PRIVACY POLICY

QUANTCARE PTY LTD

 

Introduction

 

  1. In this Privacy Policy, ‘us’ ‘we’ ‘our’ or ‘QUANTCARE’ means QUANTCARE Pty Ltd ACN 658 540 197. QUANTCARE provides a number of services which aim to cultivate more meaningful relationships between patients and their allied health practitioners and/or medical practitioners. We collect Personal and Sensitive Information from allied health practitioners and/or medical practitioners and their patients and through the use of psychology and artificial intelligence, we assist allied health practitioners in clinical decision-making for their patients by providing patient-reported outcome and experience measures. With this information, allied health professionals and/or medical practitioners can evaluate potential lifestyle and physical factors may affect a patient and thus target treatment and education specific to each patient’s needs. We also analyse information collected by healthcare providers, such as, details about patients demographics, appointments, and their practitioners to help providers understand the performance of their practice and provide tailored communications, education, and healthcare services to their patients (‘Services’).
  2. Our Privacy Policy sets out how we collect, use, store and disclose your Personal Information and Sensitive Information. We are bound by the Australian Privacy Principles (‘APPs’) contained in the Privacy Act 1988 (Cth) (‘Privacy Act’). We also comply with all other applicable legislation, both interstate and federal, in relation to the operation of this Privacy Policy.
  3. By providing Personal and Sensitive Information to us, you consent to our collection, use and disclosure of your Personal and Sensitive Information in accordance with this Privacy Policy.
  4. We may modify our Privacy Policy at any time by publishing changes to the Services and on our Website. We recommend that you check the Services periodically to ensure you are aware of our current Privacy Policy. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

 

 

Personal Information 

 

Personal Information includes information or an opinion about an individual that is reasonably identifiable, such as:

  1. your full name or user name;
  2. your email;
  3. street address;
  4. gender;
  5. age;
  6. telephone number;
  7. contact next of kin;
  8. payment billing information including bank and credit details;
  9. occupation;
  10. your device, device type, geo-location information, computer statistics on page views, IP address and standard web log information;
  11. details of the Services we have provided to you or that you have enquired about, including any additional information necessary to deliver those Services and respond to your enquiries;
  12. details of any conversations we have had with you;
  13. information about your use of the Website, such as the pages you visit, the time and date of your visit and the internet protocol address assigned to your computer; and
  14. any incidental or residual information that is collected through your uses of the Services as outlined in paragraph 2.2.
  15. If you are a practitioner using our services, we may also collect information on your clinic, including but not limited to; clinic name, location, type, areas of focus, any additional information relating to you that you provide to us directly through our website or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information (e.g. practice management software); any information you provide to us through customer surveys; or any other personal information that may be required in order to facilitate your dealings with us and to improve the quality of service provided to you through our products and services. We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you: register on our website; communicate with us in person, by phone, via mail, through correspondence, chats, email, online, or when you or your fellow practitioners share information with us from other social applications, services or websites, or when we contact you or your fellow practitioners through any means; interact with our sites, services, content and advertising or when you or your practitioner register, log in for and use services offered by us; or invest in our business or enquire as to a potential purchase in our business.

     

    How we collect Personal Information 

     

    We may collect these types of Personal Information about you from a variety of sources either directly from you or through your use of the Services or from third parties when:

     

    1. you register and use the Services;
    2. you or your allied health practitioner and/or medication practitioner registers and uses the  Services via our Website or via a trusted third-party site, such as their patient management software;
    3. your allied health practitioner and/or medical practitioner shares information with us from other social applications, services or websites or when we contact you or your allied health practitioner and/or medical practitioner through any means;
    4. you log in to our Website through a social networking site;
    5. you subscribe to receive alerts and information about the Services from us or a third party; and
    6. you contact us, whether face to face, via the phone, email, correspondence or video, for any reason, including but not limited to, reporting of a problem with the Services, requesting further Services or seeking our assistance.

     

     Why we collect, use and disclose Personal Information 

     

    We collect, hold, use and disclose your Personal Information in order to:

     

    1. enable you or your allied health practitioner and/or other medical practitioners treating you, to access and use our Website and Services;
    2. improve and optimise the Services for users;
    3. analyse the use of the Website and provide better information to our Website visitors;
    4. send you updates relevant to the Services;
    5. send information requested by you, and any reminders, services and support relevant to the Services;
    6. contact you in relation to marketing and promotional messages;
    7. comply with our legal obligations;
    8. resolve any disputes between users;
    9. notify you of any changes to the Services; and
    10. to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners.
    11. We only disclose your Personal Information when such information is reasonably necessary to provide the Services to you or to your allied health practitioner and/or medical practitioner.

