Privacy Policy
Last updated: 16 July 2026
Effective for: hospigo.com and all related subdomains and services (the "Site")
1. Who we are
Hospigo is operated by Intermedi Pte. Ltd. ("Hospigo," "we," "us," or "our"), a company incorporated in Singapore (UEN 202623943K), with its registered office at 160 Robinson Road, #14-04 Singapore Business Federation Center, Singapore 068914.
Hospigo connects prospective patients with independent, third-party hospitals, clinics, and medical providers located in Thailand (and potentially other destinations in the future). Hospigo is a marketing and facilitation service — we are not a hospital, clinic, doctor, or insurer, and we do not provide medical advice or medical services ourselves. See our Terms of Service for details on the nature of our service.
For any question about this policy or your personal data, contact our designated Data Protection Officer at Bart@hospigo.com. (This person is our designated contact for data protection matters under Singapore's Personal Data Protection Act and other applicable privacy laws.)
EU Representative
Because Hospigo has no establishment in the European Union but processes personal data of individuals located in the EU, we are required under Article 27 of the GDPR to appoint an EU representative.
2. What information we collect
When you use our inquiry / lead form or otherwise contact us, we may collect:
- Contact information: name, email address, phone number, country of residence.
- Health-related information you choose to share: the type of procedure you're interested in, relevant medical history, or other health details you provide to help us match you with an appropriate provider. This is "special category" / sensitive data under several of the laws that apply to us, and we treat it accordingly (see Section 4).
- Technical information: IP address, browser type, device information, and general usage data collected automatically via cookies and similar technologies (see Section 8).
- Communications: records of correspondence between you and Hospigo, including consent records (what you agreed to, and when).
We do not currently process payments or bookings directly through the Site. If that changes, this policy will be updated to describe how payment data is handled.
3. Why we collect it, and our legal basis
Where we rely on your consent — which is the basis for essentially all health-related data we collect — you may withdraw it at any time by contacting us at Bart@hospigo.com. Withdrawing consent does not affect the lawfulness of anything we did before you withdrew it, but it may mean we can no longer help connect you with a provider.
We ask for consent to health-related data collection and to marketing communications separately — ticking one does not mean you've agreed to the other.
4. Sensitive / health data
Some of what you share with us (for example, details about a medical condition or procedure) is treated as sensitive personal data under the GDPR (health data, Article 9), Singapore's PDPA, Canada's PIPEDA, and comparable US state laws (including Washington's My Health My Data Act and California's Confidentiality of Medical Information Act). Regardless of which of these applies to you, we apply the same practice across the board:
- We only collect it with your clear, affirmative, opt-in consent, given separately from any other consent (e.g. marketing).
- We only use it to match you with a suitable medical provider and respond to your inquiry — not for advertising profiling or sale to third parties.
- We limit access internally to staff who need it to process your inquiry.
- We do not sell health-related personal data.
5. Who we share your information with
We share your information only where necessary to provide our service:
- Partner hospitals and clinics in Thailand, so they can respond to your inquiry — only with your consent, and only the information relevant to your inquiry.
- Service providers who help us run the Site (e.g. hosting, email/CRM, form processing), acting under contractual confidentiality and data protection obligations.
- Regulators or authorities, where required by law.
- A successor entity, if Hospigo is ever involved in a merger, acquisition, or sale of assets — subject to the same protections described here.
We do not sell your personal data to third parties for their own marketing purposes.
6. International data transfers
Hospigo is based in Singapore, our partner providers are in Thailand, and we serve visitors from Canada, the United States, and the European Economic Area, among other places. This means your data will typically be transferred across borders. Where we transfer personal data out of the EEA, Singapore, or other jurisdictions with transfer restrictions, we use appropriate safeguards (such as standard contractual clauses or equivalent mechanisms) as required by applicable law.
7. How long we keep your data
We retain inquiry data (including any health-related information you shared) for up to 24 months after our last contact with you, after which it is deleted or anonymized — unless you ask us to delete it sooner, or a longer retention period is required by law (for example, for accounting or legal defense purposes). Consent records are kept for as long as needed to demonstrate compliance. We periodically review and delete data we no longer need.
8. Cookies and similar technologies
The Site uses cookies and similar technologies for basic functionality and, only with your consent, analytics. Analytics cookies are off by default and only load if you actively opt in via our cookie banner. See our Cookie Policy for the specific cookies we use and how to change your choice at any time.
9. Your rights
Depending on where you live, you may have rights to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request deletion of your data.
- Restrict or object to certain processing.
- Receive your data in a portable format.
- Withdraw consent at any time.
- Lodge a complaint with your local data protection authority — for example, the Personal Data Protection Commission in Singapore, the Office of the Privacy Commissioner of Canada, your national supervisory authority if you're in the EU, or your state Attorney General / the FTC in the United States.
For residents of certain US states (including California, Washington, and others with comprehensive privacy laws): you may have additional rights to opt out of the "sale" or "sharing" of personal information and of targeted advertising. Hospigo does not sell your personal information or share it for cross-context behavioral advertising. If that ever changes, we will update this policy and provide the required opt-out mechanisms first.
To exercise any of these rights, contact us at Bart@hospigo.com. We will respond within the timeframe required by applicable law. We will not discriminate against you for exercising any privacy right.
10. Security
We use reasonable technical and organizational measures to protect your information, including encryption in transit (HTTPS) and access controls. No system is completely secure, and we cannot guarantee absolute security. If we become aware of a breach affecting your personal data, we will notify you and any relevant regulator as required by applicable law (including, where applicable, the FTC Health Breach Notification Rule, PIPEDA's mandatory breach reporting, and GDPR's 72-hour notification requirement).
11. Children's privacy
The Site is not directed at children, and we do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, contact us and we will delete it.
12. Changes to this policy
We may update this policy from time to time. We will post the updated version here with a new "Last updated" date, and where changes are material, we will provide additional notice as appropriate.
13. Contact us
Intermedi Pte. Ltd. (trading as Hospigo)
160 Robinson Road, #14-04 Singapore Business Federation Center, Singapore 068914
Bart@hospigo.com