MediSwap LogoBack to Home

MediSwap Privacy Policy

Effective Date: February 23, 2026

1. Introduction

Important Note (Independent Operator / No Legal Entity): MediSwap is operated as an independent online platform based in the Republic of Korea and is not currently operated by a separately incorporated legal entity. References to "MediSwap", "we", "us", or "our" in this Privacy Policy refer to the operator(s) of the MediSwap platform.

MediSwap ("we", "us", "our", or "MediSwap") is committed to protecting the privacy and personal data of users who access or use our website and services (the "Service").

This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you use MediSwap. By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller & Contact

Data Controller: MediSwap (independent platform based in the Republic of Korea)

Contact Email: mediswap.org@gmail.com

If you have questions, requests, or concerns regarding privacy or this Privacy Policy, please contact us at the email above. We will respond within a reasonable timeframe and, where required by law, within statutory deadlines.

3. Scope

This Privacy Policy applies to personal data collected through:

  • The MediSwap website and any subpages or features
  • User accounts and profiles
  • Community posts, comments, messages, and inquiries
  • Marketplace listings and communications between users
  • Contact forms and support communications
  • Analytics and cookies used on the website

This policy does not cover third-party websites, services, or applications that may be linked from MediSwap.

4. Personal Data We Collect

We collect personal data in three main ways: (A) data you provide, (B) data collected automatically, and (C) data from third parties (limited).

4.1 Data You Provide

Account & Authentication Data

  • Email address
  • Display name / username
  • Password (stored in hashed form if we directly handle authentication; or handled by our authentication provider if used)

Profile Data (Optional / User-Entered)

  • Professional title
  • Company name
  • Country / region
  • Bio, interests, and similar profile details
  • Profile image (if enabled)

User Content and Community Activity

  • Marketplace listings (e.g., title, description, category, country, and other fields you submit)
  • Discussion posts, comments, replies
  • B2B inquiries you send or receive
  • Any content you voluntarily submit to the Service

Communications

  • Messages sent to us via email or contact forms
  • Support requests, issue reports, feedback, and any attachments you choose to send

4.2 Data Collected Automatically

When you access or use MediSwap, we may automatically collect:

Device & Technical Data

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers (where available)
  • Language settings
  • Time zone and approximate location derived from IP (country/city level)

Usage Data

  • Pages visited and navigation paths
  • Time spent on pages
  • Links clicked and interactions (e.g., button clicks)
  • Referring URL and exit pages
  • Error logs, crash reports, and performance data

Cookies & Similar Technologies

  • Essential cookies (authentication, security)
  • Analytics cookies (usage measurement)
  • Preference cookies (language, settings)

You can learn more in Section 10 (Cookies).

4.3 Data From Third Parties (Limited)

We may receive limited data from service providers that support our Service (e.g., hosting, analytics, authentication). This may include technical logs or fraud-prevention signals. We do not purchase personal data from data brokers.

5. Legal Bases for Processing (GDPR/EEA Users)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data based on one or more of the following legal bases, as applicable:

  • Performance of a Contract: To provide the Service (e.g., account creation, login, community participation, posting listings, enabling inquiries).
  • Legitimate Interests: To maintain and improve the Service, protect security, prevent fraud/abuse, and understand how users interact with MediSwap. We balance these interests against your rights.
  • Compliance with Legal Obligations: To comply with applicable laws, lawful requests, and enforce our Terms of Service.
  • Consent: Where required (e.g., certain cookies, or where local law requires consent). You may withdraw consent at any time (Section 11).

6. How We Use Personal Data

We use personal data for the following purposes:

Service Delivery & Account Management

  • Create and manage your account
  • Authenticate users and enable logins
  • Provide platform features (posting, listings, inquiries, messaging)

Community & Marketplace Functionality

  • Display posts, comments, and marketplace listings
  • Facilitate B2B inquiries between users
  • Maintain content integrity and prevent spam/abuse

Operational & Security Purposes

  • Detect, prevent, and investigate fraud, abuse, and security incidents
  • Monitor and maintain platform stability, troubleshooting, and bug fixing
  • Enforce Terms of Service and community rules

Communication

  • Send service-related notifications (security alerts, policy updates, critical notices)
  • Respond to your messages, support requests, and inquiries

Analytics & Improvement

  • Analyze usage trends to improve UX and performance
  • Measure feature adoption and overall website effectiveness
  • Develop and refine platform features

Legal & Compliance

  • Comply with legal obligations
  • Respond to lawful requests (e.g., subpoenas where valid)
  • Protect rights, safety, and property of MediSwap, users, and the public

7. Data Sharing & Disclosure

We do not sell, rent, or trade your personal data.

We may share personal data only in the following circumstances:

7.1 With Your Direction or Consent

For example, when you choose to publish a listing/post or send an inquiry, your information is shared according to the settings and content you submit.

7.2 Public and User-Visible Areas

  • Posts, comments, and marketplace listings may be visible to other users or the public (depending on platform settings).
  • Your display name, country, company name, and profile info (if provided) may appear alongside your content.
  • You are responsible for what you choose to publish. Do not share sensitive information (e.g., IDs, personal phone numbers, patient data, confidential documents).

7.3 Service Providers (Processors)

We may use trusted third-party providers to operate and improve the Service, such as:

  • Hosting and infrastructure providers
  • Database and authentication providers
  • Analytics tools
  • Email/communication tools
  • Security monitoring tools

These providers may process personal data on our behalf under contractual obligations to protect confidentiality and security. Specific provider names may change over time as we improve the Service.

