Privacy policy — SeniorLabCover

This privacy policy explains how SeniorLabCover collects, uses and protects information in the context of senior insurance selection and diagnostic coordination. The policy uses examples and practical scenarios to illustrate how data moves between our platform, insurers and service partners and what rights a user can exercise. We limit collection to what is relevant for providing quotes, claims support and care coordination.

08-05-2026 SeniorLabCover, Jalan Ayer Hangat, Kampung Kisap, 07000 Langkawi, Kedah, Malaysia. Business ID: 462432014996. Phone: +60122705588. Jalan Ayer Hangat, Kampung Kisap, 07000 Langkawi, Kedah, Malaysia [email protected]

Key definitions

To make the policy actionable we define common terms below and then show short scenarios that explain how those terms affect real interactions when selecting senior insurance.

Personal data: any information that identifies you directly or indirectly — for example name, date of birth, contact details, health history, ID numbers and billing information used to obtain insurance quotes or process a claim.
Processing: any operation performed on personal data including collection, storage, analysis, sharing with insurers, and deletion. A scenario: when you request a quote we process your age, pre-existing conditions and lab history to calculate estimated premiums.
User: a person who interacts with SeniorLabCover to compare plans, request assistance, or submit medical information for care coordination or claims support.
Service: the suite of tools SeniorLabCover provides, including plan comparison, lab-network matching, claims guidance and facilitation of diagnostics and home care arrangements.
Cookies: small files stored on your device to support session management, preferences and analytics. We use cookies to remember your language choice and to analyze usage patterns to improve case-based guidance.
We rely on appropriate legal bases to process data. The relevant bases depend on the context and are described with practical examples below.

Data we collect

We collect data directly from you, automatically from devices, and from third parties when necessary to provide insurance and diagnostic coordination services. Examples and lists follow.

Information you provide directly

Typical scenario: when you request a quote or book a diagnostic test, you supply certain details that are necessary to complete the action.

  • Full name, contact number and email address used to send quotes, confirm appointments, and follow-up.
  • Date of birth and gender to calculate age-based premium estimates and relevant screening recommendations.
  • Medical history summaries, current medications and recent laboratory results submitted to provide accurate plan matches and claims support.
  • Identification and policy numbers provided when coordinating with insurers or submitting claims on your behalf.
  • Payment details and billing information necessary to process fees for partner services, when applicable.
  • Optional preferences and caregiver contacts used to customize communication and coordinate home visits.

Information collected automatically

When you use the website or mobile interface, we collect certain technical and usage data to maintain and improve the service.

  • Device and browser information (model, operating system, screen size) to ensure compatibility and proper display of diagnostic network maps.
  • IP address and approximate location to suggest nearby labs and home care providers for practical scheduling.
  • Usage logs and navigation paths to analyze which case studies and scenarios help users choose a plan.
  • Cookie identifiers and analytics data to measure feature performance and optimize quote processes.
  • Error and crash reports to detect and fix operational issues promptly.
  • Interaction timestamps and session lengths to identify common decision points for senior plan selection.

Data from third-party sources

We may receive data from partners and third parties to validate information or complete service actions. Below are common sources and examples.

  • Insurers and consultant: policy details, coverage confirmations and claims status used to coordinate benefits and estimate out-of-pocket costs.
  • Medical providers and laboratories: test results and appointment availability shared when you authorize coordination for diagnostics.
  • Payment processors and verification services to confirm transactions and prevent fraud.

Why we process personal data

Each processing activity serves a specific purpose. We describe those purposes with short practical examples that reflect real user scenarios.

  • To provide and manage insurance quotes: using age, health history and preferences to present tailored plan options and side-by-side cost scenarios.
  • To facilitate diagnostics and home care: sharing contact and scheduling data with partner labs when a user books phlebotomy or home nursing.
  • To handle claims assistance: transmitting required documents and medical summaries to an insurer after explicit user consent to expedite processing.
  • To communicate updates: appointment reminders, quote clarifications and secure messages about claim milestones.
  • To prevent fraud and secure accounts: analyzing patterns and verifying identities when unusual activity is detected.
  • To comply with legal and regulatory obligations: retaining transaction records when required by law or regulator request.
  • To carry out analytics and service improvement: using anonymized usage data to refine scenario templates and comparison logic.
  • To obtain consented marketing and educational outreach: sharing newsletters and case-study summaries only when you opt in.

Legal bases for processing

We rely on appropriate legal bases to process data. The relevant bases depend on the context and are described with practical examples below.

  • Performance of a contract: processing necessary to provide quotes, coordinate diagnostics, or perform services you requested.
  • Consent: when you explicitly agree to communications, marketing, or the sharing of sensitive health details for specific coordination tasks.
  • Legal obligation: processing required to comply with applicable laws or regulatory requests.
  • Legitimate interests: limited processing to improve security, detect fraud, and enhance service usability, balanced against your rights.

Where GDPR-style rights apply

If GDPR-style protections apply to you, the following rights are available. We explain how those rights are exercised in practice using example steps.

  • Right of access: you can request a copy of personal data we hold about you. Example: request recent quotes and submitted medical summaries for review.
  • Right to rectification: ask us to correct inaccurate or incomplete personal information such as an incorrect date of birth used in premium calculations.
  • Right to erasure: request deletion of data where not required to be retained for legal reasons; example: remove a saved caregiver contact.
  • Right to restriction of processing: ask us to pause processing while you contest accuracy of data used in a claim coordination.
  • Right to data portability: request a machine-readable copy of personal data you provided to transfer to another service.
  • Right to object: object to direct marketing or certain legitimate-interest processing; we will stop processing for those purposes unless there is an overriding reason.

