Privacy Policy

In this Privacy Policy, ‘us‘ ‘we‘ or ‘our‘ means The Centre for Gastrointestinal Health (ABN 18 035 156 956).

We are committed to respecting your privacy. Our Privacy Policy sets outs out how we collect, use, store and disclose your personal information in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act).

By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us. We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name and contact details.

What personal information do we collect?

We may collect the following types of personal information:

• your name, date of birth, mailing or street address, email address, personal and work telephone number, and other contact details;
• your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;
• details of the services we have provided to you or that you have enquired about, including any additional information necessary to deliver those services and respond to your enquiries;
• any information that you provide to us when requesting an appointment through our website;
• any additional information relating to you that you provide to us directly or indirectly through our website; and/or
• any other personal information that may be required in order to facilitate your dealings with us.

We may also collect personal information from you that falls within the definition of ‘sensitive information’ under the Privacy Act – in particular, information or an opinion about your:

• health information, including genetic information, your medical history and other relevant information such as recreational drug use and alcohol use; and
• sexual orientation or practices.

We may collect these types of personal information either directly from you, or from third parties.

We may collect this information when you:

• use our website;
• become a patient;
• enquire about or receive services from us;
• communicate with us through correspondence, social networking sites (eg Facebook, Twitter, Instagram), chats, email, online chat bots, our website, or when you share information with us from other social applications, services or websites;
• interact with our sites, services, content, advertising, and marketing campaigns; or
• consent to us receiving or collecting information about you from your General Practitioner and other medical practitioners.

Why do we collect, hold, use and disclose personal information?

We may collect, hold, use and disclose your personal information for the following purposes:

• to provide services to you;
• to provide appropriate information and opinions about our services to you;
• to operate, protect, improve and optimise our website, services and user-experience – such as to perform research and analytics;
• for advertising and marketing purposes;
• to send administrative messages, reminders, technical notices, updates, security alerts, and information about our services, your medical treatments or as otherwise requested by you;
• to send you marketing and promotional messages, and other information that may be of interest to you;
• to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
• to provide information credit reporting agencies and courts, tribunals and regulatory authorities if you fail to pay for the services we have provided;
• to courts, tribunals, regulatory authorities, and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
• to comply with our legal obligations, resolve any disputes that we may have with any of our website users or clients, and enforce our agreements with third parties.

We may also disclose your personal information to a trusted third party who also holds other information about you. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.

Do we use your personal information for direct marketing?

We may send you direct marketing communications and information about us and our services. This may take the form of emails, SMS, mail or other forms of communication. You may opt-out of receiving marketing communications and information from us by directing your request using the contact details set out below or by using the opt-out facilities provided (eg an unsubscribe link).

To whom do we disclose your personal information?

We may disclose personal information for the purposes described in this Privacy Policy to:

• third party suppliers, including cloud-based storage solution service providers and other service providers, that we rely on to operate our website and otherwise provide services to our users;
• third party payment service providers that we rely on to process your payments to us;
• our employees, including receptionists, for administrative purposes;
• our contractors, who provide services to patients of our medical centre;
• other medical practitioners authorised by you to receive information held by us;
• professional advisers;
• our existing or potential agents, business partners or partners;
• our sponsors or promoters of any competition that we conduct via our services;
• anyone to whom our assets or businesses (or any part of them) are transferred;
• specific third parties authorised by you to receive information held by us; and/or
• other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Disclosure of personal information outside Australia

We may disclose personal information outside of Australia to third party suppliers of cloud-based storage and email solutions (eg Dropbox, Google/Gmail) located in the United States of America.

When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the Privacy Act. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Privacy Act (including the Australian Privacy Principles).

Using our website and cookies

We may collect personal information about you when you use and access our website. While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website and/or mobile app usage and remember your preferences. Cookies are small files that store information on your computer, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies, but our website may not work as intended for you if you do so.

We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.

Security

We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. In particular:

• personal information, including patient records and clinical data, is stored in a secure server with encryption and password protection;
• personal information stored in our secure server is backed up to a secure encrypted commercial backup software;
• our secure server is protected by anti-malware software;
• access to our information systems is controlled through identity and access management, including password protection;
• we require website users to not take any action that would constitute a breach of the privacy rights of an individual in our Website Terms and Conditions; and
• we require contractors that might have access to your personal information to enter into a binding legal contract requiring them to keep that information confidential.

However, we cannot guarantee the security of your personal information.

Links

Our website, and documents produced in the course of providing the services such as reports, may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies and other terms that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Accessing or correcting your personal information

You can access the personal information we hold about you by contacting us using the below contact information. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think that any personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the below contact information and we will take reasonable steps to ensure that it is corrected.

Making a complaint

If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us about your complaint using the below contact information.  Please include your name, email address and/or telephone number and clearly describe your complaint.  We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time.  If you think that we have failed to resolve the complaint satisfactorily, please let us know and we will provide you with information about the further steps you can take.

