Privacy Policy

Introduction

Welcome to SafeTalk. This Privacy Policy outlines how we collect, use, store, and disclose information, and your rights regarding personal information when using our platform and services (the "Service"). By using the Service, you consent to the practices described herein.

Definitions

"Personal Data" means any information relating to an identified or identifiable individual.

"Client Data" means all data, content, records, files, text, images, or information submitted or generated through the Service by or on behalf of the User.

"PHI" (Protected Health Information) refers to individually identifiable health information under HIPAA, applicable only when a separate Business Associate Agreement (BAA) is executed.

Information We Collect

We collect information in the following ways:

  • Information you provide: Account registration, profile details, professional credentials, and communication with our support team.
  • Information collected automatically: Device information, IP address, browser type, analytics, and usage data.
  • Client Data: Data entered into the platform by you or your clients. Ownership remains with you.

How We Use Information

We use information to provide, maintain, and improve the Service, including:

  • Operating and personalizing the platform
  • Communicating updates, promotions, and support
  • Analyzing trends, usage, and performance
  • Ensuring security, fraud prevention, and compliance

Information Sharing

We do not sell Personal Data. We may share information:

  • With subprocessors necessary for providing the Service (e.g., cloud providers)
  • To comply with legal obligations or protect rights
  • When explicitly required by a BAA for HIPAA compliance

Data Retention

We retain Personal Data only as long as necessary for the purposes outlined and in accordance with applicable law. After account termination, data will be available for export for 90 days unless otherwise legally required.

Cookies and Tracking

We use cookies and similar technologies to analyze usage, improve performance, and provide a better experience. Users may manage cookies via browser settings, and we encourage reviewing consent notices for tracking categories.

Security

SafeTalk implements reasonable administrative, technical, and physical safeguards to protect data. For HIPAA-covered entities, safeguards include encryption, access controls, and audit logs when a BAA is executed. Absolute security cannot be guaranteed.

Your Rights

You have rights to access, correct, or delete Personal Data we hold about you, subject to applicable law. For US-based HIPAA users, rights are aligned with HIPAA rules if a BAA is executed. Users can also manage marketing preferences and opt out of communications.

International Compliance

SafeTalk is based in Malaysia and processes data under the Malaysian PDPA. For users in other jurisdictions, we strive to comply with GDPR and other applicable laws. HIPAA applies only with a BAA for US users.

Data Breach

We will notify affected users in accordance with applicable law in the event of a confirmed data breach. For GDPR, notification will be made within 72 hours, and for HIPAA-covered entities, within 60 days if required.

Children’s Privacy

We do not knowingly collect Personal Data from children under 13. If we become aware that we have collected such data, we will delete it promptly. Parents/guardians may contact us to request deletion.

Changes to this Privacy Policy

We may update this Privacy Policy periodically. Material changes will be communicated via the Service or email. Continued use of the Service constitutes acceptance of updated policies.

Contact

For questions or concerns regarding this Privacy Policy, please contact: hello@safetalk.space

Last updated: January 2026