Cookies and similar technologies

Cookies help the service remember preferences and analyze usage. We describe cookie types and how you can manage them with practical examples.

Types: session cookies (temporary), persistent cookies (remembering settings), and third-party cookies (analytics and partner widgets). Example: a persistent cookie remembers your preferred case-study filters.

Categories: strictly necessary (site operation), performance/analytics (usage insights), functional (language and display settings), and advertising (only with consent).

Manage cookies by adjusting browser settings, using in-site cookie controls, or opting out of analytics. Example: disabling analytics cookies will not prevent you from receiving quotes but may reduce personalization.

Full cookie policy

Sharing and disclosures

We share data only as needed to deliver services and in compliance with law. Below are common categories of recipients with example scenarios.

  • Insurers and consultant: to obtain quotes and submit claims documentation when you request assistance.
  • Healthcare providers and laboratories: to schedule tests or send results with your authorization.
  • Service providers and contractors: payment processors, analytics providers and scheduling platforms that support the service.
  • Regulatory and legal authorities: when required to comply with legal obligations or respond to lawful requests.
  • Business partners in mergers or reorganization: we will notify affected users and preserve protections during transitions.
  • Aggregated and anonymized data: used for research or service improvement where individuals cannot be re-identified.

International transfers

Data may be transferred to countries where our partners operate. Example: sharing lab appointment details with a regional diagnostics provider outside Malaysia to arrange testing.

We apply safeguards such as contractual data protection clauses, encryption and transfer only when necessary. We assess partner practices before transfer to maintain appropriate protection.

Data retention

Retention periods are based on the purpose of processing and legal or regulatory requirements. Below we provide typical retention examples.

Account data: retained while the account is active and for a limited period after account closure for fraud prevention and legal compliance, typically no longer than necessary.

Messages and support records: kept for a defined period to support claims and service history, usually retained for several years depending on applicable regulations.

Operational logs and security records: retained for security monitoring and incident contribute for a limited period consistent with industry practice.

Deletion process: upon a valid deletion request we remove personal identifiers from active systems and retain only limited records if required by law, while informing you of any retention constraints.

Security of personal data

We use technical and organizational measures to protect personal data against unauthorized access, accidental loss and misuse. Security practices are reviewed with practical scenario testing to ensure resilience.

  • Encryption in transit and at rest for sensitive information like medical summaries and payment details.
  • Access controls and role-based permissions so only authorized staff involved in a specific case can view necessary data.
  • Regular audits, staff training and incident response exercises to minimize risk and improve recovery procedures.

Your rights and how to exercise them

You can exercise the following rights in practice. For most requests we will ask for reasonable identity verification to protect your data.

  • Access: request a copy of your data and a plain-language summary of how it has been used in a given case.
  • Rectification: correct inaccurate details used in premium calculations or appointment scheduling.
  • Erasure and restriction: request deletion or restriction where legal retention is not required; example: remove a stored caregiver contact.
  • Portability and objection: obtain a machine-readable copy of provided data or object to certain processing operations; we will explain practical implications and next steps.
  • Right to restriction of processing: request that SeniorLabCover limits processing of your personal data while a dispute about accuracy or legitimate interest is being resolved.
  • Right to data portability: where processing is based on consent or contract, you may request a machine-readable copy of data you provided, to transmit to another provider when technically feasible.
  • Right to object: you may object to processing based on legitimate interests or direct marketing. We will assess objections in the context of user scenarios and documented cases.
  • Right to withdraw consent: when processing relies on consent, you may withdraw it at any time without affecting processing prior to withdrawal. Withdrawal steps are described in practical case examples on our site.

How to exercise your privacy rights

To exercise any of the rights above, submit a request through our Data Rights form at SeniorLabCover.pro/privacy or by postal mail to Jalan Ayer Hangat, Kampung Kisap, 07000 Langkawi, Kedah, Malaysia. Include a clear description of the right you are exercising and any relevant supporting documents. For scenarios where identity verification is needed, we provide step-by-step checklists based on case examples to avoid unnecessary delays.

[email protected]

We aim to acknowledge requests within 7 calendar days and to provide a substantive response within 30 calendar days. In complex cases requiring additional review or coordination with partners, we will inform you of an extended timeline and provide interim status updates based on documented case handling practices.

Marketing and communications

SeniorLabCover may use your contact information to send product updates, newsletters, and service offers relevant to senior insurance selection. Communications are tailored using preferences you provide; practical cases on the site illustrate how preference choices change the types of messages received. Marketing messages always include an option to adjust preferences or unsubscribe.

To stop marketing messages, use the unsubscribe link in any email or update your preferences at SeniorLabCover.pro/preferences. You may also send a written request to the postal address. Unsubscribe actions are processed within 5 business days in typical cases.

Children's data

SeniorLabCover is intended for adults making insurance decisions for seniors and does not knowingly collect personal information from individuals under 16. If we discover that we have collected data from a minor without verified parental consent, we follow a documented removal procedure. Practical scenarios on our policy pages explain steps taken in past cases: how we verified ages, notifications sent to custodial contacts, and timelines for data deletion or transfer where appropriate. If you believe your minor dependent's information is present in our systems, contact us promptly with identifying details and supporting documentation so we can assess the record and apply the relevant remediation steps.

Links to third-party sites

SeniorLabCover may link to external insurance providers, comparison tools, and government resources. These third-party sites have their own privacy practices; we recommend reviewing their policies. In case studies we document how information sharing with a selected provider worked in practice and which data fields were platform under contractual arrangements.

Changes to this privacy policy

We review and may update this policy periodically to reflect operational or legal changes. When material changes occur, SeniorLabCover will publish a notice on SeniorLabCover.pro and update the effective date. Case summaries describing policy changes and their practical impact on users are kept in the policy log.