In this Privacy Policy, ‘us‘ ‘we‘ or ‘our‘ means The Centre for Gastrointestinal Health (ABN 18 035 156 956).

We are committed to respecting your privacy. Our Privacy Policy sets outs out how we collect, use, store and disclose your personal information in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act).

By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us. We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name and contact details.

What personal information do we collect?

We may collect the following types of personal information:

• your name, date of birth, mailing or street address, email address, personal and work telephone number, and other contact details;
• your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;
• details of the services we have provided to you or that you have enquired about, including any additional information necessary to deliver those services and respond to your enquiries;
• any information that you provide to us when requesting an appointment through our website;
• any additional information relating to you that you provide to us directly or indirectly through our website; and/or
• any other personal information that may be required in order to facilitate your dealings with us.

We may also collect personal information from you that falls within the definition of ‘sensitive information’ under the Privacy Act – in particular, information or an opinion about your:

• health information, including genetic information, your medical history and other relevant information such as recreational drug use and alcohol use; and
• sexual orientation or practices.

We may collect these types of personal information either directly from you, or from third parties.

We may collect this information when you:

• use our website;
• become a patient;
• enquire about or receive services from us;
• communicate with us through correspondence, social networking sites (eg Facebook, Twitter, Instagram), chats, email, online chat bots, our website, or when you share information with us from other social applications, services or websites;
• interact with our sites, services, content, advertising, and marketing campaigns; or
• consent to us receiving or collecting information about you from your General Practitioner and other medical practitioners.

Why do we collect, hold, use and disclose personal information?

We may collect, hold, use and disclose your personal information for the following purposes:

• to provide services to you;
• to provide appropriate information and opinions about our services to you;
• to operate, protect, improve and optimise our website, services and user-experience – such as to perform research and analytics;
• for advertising and marketing purposes;
• to send administrative messages, reminders, technical notices, updates, security alerts, and information about our services, your medical treatments or as otherwise requested by you;
• to send you marketing and promotional messages, and other information that may be of interest to you;
• to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
• to provide information credit reporting agencies and courts, tribunals and regulatory authorities if you fail to pay for the services we have provided;
• to courts, tribunals, regulatory authorities, and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
• to comply with our legal obligations, resolve any disputes that we may have with any of our website users or clients, and enforce our agreements with third parties.

We may also disclose your personal information to a trusted third party who also holds other information about you. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.

Do we use your personal information for direct marketing?

We may send you direct marketing communications and information about us and our services. This may take the form of emails, SMS, mail or other forms of communication. You may opt-out of receiving marketing communications and information from us by directing your request using the contact details set out below or by using the opt-out facilities provided (eg an unsubscribe link).

To whom do we disclose your personal information?

We may disclose personal information for the purposes described in this Privacy Policy to:

• third party suppliers, including cloud-based storage solution service providers and other service providers, that we rely on to operate our website and otherwise provide services to our users;
• third party payment service providers that we rely on to process your payments to us;
• our employees, including receptionists, for administrative purposes;
• our contractors, who provide services to patients of our medical centre;
• other medical practitioners authorised by you to receive information held by us;
• professional advisers;
• our existing or potential agents, business partners or partners;
• our sponsors or promoters of any competition that we conduct via our services;
• anyone to whom our assets or businesses (or any part of them) are transferred;
• specific third parties authorised by you to receive information held by us; and/or
• other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Disclosure of personal information outside Australia

We may disclose personal information outside of Australia to third party suppliers of cloud-based storage and email solutions (eg Dropbox, Google/Gmail) located in the United States of America.

When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the Privacy Act. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Privacy Act (including the Australian Privacy Principles).

Using our website and cookies

We may collect personal information about you when you use and access our website. While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website and/or mobile app usage and remember your preferences. Cookies are small files that store information on your computer, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies, but our website may not work as intended for you if you do so.

We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.

Links

Our website, and documents produced in the course of providing the services such as reports, may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies and other terms that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Accessing or correcting your personal information

You can access the personal information we hold about you by contacting us using the below contact information. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think that any personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the below contact information and we will take reasonable steps to ensure that it is corrected.

Making a complaint

If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us about your complaint using the below contact information. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, please let us know and we will provide you with information about the further steps you can take.

Security

We may hold your personal information in either electronic or hard copy form.  We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information.  In particular:

• personal information, including patient records and clinical data, is stored in a secure server with encryption and password protection;
• personal information stored in our secure server is backed up to a secure encrypted commercial backup software;
• our secure server is protected by anti-malware software;
• access to our information systems is controlled through identity and access management, including password protection;
• we require website users to not take any action that would constitute a breach of the privacy rights of an individual in our Website Terms and Conditions; and
• we require contractors that might have access to your personal information to enter into a binding legal contract requiring them to keep that information confidential.

However, we cannot guarantee the security of your personal information.