Privacy Policy

A. Who We Are

1. Amped Lab Pte Ltd (“Trimly by Astro Health”, “we”, “us”, or “our”) is incorporated in Singapore (UEN: 202343217Z) with registered address at 60 Paya Lebar Road #07-54, Singapore 409051.
2. We operate a telehealth platform providing online healthcare services through our website trimly.sg and any mobile or web applications we publish (together, the “Platform”).

B. Purpose of this Policy

3. This Privacy Policy explains how we collect, use, disclose and otherwise process personal data under the Personal Data Protection Act 2012 (PDPA) of Singapore. “Personal Data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access.
4. By using the Platform or providing Personal Data to us, you acknowledge and agree to the practices described here.
5. We may update this Policy from time to time by posting the revised version on the Platform. Your continued use of the Platform constitutes acceptance of the updated Policy.

C. Eligibility / Children

6. The Platform is intended for individuals 18 years and above. We do not knowingly collect Personal Data from individuals under 18. If we learn that we have collected Personal Data from an individual under 18, we will delete it promptly.

D. What We Collect

7. Depending on how you interact with us (e.g., create an account, book teleconsults, receive prescriptions/delivery, make payments), we may collect:
   • Identification & contact: name, NRIC/FIN/passport (where lawful and necessary), date of birth/age, address, email, phone.
   • Health & clinical: medical history/conditions, medications, allergies, lab orders/results, clinical notes, photographs/videos for diagnosis/record-keeping, physiological measures (e.g., height/weight), lifestyle inputs you choose to provide, device/app data you choose to link.
   • Account & transactions: account credentials and settings, appointments, orders, invoices/receipts.
   • Payments: payment tokens/identifiers processed by Plato; we do not store full card/bank details.
   • Technical/usage: IP address, device identifiers, browser/app version, OS, cookie IDs, pages/functions used, timestamps, referring/exit URLs, log files.
   • Location (optional): approximate/precise location when you enable location services.
   • Communications: messages, support enquiries, survey responses, feedback/reviews.
8. We may receive Personal Data from third parties (e.g., laboratories, pharmacies, delivery providers, your authorised representatives) or integrations you enable, and may combine such data with data we hold for the purposes below.
9. If you provide Personal Data of a third party (e.g., emergency contact), you confirm you are authorised to do so.

E. Cookies & Similar Technologies

10. We use cookies and similar technologies to operate, protect and improve the Platform (e.g., login/session, preferences, analytics). You can block or delete cookies via your browser; some features may not work properly if you do.
11. We use analytics/ads tools including Google Analytics, Meta and TikTok technologies to understand use of the Platform and (with your consent) to measure/optimise marketing. See Section M. Marketing, Analytics & Ads for controls.
12. For general information on cookies, visit www.allaboutcookies.org.

F. Geo-location

13. If you enable location services, we may process location data (e.g., GPS/Wi-Fi/cell-tower) to show relevant providers or delivery options. You can disable location permissions in your device/app settings at any time.

G. How We Use Personal Data (Purposes)

14. We collect, use, disclose and/or process Personal Data for one or more of the following Purposes:

1. Care & services: onboarding your account; scheduling and providing telemedicine services; triage, diagnosis, treatment, referrals; issuing e-prescriptions; laboratory orders/results; pharmacy fulfilment and delivery; clinical documentation and follow-up.
2. Transactions & accounts: facilitating purchases/subscriptions and renewals; payments, billing and refunds; maintaining your account and preferences.
3. Platform operation & improvement: operating the Platform; customer support; service quality monitoring and staff training; troubleshooting; analytics; product development and feature testing.
4. Safety, security, fraud: identity verification where necessary; information security; fraud/risk detection and prevention; misuse monitoring; incident response.
5. Legal & compliance: complying with laws/regulations and professional/ethical guidelines, lawful requests by public agencies or regulators, audits and reporting obligations.
6. Communications: sending administrative/service messages (e.g., appointment reminders, results notifications, medication reminders) and—only with your consent—marketing communications.
7. Research & statistics: quality improvement, service analytics and (where applicable) research/outcomes evaluation; where feasible, we anonymise or aggregate data.
8. Business operations: backup/disaster recovery; hosting/storage (including third-party data centres/cloud providers); corporate governance; potential business asset transactions as defined in the PDPA.
9. Other purposes: for which we notify you and obtain consent where required, or where permitted by law without consent.

