2 TYPES OF PERSONAL INFORMATION WE COLLECT
The personal information we collect may include the following:
(b) mailing or street address;
(c) email address;
(d) social media information;
(e) telephone number and other contact details;
(g) date of birth;
(h) credit card or other payment information;
(i) sensitive information (such as health information) as set out below;
(j) information about your business or personal circumstances;
(k) information in connection with client surveys, questionnaires and promotions;
(l) your device identity and type, I.P. address, geo-location information, page view statistics, advertising data and standard web log information;
(m) information about third parties; and
(n) any other information provided by you to us via our website, our platforms or our online presence, or otherwise required by us or provided by you.
3 HOW PERSONAL INFORMATION IS COLLECTED
We will collect your personal information in a lawful and fair way. We will only collect your personal information where you have consented to it, or otherwise in accordance with the law.
How we collect information from you
We may collect personal information where you:
(a) access and or use our website or our platforms, for example if you use the platform to book a session or you use our platform in a session with our personnel;
(b) contact us through our website;
(c) receive goods or services from us;
(d) submit any of our online inquiry forms;
(e) communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Facebook or Twitter) or otherwise;
(f) interact with our website, social applications, services, content and advertising; and
(g) invest in our business or enquire as to a potential purchase in our business.
With your consent provided via our Service Agreement with you, we record all calls and video Telehealth sessions. We use such recordings primarily for our internal training, data collection and to enable you to refer and revert back to such recordings as made available to you via the platform. The recordings are stored securely on Google Cloud infrastructure and made available to you securely only via the platform and our internal portal. You have the right to request that we delete/archive your recordings with written notice.
How we collect information from third parties
Where possible, we collect your personal information directly from you. However, there may be occasions when we collect personal information (including sensitive information) about you from someone else. For example, if you are a user of our platform, other linked accounts, your NDIS nominee, support coordinator, plan manager or representatives may provide information about you.
How you provide information for someone else
How we collect information from cookies
We may also collect personal information from you when you use or access our website or our social media pages. This may be done through use of web analytics tools, ‘cookies’ or other similar tracking technologies that allow us to track and analyse your website usage. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites. If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.
We may also use third party vendor tracking cookies, including:
• Google Analytics and AdWords tracking cookie; and
• Facebook pixels; and
• Email tracking pixels.
4 USE OF YOUR PERSONAL INFORMATION
We collect and use personal information for the following primary purposes:
(a) to provide our platforms to you;
(b) to provide goods, services or information to you;
(c) to confirm your identify and manage our relationship with you;
(d) for record keeping and administrative purposes;
(e) to provide information about you to our contractors, employees, consultants, agents or other third parties for the purpose of providing goods or services to you;
(f) to improve and optimise our service offering and customer experience;
(g) to comply with our legal obligations, resolve disputes or enforce our agreements with third parties;
(h) to send you administrative messages, reminders, notices, updates, security alerts, and other information requested by you; and
(i) to consider an application of employment from you.
We may also use your personal information for:
(j) secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use;
(k) such purposes where we reasonably believe that use of your personal information is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent;
(l) any other purpose for which we receive consent from you; or
(m) any other purpose which is permitted or required under applicable privacy laws.
5 HOW WE DISCLOSE YOUR PERSONAL INFORMATION
We respect your privacy, and we will take reasonable steps to keep your personal information confidential and protected. We may disclose your personal information to:
(a) other health care providers we refer you to or from who we receive a referral for you, including based on request by you, this includes for example NDIS support coordinators, local area coordinators, plan managers, support workers or other allied health practitioners;
(b) our professional advisors such as lawyers, accountants and auditors;
(c) our related entities;
(d) any third parties where permitted under the Privacy Act or where required or authorised by law (including to comply with our reporting obligations as an NDIS Provider);
(e) any third parties you have consented personal information to be disclosed to.
As an NDIS Provider we are required to have an Emergency and Disaster Management Plan. This plan includes Personal Information to be shared with federal, state and local government agencies and their contractors.
We may also disclose personal information to third party service providers and contractors as required for us to provide our goods and services to you, such as cloud-service providers, IT service providers such as analytical providers, content management providers, marketing agencies and debt collection agencies.
