Privacy Policy

At AVÈYA, we value your trust and are committed to protecting the privacy and confidentiality of your personal and medical information. This Privacy Policy explains how we handle your information in compliance with applicable laws in Thailand and in alignment with the standards of the U.S. Health Insurance Portability and Accountability Act (HIPAA) for international patients.

By using our website aveyahealth.com or engaging in our medical services, you consent to the practices outlined below.

Information We Collect

1. Personal Information

Name, address, phone number, email, passport/ID details (when required for medical or legal purposes).

2. Protected Health Information (PHI)

Medical history, diagnostic results, treatment records, lab reports, and other data provided for consultations and care.
This information is considered confidential PHI under HIPAA.

3. Technical Information

Device type, IP address, browser data, cookies — used only to improve website functionality and security.

How We Use Your Information

We use your information only for legitimate medical and operational purposes, including:

Delivering personalized medical treatment and consultations.
Sharing essential medical information with authorized physicians, laboratories, or treatment partners involved in your care.
Communicating with you about treatment progress, appointments, or follow-ups.
Meeting legal and regulatory obligations in Thailand and internationally.

We will never sell or use your medical information for marketing without your explicit authorization.

HIPAA Compliance: Your Rights Under U.S. Standards

As an international medical provider, AVÈYA aligns with HIPAA principles to protect your health information. You have the right to:

Access: Request a copy of your medical records in our possession.
Amend: Request corrections to your records if you believe they are incomplete or inaccurate.
Restrict Use: Request limits on how we use or disclose your PHI.
Confidential Communications: Request that we communicate with you in a specific way (e.g., phone only, no email).
Accounting of Disclosures: Request a report of when and why your PHI has been shared.
Withdraw Consent: Revoke prior authorizations for disclosure of your PHI, subject to legal or medical obligations.

To exercise these rights, please contact us in writing.

How We Protect Your Information

We maintain strict safeguards to protect your personal and medical data:

Encryption of electronic records and communications.
Secure servers and controlled access for staff.
Confidentiality agreements with all staff, doctors, and partners.
Routine audits and compliance checks to align with HIPAA standards.

Sharing of Information

We may share your information only under these circumstances:

For treatment purposes: With licensed physicians, laboratories, or partner clinics assisting in your care.
With your authorization: Any other disclosures require your written consent.
For legal obligations: If required by Thai law or a valid court order.
For safety and compliance: To prevent threats to health, safety, or unlawful activity.

Cookies and Analytics

Our website uses cookies to improve user experience. You may disable cookies in your browser, but some functions may not work properly. No PHI is collected through cookies.

International Data Transfer

Your information may be transferred and stored securely across multiple jurisdictions (e.g., Thailand, Singapore, EU, USA) where our partner laboratories and physicians operate. All transfers are protected under confidentiality and HIPAA-aligned safeguards.

Children’s Privacy

Our services are intended for adults. We do not knowingly collect personal or medical data from individuals under the age of 18 without parental consent.

Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a revised effective date. Continued use of our Service constitutes acceptance of the updated Privacy Policy.