     

     To whom do we disclose your Personal Information 

     

    We may disclose your Personal Information where it is reasonably necessary for the purposes described in the Privacy Policy to:

     

    1. our employees and our related body corporates;
    2. specific third parties authorised to receive information held by us, such as your general practitioner, specialist medical practitioners or allied health practitioners;
    3. third party supplies and Services providers, including providers for the operation of the Services and/or our business or in connection with providing Services to you; and
    4. other persons, including government agencies, regulatory bodies and law enforcement agencies, authorised or permitted by law.

     

    Sensitive Information 

     

    Sensitive Information includes any information about an individual’s racial or ethnic origin, political opinions, memberships of a political organisation, religious belief or affiliation, philosophical belief, membership of a professional or trade association, membership of a trade union, sexual preference or practices, criminal record or Health Information.

     

    Health Information

     

    Health Information is any Personal Information or opinion about your health, including your illness, injury or disability, such as:

     

    1. information on your symptoms, injury or diagnosis;
    2. your comorbidities;
    3. data uploaded by any of your connected devices;
    4. government related identifiers, including Medicare number;
    5. information on your lifestyle;
    6. limitations of physical activity;
    7. information about a health service you had or will receive;
    8. allied health practitioners and/or medical practitioners who have treated you;
    9. past and current medical history;
    10. your expectations of the outcome of any treatment;
    11. specialist reports and test results;
    12. prescriptions or other pharmaceutical purchases;
    13. health insurer details;
    14. your genetic information;
    15. your wishes about future health services;
    16. appointment and billing details;
    17. any other Personal Information when a health service provider collects it.

    Collection, use and disclosure of Sensitive Information (including Health Information)

     

    How we collect Sensitive Information

    We may collect these types of Sensitive Information about you from a variety of sources either directly from you through your use of the Services or from third parties when:

     

    1. you register and use the Services;
    2. your allied health practitioner and/or medical practitioner registers and uses the Services;
    3. you log in to the Services through a social networking site;
    4. you subscribe to receive alerts and information from us about the Services or a third party; and
    5. you fill out a health questionnaire provided by us.

     

     Why we collect, use and disclose Sensitive Information

     

    We collect, use and disclose your Sensitive Information in permitted health situations:

     

    1. for the provision of a health service;
    2. to enable you or your allied health practitioner and/or other medical practitioners treating you, to access and use our Website and Services;
    3. for medical research purposes, including providing this information to third parties for this purpose; and
    4. to comply with our legal obligations

     

    We only disclose your Sensitive Information if you accept our Privacy Policy (indicating consent), and/or you have provided this information to your healthcare provider already, and such information is reasonably necessary to provide the Services to you or to your allied health practitioner or general practitioner. We may use and disclose Sensitive Information for a secondary purpose only when the secondary purpose is directly related to the primary purpose, for instance when advising another health service provider of your need for treatment where we are unable to provide that treatment.

     

    Anonymity of Personal and Sensitive Information 

     

    You are unable to create anonymous profiles as it would be impractical due to the nature of the Services provided to you.

    We automatically collect information that is de-identifiable through our Website and Services, for example, IP addresses and browser type. This information may be collated with any Personal and Sensitive Information we have collected about you.

    In the event that we provide your Personal, Sensitive, or Health Information to a third-party entity, it will be de-identified unless you consent or it is otherwise required by law.

    Aggregated and/or deidentified information that is no longer associated with an identified natural person or identifiable natural person, may be used or disclosed for any purpose.

    In instances where AI is leveraged in the QuantCare analytics platform suite, we utilise Microsoft Azure’s machine learning studio (not Open AI suite). QuantCare builds predictive models in-house only, by using algorithms built in Python. All data resides in QuantCare’s Azure environment in-region. This ensures that no data is transferred or able to be accessed externally. Data used to train models are de-identified prior to use.

     

    Direct marketing

     

      1. We and our carefully selected business partners may send you direct marketing communications and information about the Services. This may take the form of emails, SMS, mail, or other forms of communication, in accordance with the Spam Act 2003 (Cth) and the Privacy Act.
      2. You may opt-out of receiving marketing materials from us by contacting us using the details set out in clause 15.1 below or by using the opt-out facilities provided in our correspondence (e.g. unsubscribe).

