私隱政策 Privacy Policy
最後更新日期:2026年6月22日
1. 概覽
SmartClinic AI HK Limited(「本公司」、「我們」)為香港私家診所提供 WhatsApp AI 智能助理服務(「本服務」)。本私隱政策說明我們在提供本服務期間,如何收集、使用、儲存及保護所涉及的個人資料,包括病人及診所職員的資料。
本服務由診所引入並交由病人選擇使用;病人透過 WhatsApp 主動聯絡診所即表示同意按本政策處理其資料。如對資料處理有任何疑問,歡迎隨時透過下方方式聯絡我們。
2. 資料收集
我們透過 WhatsApp Business Platform(由 Meta 提供技術)協助診所收集以下資料:
- 病人的 WhatsApp 電話號碼
- 病人發送的訊息內容(文字、圖片,例如保險卡)
- 預約相關資料(姓名、預約日期及時間)
- 診所職員透過後台系統的操作記錄
3. 資料使用
上述資料僅按診所指示,用於以下目的:
- 處理及確認病人預約
- 提供排隊管理服務
- 發送診所要求的覆診、疫苗接種或其他醫療提醒(病人可隨時回覆「停止」取消訂閱)
- 協助診所職員處理病人查詢及人工接管對話
- 系統用量統計及服務優化
我們不會將病人資料用於與上述目的無關的商業推廣或廣告用途。
4. 資料儲存及保安
資料儲存於雲端基礎設施(Google Cloud Platform),並透過加密傳輸(TLS/SSL)保護。我們持續優化保安措施以保障資料安全。
資料保留期一般為診所終止使用本服務後 90 天內,逾期將安排刪除,惟法律規定須延長保留的資料除外。個別診所亦可要求按其需要調整保留安排。
5. 第三方服務
提供本服務涉及以下第三方服務供應商處理資料:
- Meta Platforms, Inc. — WhatsApp Business Platform,用於接收及發送訊息
- Google Cloud Platform — 伺服器運算及 AI 語言處理(Vertex AI)
- Google Workspace — 預約及對話記錄儲存(Google Sheets)
各供應商按其自身私隱政策處理資料,我們在選用時已考慮其安全標準及行業聲譽。
6. 資料共享
我們不會將病人個人資料出售或出租。資料可能在以下情況下被存取或披露:
- 遵守適用法律、法庭命令或政府機關的合法要求
- 保障本公司、診所或其他人的合法權益(例如防止濫用本服務)
- 按診所(作為資料使用的主要負責方)的指示
7. 病人權利
根據香港《個人資料(私隱)條例》(第486章),病人一般有權:
- 向相關診所查閱我們所持有關於其的個人資料
- 要求更正不準確的個人資料
- 要求刪除其個人資料(惟受限於法律規定的保留要求)
- 隨時取消訂閱自動提醒服務(回覆「停止」或「STOP」)
如需行使以上權利,建議先聯絡為您提供服務的診所,或透過下方方式與我們聯絡,我們會盡力協助處理。
8. 法規參考
本服務的設計及運作參考以下規定:
- 香港《個人資料(私隱)條例》(Cap. 486)
- Meta WhatsApp Business Platform 使用政策及商業政策
本政策旨在說明一般做法,不構成法律意見;診所在使用本服務時仍需自行確保符合其專業及法規責任。
9. 政策變更
我們可能因應法規、技術或業務需要更新本政策。重大變更將透過本網站公佈,並更新上方「最後更新日期」。建議定期查閱本頁面以了解最新內容。
10. 聯絡我們
SmartClinic AI HK Limited
地址:Flat E, 5/F, Block 12, The Paragon, 9 Shan Yin Road, Tai Po, Hong Kong
Privacy Policy
Last updated: 22 June 2026
1. Overview
SmartClinic AI HK Limited ("the Company", "we", "us") provides a WhatsApp AI assistant service ("the Service") to private medical clinics in Hong Kong. This Privacy Policy explains how we collect, use, store and protect personal data involved in delivering the Service, including data relating to patients and clinic staff.
The Service is introduced by clinics for their patients' optional use. By contacting a clinic via WhatsApp through the Service, a patient is taken to accept that their data will be handled in accordance with this Policy. If you have any questions about how your data is handled, please contact us using the details below.
2. Data We Collect
Through the WhatsApp Business Platform (provided by Meta), we help clinics collect the following data:
- Patient's WhatsApp phone number
- Content of messages sent by the patient (text, images such as insurance cards)
- Appointment-related details (name, appointment date and time)
- Activity logs from clinic staff using the administrative dashboard
3. How We Use Data
Data is used, on the clinic's instruction, solely for the following purposes:
- Processing and confirming patient appointments
- Providing queue management functionality
- Sending follow-up, vaccination or other reminders requested by the clinic (patients may opt out at any time by replying "STOP")
- Assisting clinic staff in responding to patient enquiries, including manual takeover of conversations
- Service usage statistics and platform improvement
We do not use patient data for promotional or advertising purposes unrelated to the above.
4. Data Storage and Security
Data is stored on cloud infrastructure (Google Cloud Platform) and protected using encrypted transmission (TLS/SSL). We continuously improve our security measures to help keep your data safe.
Data is generally retained for up to 90 days after a clinic stops using the Service, after which it is scheduled for deletion, except where longer retention is required by law. Individual clinics may request adjusted retention arrangements suited to their needs.
5. Third-Party Services
Delivering the Service involves the following third-party providers, each processing data under its own privacy policy:
- Meta Platforms, Inc. — WhatsApp Business Platform, for sending and receiving messages
- Google Cloud Platform — server infrastructure and AI language processing (Vertex AI)
- Google Workspace — storage of appointment and conversation records (Google Sheets)
We select providers with regard to their security standards and industry reputation.
6. Data Sharing
We do not sell or rent patient personal data. Data may be accessed or disclosed in the following circumstances:
- To comply with applicable law, court orders, or lawful requests from government authorities
- To protect the legitimate interests of the Company, a clinic, or other persons (e.g. preventing misuse of the Service)
- On the instruction of the clinic, which remains primarily responsible for the data collected through its use of the Service
7. Patient Rights
Under Hong Kong's Personal Data (Privacy) Ordinance (Cap. 486), patients generally have the right to:
- Request access, via the relevant clinic, to personal data we hold about them
- Request correction of inaccurate personal data
- Request deletion of their personal data, subject to legally required retention periods
- Opt out of automated reminders at any time by replying "STOP"
We recommend contacting the clinic providing your care in the first instance, or reaching us directly using the details below; we will do our best to assist.
8. Regulatory Reference
The Service has been designed with reference to:
- Hong Kong's Personal Data (Privacy) Ordinance (Cap. 486)
- Meta's WhatsApp Business Platform policies, including its Business Policy
This Policy describes our general practices and does not constitute legal advice. Clinics remain responsible for ensuring their own use of the Service complies with their professional and regulatory obligations.
9. Changes to This Policy
We may update this Policy from time to time to reflect changes in law, technology, or our business. Material changes will be announced on this website, and the "Last updated" date above will be revised accordingly. Please check back periodically for the latest version.
10. Contact Us
SmartClinic AI HK Limited
Email: info@smartclinicaihk.com
Address: Flat E, 5/F, Block 12, The Paragon, 9 Shan Yin Road, Tai Po, Hong Kong