1. Introduction

AMCC is committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access our telehealth services.

2. Scope

This Policy applies to all “protected health information” (PHI) and “personal data” collected through our website, mobile apps, telehealth platform, telephone, email, or other interactions in the course of providing medical consultation services.

3. Definitions

  • Personal Data: Identifiable information such as name, address, date of birth, email, phone number.

  • Protected Health Information (PHI): Any information relating to your past, present, or future physical or mental health condition, the provision of health care, or payment for health care, that can be linked to you.

  • Controller/Business Associate: AMCC acts as the data controller under Syrian law and a HIPAA “covered entity” or “business associate” for U.S. doctors.

4. Information We Collect

  1. Registration & Identification Data:

    • Name, date of birth, gender

    • Contact details (address, email, phone)

    • Government-issued ID for identity verification

  2. Medical & Health Data:

    • Medical history, diagnoses, treatment plans

    • Current medications, allergies

    • Telehealth consultation notes, prescriptions

  3. Technical & Usage Data:

    • IP address, device identifiers, browser type

    • Log-in timestamps, pages viewed, clickstream data

  4. Payment & Billing Data:

    • Insurance information, billing address

    • Credit/debit card or payment account details

  5. Communications Data:

    • Emails, chat transcripts, telephone call recordings (with consent)

5. How We Use Your Information

We process your data to:

  • Provide, manage, and improve telehealth services and customer support

  • Authenticate your identity and secure your account

  • Communicate appointment reminders, follow-up instructions

  • Conduct medical assessments and generate treatment plans

  • Process payments and insurance claims

  • Comply with legal, regulatory, and professional obligations (including HIPAA)

6. Legal Bases for Processing

  • Consent: You authorize us to collect and use your PHI for treatment, payment, and health-care operations.

  • Contractual Necessity: To perform the telehealth services you request.

  • Legal Compliance: To satisfy applicable Syrian laws and U.S. HIPAA rules governing healthcare providers.

7. Disclosure of Your Information

We may share your information with:

  • U.S.-Licensed Physicians: For treatment and consultation purposes under HIPAA safeguards.

  • Service Providers & Partners: E.g., telehealth platform hosts, payment processors—all bound by confidentiality.

  • Regulators & Legal Authorities: When required by Syrian law, U.S. federal law, or court order.

  • Emergency Situations: To prevent harm or respond to medical emergencies.

We do not sell or rent your personal or health information to third parties.

8. Data Security

We maintain administrative, technical, and physical safeguards designed to protect your information against unauthorized access, disclosure, alteration, or destruction, including:

  • Encrypted storage (at rest) and TLS/SSL in transit

  • Access controls and audit logging

  • Regular security assessments and employee training

9. Data Retention

We retain your personal and health information for as long as necessary to fulfill the purposes outlined above, to comply with legal and professional obligations (minimum of 7 years from last date of service), and to resolve disputes.

10. International Transfers

Your data may be processed or stored in the United States by our U.S.-licensed physicians and service providers. We implement appropriate safeguards to ensure your information remains protected under HIPAA and similar standards.

11. Your Rights & Choices

Subject to applicable law, you have the right to:

  • Access: Request a copy of your personal or medical information.

  • Correction: Ask us to amend inaccurate or incomplete data.

  • Restriction: Request limits on how we use or share your PHI.

  • Objection: Object to processing based on legitimate interests.

  • Portability: Receive a digital copy of your data in a common format.

  • Deletion: Request erasure of data where there is no legal requirement to retain it.

  • Withdraw Consent: At any time, without affecting past processing.

To exercise these rights, please contact us as provided below.

12. Children’s Privacy

Our services are intended for adults. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected data about a minor, please contact us to request deletion.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will post the revised policy with a new “Effective Date” and notify you by email or via our platform.

14. Contact Information

If you have questions, concerns, or wish to exercise your rights, please reach out to:

American Medical Consultation Center (AMCC)
Address: Damascus, Syria
Email: privacy@amcc-med.org
Phone: +963-11-XXXXXXX

احجز موعدك