We take care to work with such third parties who we believe maintain an acceptable standard of data security and require them not to use your personal information for any purpose except for those activities we have asked them to perform on our behalf.
We will not otherwise disclose your personal information unless:
(f) you have consented to us disclosing your personal information for particular circumstances;
(g) as needed in an emergency or in investigation suspected criminal activity;
(h) we are required to disclose under a subpoena, court order or other mandatory reporting requirements;
(i) we reasonably believe that disclosure of your information is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent;
(j) it is reasonably necessary for the establishment, exercise or defence of a legal claim; or
(k) it is otherwise authorised or required by law.
6 STORAGE OF YOUR PERSONAL INFORMATION
Personal information we collect is stored with a third party storage party in a data centre based in Australia which stores a copy of all personal information.
7 Disclosure of personal information overseas
Generally, we do not disclose personal information overseas, except in the following limited circumstances:
· we use Google Analytics to track web traffic information which is operated by Google. The web traffic information collected about your use of the Website will be disclosed to Google who stores information across multiple countries; and
· when you communicate with us through a social media service such as Facebook or Twitter, the social media provider and its partners may collect and hold your personal information overseas.
8 SENSITIVE INFORMATION
Collection of sensitive information
We may collect sensitive information about you during the course of providing you our goods and services. We will only collect this sensitive information where you consent to such collection and either directly provide us with this information or it is provided by a referring health care provider.
Types of sensitive information we collect
The sensitive information we collect may include the following:
(a) health information, history and reports;
(b) referring health care provider and associated referral letters;
(c) your NDIS plan and budget;
(d) private health fund and private health insurance cover details;
(e) Medicare number, healthcare identifiers or concession card or other entitlement details; and
(f) any other sensitive information provided by you or a third party to us via our website or platforms, or otherwise provided by you or a third party to us.
How we use your sensitive information
Your sensitive information will only be used for the purpose of:
(a) providing you with our goods and services;
(b) complying with our legal obligations, resolving disputes or enforcing our agreements with you;
(c) sending you messages, reminders, notices, updates, security alerts, and other information requested by you; or
(d) any other purpose which is permitted or required under applicable privacy laws.
How we disclose your sensitive information
Your sensitive information will only be disclosed to third parties for the purpose of:
(e) providing a referral to another health care provider; or
(f) such purposes as set out above; or
(g) any other purpose which is permitted or required under applicable privacy laws.
How you can withdraw consent
If you wish to withdraw your consent to our collection, use or disclosure of your sensitive information, please contact us using the contact details set out below. We will deal with all such requests within a reasonable timeframe.
We may at times send you marketing communications which will be done in accordance with the Spam Act 2003 (Cth) (Spam Act).
If we do, we may use email, SMS, social media, phone or mail to send you direct marketing communications.
Where consent is needed, we will ask you for your consent before sending you marketing communications, except where you:
(a) have explicitly opted-in to receiving email marketing from us in the past; or
(b) were given the option to opt-out of email marketing when you initially signed up for one of our platforms and you did not do so.
10 DE-IDENTIFIED INFORMATION
The information we collect may have analytical, educational, or commercial value to us. Where we have de-identified the information we have collected, we reserve the right to process and distribute such information.
We take reasonable steps to ensure your personal information is secure and protected from misuse or unauthorised access. Our information technology systems are password protected, and we use a range of administrative and technical measures to protect these systems. However, we cannot guarantee the security of your personal information.
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
13 REQUESTING ACCESS OR CORRECTING YOUR PERSONAL INFORMATION
If you wish to request access to the personal information we hold about you, please contact us using the contact details set out below including your name and contact details. We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a reasonable timeframe.
If you think that any personal information we hold about you is inaccurate, please contact us using the contact details set out below and we will take reasonable steps to ensure that it is corrected.
If you wish to complain about how we handle your personal information held by us, please contact us using the details set out below including your name and contact details. We will investigate your complaint promptly and respond to you within a reasonable timeframe.
15 CONTACT US
Title: ATTN: Privacy Officer
Phone: 1300 771 869
Address: 22-28 Edgeworth David Avenue, Horsnby, NSW 2077