Effective Date: 19 July 2025 

1. Introduction

MICO Healthcare Group (“MICO”, “we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit www.micohealthcare.com (“Site”), visit our pharmacies or clinics, or otherwise interact with us. 

2. Personal Data We Collect

• Identification data (full name, NRIC/passport number, date of birth, gender) 

• Contact details (postal address, email address, telephone number) 

• Health‑related information you provide in connection with consultations or purchases 

• Transaction information (orders, prescriptions, invoices, payment details) 

• Technical and usage information (IP address, browser type, device identifiers, pages visited, cookies) 

• Marketing preferences and feedback 

3. How We Collect Your Data

We collect personal data directly from you when you: 

• purchase products or services in‑store or online 

• create an account or fill in forms on our Site 

• subscribe to our newsletters or marketing communications 

• correspond with us via email, phone, social media or live chat 

• participate in promotions, events, surveys, or health screenings 

We also automatically collect certain technical information through cookies and similar tracking technologies. See our separate Cookie Policy for details. 

4. Purposes for Processing

We process your personal data to: 

• provide and deliver our pharmacy, clinic and wholesale services 

• verify your identity and manage your account or prescription 

• process and fulfil orders, payments and deliveries 

• communicate with you about your orders, enquiries or appointments 

• personalise content, offers and recommendations 

• conduct analytics, improve our Site and services 

• send you marketing materials that you have consented to receive 

• comply with legal and regulatory obligations (e.g. Poisons Act, PDPA 2010) 

• protect our rights, property, or safety and the rights of our patients and customers 

5. Legal Basis / Consent

Under Malaysia’s Personal Data Protection Act 2010 (“PDPA”), we process your personal data with your consent, when it is necessary for the performance of a contract with you, to comply with our legal obligations, or when it is in our legitimate interests and not overridden by your data‑protection rights. 

6. Disclosure of Your Data

We may share your personal data with: 

• trusted service providers (IT hosting, payment processors, couriers, marketing agencies) bound by strict confidentiality 

• healthcare professionals involved in your treatment 

• our affiliated companies within the MICO Group 

• regulators, law‑enforcement bodies or courts where required by law 

• a purchaser or successor entity in the event of a merger, acquisition or asset sale 

We do not sell or rent your personal data to third parties for their own marketing. 

7. International Transfers

Some of our service providers are located outside Malaysia. Where we transfer data abroad, we ensure that adequate safeguards are in place to protect your information in accordance with PDPA requirements. 

8. Data Security

We employ appropriate administrative, technical and physical safeguards to protect personal data against accidental, unlawful or unauthorised destruction, loss, alteration, access or disclosure. 

9. Data Retention

We retain personal data only as long as necessary for the purposes stated above and in accordance with legal, tax and regulatory requirements. 

10. Your Rights

Subject to exceptions under PDPA, you have the right to: 

• access and obtain a copy of your personal data we hold 

• request correction or updating of inaccurate or incomplete data 

• withdraw consent to processing (where consent is the legal basis) 

• request deletion of data or restriction of processing 

• object to processing for direct marketing 

To exercise these rights, please contact us using the details below. 

11. Third‑Party Sites

Our Site may contain links to third‑party websites. We are not responsible for the privacy practices or content of those sites. 

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Effective Date”. 

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact: 

Data Protection Officer   

MICO Healthcare Group   

1537, Jalan Sultan Badlishah, 05000 Alor Setar, Kedah, Malaysia   

Phone: +60 4‑731 2124   

Email: privacy@micohealthcare.com / digital.micohealthcare@gmail.com 

By using our Site or services, you acknowledge that you have read and understood this Privacy Policy.