Terms of Service

1. Who may use the System

Clinic staff:accounts are provisioned by an administrator of Klinik Dr Gian. There is no public signup. Staff are bound by the clinic's employment agreement and clinical governance policy in addition to these terms.

Patients and primary contacts: you interact with the System only via the care reports we send you (typically via WhatsApp) and the public verify pages. You do not need an account.

Verifiers:auditors, regulators, insurers, and family members who have received a verify link from a care report may use the verify page to confirm the document's authenticity without creating an account.

2. Acceptable use

You agree not to:

• Attempt to access data you are not authorised to see (the System enforces this with row-level security; we treat any circumvention attempt as a material breach).
• Probe, scan, or test the System's vulnerabilities without our prior written consent. We welcome responsible-disclosure reports at dpo@klinikdrgian.com.my.
• Share your staff credentials with anyone.
• Use the System for any purpose other than the clinical care of a patient of Klinik Dr Gian.
• Reverse-engineer, decompile, or extract the System's source code, schema, or proprietary clinical logic except as permitted by Malaysian law.

3. Clinical disclaimer

The System is a workflow and record-keeping tool that supports clinical staff in delivering care. It is not itself a medical deviceand does not make clinical decisions. Care decisions are made by qualified clinical staff using their professional judgement, with the System's outputs as one input among others.

The System's scoring engines (Mini-CGA, fall risk, environmental fit) implement standard clinical scoring algorithms drawn from published medical literature. They may contain errors. Staff are responsible for verifying outputs against the patient's actual presentation.

4. Availability

We aim to keep the System available 24/7 but make no specific uptime guarantee. The System depends on third-party services (Supabase, Vercel, Meta WhatsApp, Telegram, Dropbox Sign, Google Maps) and is subject to their availability.

Scheduled maintenance is announced in advance where possible. Status is published at /status.

5. Intellectual property

The System (source code, schema, documentation, design) is owned by Klinik Dr Gian Sdn Bhd. Patient data within the System belongs to the patient; clinical content (assessments, notes, photographs) is co-owned between the patient (as the data subject) and the clinic (as the medical-record keeper) under Malaysian medical-records law.

6. Liability

To the maximum extent permitted by Malaysian law, our aggregate liability arising out of or related to your use of the System is limited to the fees paid by the affected party (if any) in the 12 months preceding the claim. We are not liable for indirect, consequential, or punitive damages.

Nothing in these terms limits our liability for: fraud, death or personal injury caused by our negligence, or any liability that cannot be limited under Malaysian law (including the Consumer Protection Act 1999 where applicable).

[LAWYER REVIEW REQUIRED] Confirm enforceability of the 12-month / fees-paid cap against a Malaysian counterparty. The Consumer Protection Act 1999 may render parts of this section unenforceable for end-users; the Contracts Act 1950 recognises liability limits in B2B contracts but the wording must be unambiguous.

7. Termination

For clinic staff: your access ends when your employment with Klinik Dr Gian ends. For patients: your data is retained under the schedule in the PDPA notice after your case is closed.

8. Governing law

These terms are governed by the laws of Malaysia. Disputes are subject to the exclusive jurisdiction of the Malaysian courts.

9. Changes

We may update these terms. Material changes are communicated to active staff users by email and posted here with an updated “Last reviewed” date. Continued use after a material change means acceptance.

10. Contact

Klinik Dr Gian Sdn Bhd
General: hello@klinikdrgian.com.my
Privacy / data: dpo@klinikdrgian.com.my