H. Disclosure of Personal Data

15. We may disclose Personal Data to (within Singapore only) for the Purposes below:

• Healthcare partners: licensed doctors/clinics, laboratories, pharmacies and delivery providers involved in your care.
• Vendors & processors: IT hosting/cloud providers, cybersecurity tools, analytics providers, payment processors (including Plato), SMS/email providers, customer support tools, document storage and couriers acting on our instructions.
• Professional advisers & auditors: legal, compliance, accounting and audit firms.
• Government/regulators/law enforcement: where required by law or lawful order, or to comply with applicable guidelines.
• No sale of Personal Data: We do not sell your Personal Data.

I. Consent, Legitimate Interests & Withdrawal

16. We generally collect, use and disclose Personal Data with your consent, or where permitted or required by the PDPA or other applicable laws.
17. Legitimate interests exception (PDPA): we may rely on this for limited purposes such as detecting/preventing fraud, illegal activity or misuse of services, where our legitimate interests outweigh any likely adverse effect on you.
18. Withdrawal of consent: You may withdraw consent for specific purposes by contacting our Data Protection Officer (“DPO”) at support@trimly.sg. We will process your request within a reasonable time. Withdrawal may affect our ability to provide services (e.g., terminate access or fulfilment) and may carry legal or contractual consequences.

J. Access & Correction

19. You may request access to or correction of your Personal Data in our possession or control, subject to legal exceptions. Please contact support@trimly.sg with enough information to verify your identity and locate the data.
20. We aim to respond to access requests within 30 days (or notify you of the earliest practicable time). A reasonable fee may apply for access requests. We do not charge for corrections.

K. Accuracy

21. We take reasonable steps to ensure that Personal Data we use or disclose is accurate and complete, particularly when used to make decisions that affect you. Please keep your information up to date.

L. Security

22. We implement reasonable technical and organisational measures to protect Personal Data against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. Measures may include encryption in transit and at rest where appropriate, access controls and logging, network and application security, staff training, and vendor due diligence.

M. Marketing, Analytics & Ads

23. Marketing: We send marketing communications (email, SMS, calls) only with your consent, in compliance with PDPA’s Do-Not-Call (DNC) provisions. You may opt-out at any time via in-message links or by contacting support@trimly.sg.
24. Analytics/ads partners: We use Google, Meta, and TikTok technologies to help measure Platform usage and (with your consent) to run or optimise advertising. These partners may set their own cookies or SDKs and receive limited information from your device/browser.
25. Your controls:

• Opt-out of marketing as described above.
• For platform-specific ad controls, see Google/Meta/TikTok account ad settings.

26. We will not use health diagnosis or treatment content for targeted ads.

N. Retention

27. We retain Personal Data for as long as necessary for the purposes for which it was collected, or as required/permitted by law (including healthcare record retention requirements). We then delete or anonymise the data.

O. Research, Anonymisation & De-identification

29. Where feasible, we anonymise or aggregate data for analytics, service improvement and reporting. Anonymised data is no longer Personal Data and the PDPA does not apply to such data.

P. Business Asset Transactions

30. In the event of a merger, acquisition, financing, sale of assets or similar transaction involving us, Personal Data may be transferred to a party to the transaction to the extent permitted by the PDPA and subject to appropriate safeguards.

Q. Your Rights (Summary)

31. Subject to PDPA exceptions and conditions, you have rights to:

• Access your Personal Data;
• Correct inaccuracies;
• Withdraw consent for future processing (where processing is based on consent); and
• Opt-out of marketing messages.
  Contact: [DPO email].

R. Contact – Data Protection Officer

32. If you have questions, requests, or complaints regarding this Policy or your Personal Data, please contact our DPO:

• Email: support@trimly.sg
• Subject line (for faster routing): “PDPA Request/Question – [Your Full Name]”
• Mailing address: 60 Paya Lebar Road #07-54, Singapore 409051

‍