7.4 Legal Requirements

We may disclose personal data if we reasonably believe it is necessary to:

  • Comply with applicable laws or lawful government requests
  • Respond to legal process (e.g., court order)
  • Investigate or address suspected illegal activities, fraud, or security issues
  • Protect the rights, safety, and property of MediSwap, users, or the public

7.5 Business Transfers

If MediSwap is involved in a merger, acquisition, restructuring, or sale of assets, personal data may be transferred as part of that transaction. We will provide notice if your personal data becomes subject to a materially different privacy policy.

8. International Data Transfers

MediSwap is operated from the Republic of Korea. Your personal data may be processed in countries other than your country of residence, including countries where our service providers maintain infrastructure.

Our service providers include: (1) Google Cloud Platform - infrastructure and services used for hosting and analytics; (2) Supabase - a PostgreSQL-based database service with infrastructure in Singapore. These providers may process your personal data to support the Service.

Where required by applicable law (including GDPR), we rely on appropriate safeguards for international transfers, such as standard contractual clauses or equivalent mechanisms, and/or other legally recognized safeguards.

By using the Service, you understand that your data may be transferred internationally as described in this policy.

9. Data Retention

Account Data

We keep your account data while your account is active.

User Content

Posts, comments, and listings may remain visible unless you delete them (if the feature is available) or request deletion, subject to legal and operational constraints.

Deletion Requests

If you request account deletion, we will take reasonable steps to delete or anonymize your personal data within 30 days, unless retention is required by law, or retention is necessary for legitimate purposes such as fraud prevention, security, dispute resolution, or enforcement of our Terms.

Backups

Residual copies may remain in backups for a limited period until overwritten through normal backup cycles.

Aggregated/Anonymized Data

We may retain anonymized and aggregated information indefinitely for analytics and product improvement.

10. Cookies & Similar Technologies

MediSwap uses cookies and similar technologies to operate and improve the Service.

Types of Cookies

Essential Cookies

  • Required for core functions such as authentication, security, and basic site operations. Disabling these may cause the Service to not function.

Analytics Cookies

  • Used to understand how users use the website and to improve performance and usability.

Preference Cookies

  • Used to remember settings such as language and interface preferences.

Cookie Consent (Where Required): Where required by law (including in certain jurisdictions such as the EU/EEA), we will request your consent before placing non-essential cookies. You can control cookies through your browser settings. You may delete cookies or block them, but some features may not function properly.

11. Your Rights & Choices

Depending on your jurisdiction, you may have rights regarding your personal data. These may include:

  • Right of Access: request a copy of your personal data
  • Right to Rectification: correct inaccurate or incomplete data
  • Right to Erasure: request deletion (subject to legal exceptions)
  • Right to Restriction: limit processing in certain cases
  • Right to Data Portability: receive your data in a structured, machine-readable format (where applicable)
  • Right to Object: object to processing based on legitimate interests
  • Right to Withdraw Consent: where processing is based on consent

How to Exercise Your Rights: Email us at mediswap.org@gmail.com with your account email, the request type, and sufficient information for verification. We aim to respond within 30 days, or within any shorter timeframe required by applicable law. To protect user privacy and security, we may request additional information to verify your identity before fulfilling certain requests.

12. Security

We implement reasonable technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures may include:

  • Encryption in transit (TLS/SSL)
  • Secure authentication and password hashing (where applicable)
  • Access controls limiting data access to authorized personnel only
  • Monitoring and security reviews
  • Logging and incident response procedures

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. If a data security incident may affect user rights, we will take reasonable steps to notify affected users and relevant authorities where required by applicable law.

13. User Responsibilities (Important for B2B / Professional Platform)

MediSwap is a professional community and marketplace-style platform. Users are responsible for:

  • Ensuring content they post does not violate laws or third-party rights
  • Avoiding posting sensitive personal data (e.g., government IDs, personal phone numbers, patient data)
  • Avoiding posting confidential/proprietary information without authorization
  • Exercising caution when communicating with other users and sharing business contact details

We do not verify user identity, professional credentials, or claims unless explicitly stated in the Service.

14. Blockchain & Web3 Notice (Crypto Donations / Wallets)

MediSwap may provide blockchain-related features such as publishing crypto wallet addresses for donations or support.

Public and Permanent Records

Blockchain transactions may be recorded on public networks and can be permanently visible. Such records generally cannot be altered or deleted by MediSwap.

No Financial Services

MediSwap does not provide financial, investment, brokerage, custody, or exchange services. Any crypto donations or transfers are voluntary.

Compliance

Users are responsible for compliance with applicable laws and regulations (including sanctions and tax obligations) when sending or receiving crypto assets.

15. Sanctions, Export Controls, and Restricted Use

You must not use the Service if you are located in, under the control of, or a national/resident of any jurisdiction subject to comprehensive sanctions, or if your use would violate applicable sanctions or export control laws.

We may restrict, suspend, or terminate access where we reasonably believe continued access may violate applicable law or create undue risk.

16. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. Please review their privacy policies before providing personal data.

17. Children's Privacy

MediSwap is intended for users aged 18 and over. We do not knowingly collect personal data from individuals under 18. If we become aware that we have collected personal data from a minor, we will take steps to delete such data.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

Continued use of the Service after changes are posted constitutes acceptance of the revised policy.

For material changes, we may provide more prominent notice on the platform or via email where feasible.

19. Contact

If you have questions, requests, or concerns about this Privacy Policy or our privacy practices, please contact:

Email:mediswap.org@gmail.com
X (Twitter):@MediSwap78679