7 years)
- Marketing data: Until you withdraw consent or we no longer have a legitimate interest
7.3 Data Breach Notification
Despite our efforts, no system is completely secure. If we become aware of a data breach that affects your personal information, we will:
- Notify you within 72 hours as required by GDPR
- Inform relevant supervisory authorities
- Take immediate steps to contain and remedy the breach
- Provide guidance on protective measures you can take
If you suspect your account has been compromised, immediately contact us at privacy@voyomed.com.
8. CHILDREN'S PRIVACY
We do not knowingly collect personal data directly from children under 16 years of age.
If a minor requires medical tourism services:
- A parent or legal guardian must create the account
- The guardian provides consent for all data processing
- We verify the guardian's identity and authority to represent the child
- Medical information about minors is handled with extra care and security
If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at privacy@voyomed.com, and we will take steps to delete such information.
9. YOUR RIGHTS & HOW TO EXERCISE THEM
9.1 Rights for EEA & UK Residents (GDPR)
| Right | Description |
|---|---|
| Right to Access | Request information about whether we process your personal data and obtain a copy of it |
| Right to Rectification | Correct inaccurate or incomplete personal data |
| Right to Erasure ("Right to be Forgotten") | Request deletion of your personal data (subject to legal obligations) |
| Right to Restrict Processing | Limit how we process your personal data in certain circumstances |
| Right to Data Portability | Receive your data in a structured, machine-readable format and transfer it to another controller |
| Right to Object | Object to processing based on legitimate interests or for direct marketing purposes |
| Right to Withdraw Consent | Withdraw consent for any processing based on consent (without affecting prior lawful processing) |
| Right to Lodge a Complaint | File a complaint with your local Data Protection Authority |
Response Time: We will respond to your request within 30 days.
How to Exercise Your Rights: Contact us at privacy@voyomed.com
Supervisory Authorities:
- EEA Residents: Find your local Data Protection Authority at EDPB Member List
- UK Residents: Information Commissioner's Office (ICO) - Tel: 0303-123-1113 or ico.org.uk/make-a-complaint
9.2 Rights for U.S. Residents (CCPA, CPRA, and State Laws)
Your rights vary by state. Below are rights available to residents of states with comprehensive privacy laws:
| Right | Available In | Description |
|---|---|---|
| Right to Know | CA, VA, CO, CT, UT, NV, OR, TX, MT | Request information about the personal data we collect, use, disclose, and sell |
| Right to Access | All states | Obtain a copy of your personal data |
| Right to Correct | CA, VA, CO, CT, UT, OR, TX, MT | Correct inaccurate personal data |
| Right to Delete | CA, VA, CO, CT, UT, NV, OR, TX, MT | Request deletion of your personal data (subject to exceptions) |
| Right to Data Portability | CA, CO, CT, OR, TX, MT | Receive your data in a portable format |
| Right to Opt-Out of Sales | CA, VA, CO, CT, UT, NV, OR, MT | Opt out of the sale of personal data to third parties |
| Right to Opt-Out of Targeted Advertising | CA, VA, CO, CT, OR, TX, MT | Opt out of processing for targeted advertising purposes |
| Right to Opt-Out of Profiling | CA, VA, CO, CT | Opt out of automated decision-making and profiling |
| Right to Limit Use of Sensitive Personal Information | CA | Limit the use of sensitive personal data |
| Right Against Discrimination | CA, VA, CO, CT, UT, OR, MT | Not be discriminated against for exercising your privacy rights |
Response Time: We will respond to your request within 30-60 days, depending on your state's requirements.
How to Exercise Your Rights: Contact us at privacy@voyomed.com or call +(1) 302-984-7139
California Residents: You may also designate an authorized agent to submit requests on your behalf. The agent must provide written authorization from you.
"Do Not Track" Signals: We currently do not respond to "Do Not Track" browser signals, but we do honor opt-out preferences expressed through other means.
9.3 HIPAA Rights (U.S. Health Information)
As a business associate under the Health Insurance Portability and Accountability Act (HIPAA), we protect your Protected Health Information (PHI).
| Right | Description |
|---|---|
| Right to Request Privacy Protection | Request restrictions on how your PHI is used or disclosed |
| Right to Access PHI | Inspect and obtain copies of your medical records |
| Right to Amend | Request corrections to inaccurate or incomplete PHI |
| Right to an Accounting of Disclosures | Receive a list of disclosures of your PHI made in the past 6 years (with certain exceptions) |
| Right to Breach Notification | Be notified of any unauthorized access, acquisition, use, or disclosure of your unsecured PHI |
| Right to File a Complaint | File a complaint with us or the U.S. Department of Health and Human Services (HHS) if you believe your rights have been violated |
How to Exercise HIPAA Rights: Contact privacy@voyomed.com or write to us at our business address.
HHS Complaints: File online at HHS HIPAA Complaint Portal or call 1-877-696-6775
Response Time: We have 30 days to respond to HIPAA rights requests.
10. MARKETING COMMUNICATIONS
For Clients: We will send you service-related communications (appointment confirmations, treatment updates, security alerts) as necessary to provide our services. These are not promotional and cannot be opted out of while you use our services.
For Partners & Representatives: If you have provided consent, we may send you marketing communications including:
- Newsletters and industry updates
- New service announcements
- Partnership opportunities
- Educational content
How to Opt-Out:
- Click the "unsubscribe" link in any marketing email
- Email us at info@voyomed.com with "Unsubscribe" in the subject line
- Update your communication preferences in your account settings
You can withdraw consent for marketing communications at any time without affecting other services.
11. THIRD-PARTY LINKS & SERVICES
Our Website may contain links to third-party websites, healthcare provider sites, or social media platforms. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.
Social Media Features:
If you interact with social media features on our Website (e.g., Facebook Like button, Twitter share), these platforms may collect data about your interaction. Please review their privacy policies for details.
12. GOOGLE ADS & SOCIAL MEDIA ADVERTISING
We use Google Ads, Facebook Ads, Instagram Ads, and other advertising platforms to promote our services. These platforms may:
- Use cookies and tracking pixels to display relevant ads
- Collect data about your interactions with our ads
- Create custom audiences based on website visitors
Your Advertising Choices:
- Google Ads: Manage your ad preferences at adssettings.google.com
- Facebook/Instagram: Manage ad preferences in your Facebook Settings → Ads
- General Opt-Out: Visit optout.networkadvertising.org or optout.aboutads.info
We comply with advertising platform policies and applicable data protection laws when running ads.
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
When We Make Changes:
- We will post the updated Policy on this page with a new "Last Updated" date
- For material changes, we will provide prominent notice on our Website or send you an email notification
- If legally required, we will obtain your consent before implementing changes that affect how we process your personal data
Your Responsibility: We encourage you to review this Policy periodically to stay informed about how we protect your information.
14. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: privacy@voyomed.com
General Inquiries: info@voyomed.com
Phone: +(1) 302-984-7139
Website: https://voyomed.com
15. DISPUTE RESOLUTION
If you are not satisfied with our response to your privacy request or complaint:
- EEA/UK Residents: You may file a complaint with your local Data Protection Authority.
- U.S. Residents: You may contact your state Attorney General's office or the Federal Trade Commission.
- All Users: You may also seek resolution through arbitration or litigation as provided in our Terms of Service.
Effective Date: This Privacy Policy is effective as of October 20, 2025.
By using our Website and Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.