     

     Use and disclosure of Personal Information for the purposes of direct marketing

    We will not disclose, sell, share or trade your Personal Information for the purpose of direct marketing, unless:

     

    1. you would reasonably expect us to use or disclose the information for that purpose; and
    2. we have provided you with the option to opt-out of receiving direct marketing.

     

    We collect the Personal Information directly from you or if this information is recorded with healthcare provider and we have been granted access to this information;

    Use and disclosure of Sensitive Information for the purposes of direct marketing

    We will only use and disclose your Sensitive Information for the purpose of direct marketing once we have received your consent or if this information is recorded with your healthcare provider and we have been granted access to this information.

    Using our Website and Cookies

    Cookies

    1. Cookies are small files that store information on your computer, mobile phone and other devices which enable your device to recognise you on the Services, as well as other services, devices and browsing sessions.
    2. We may also use Cookies or other tracking technologies on the Services that help track and remember your preferences.
    3. We will handle any Personal and Sensitive Information collected by Cookies in the same way we handle all types of Personal and Sensitive Information under this Privacy Policy.
    4. You are able to disable these Cookies but the Services may not work as intended if you choose to do so.
    5. The use of Cookies does not involve the collection of any personal data.

     

    Links

    The Services may contain links to websites operated by third parties. These links are placed for your convenience. Please be aware that when you click on these links, you are leaving our Website and entering another website. Unless otherwise stated, we are not responsible for the privacy practices of, or any content on, those linked websites and have no control over or rights on those linked websites.  You should always read the privacy policy of every website you visit, especially when you provide Personal or Sensitive Information or make posts or other contributions to these sites.

     

    Education

    Information on our Website is for educational purposes only and should not be relied upon as a medical consultation nor is it intended to replace independent professional advice. We accept no liability for any loss, injury, damage, costs incurred by your use or reliance on any information provided on the Website or any associated websites.

    Security

    We may hold your Personal or Sensitive Information in either electronic or hard copy form. We generally collect and store electronic information through third party storage providers. We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information, and protect it from misuse, interference, loss and unauthorised access, modification and disclosure. For example, we review and update our security measures in light of current technologies. However, we cannot guarantee the security of your Personal or Sensitive Information.

    Data Retention

     

    We will only retain your Personal and Sensitive information for as long as necessary to fulfil the purposes we collected it for, including for the purpose of satisfying any legal, accounting or reporting requirements. De-identified Personal and Sensitive information will be stored indefinitely and used for any purpose.

     

    Data Breach is unauthorised access to or unauthorised disclosure of Personal or Sensitive Information, or a loss of Personal or Sensitive Information, that we hold.

     

      1. Under the Notifiable Data Breaches Scheme of the Privacy Act, we may be obliged to report Data Breaches to you and the Australian Information Commissioner if we become aware or believe that your data has been compromised.
      2. For more information about our obligation to manage Data Breaches, visit the Office of the Australian Information Commissioner’s website.
      3. You are solely responsible for maintaining the secrecy of any passwords and other account information relating to our Website, apps or Services.
      4. If we no longer require the use of your Personal or Sensitive Information, we will take reasonable steps to destroy or permanently de-identify it. This requirement applies except where:

     

    • the Personal Information is part of a Commonwealth record; or
    • we are required by law or a court or tribunal to retain it.
    • Health records will be destroyed within seven years for an adult and for anyone under 18, until that person is 25 years of age unless we need it to provide related but different services, or you consent to us using the information for a secondary purpose or we are legally required to retain it.

     

    Accessing or correcting your Personal and Sensitive Information

    You can access the Personal and Sensitive Information we hold about you by contacting the Services team using our contact details set out at section 17.1 of this Privacy Policy. Sometimes, we may not be able to provide you with access to all of your Personal and Sensitive Information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your Personal and Sensitive Information.

    If you think that any Personal or Sensitive Information we hold about you inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected within 30 days.

    If we refuse to correct Personal or Sensitive Information as requested by you, we will give formal written notice setting out:

     

    • the reasons for the refusal, except to the extent that it would be unreasonable to do so;
    • the compliant mechanisms available to you; and
    • any other matters prescribed by regulations made under the Privacy Act.

     

    Making a complaint

    If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your Personal of Sensitive Information, you can contact the Services team using our contact details set out at section 17.1 of this Privacy Policy. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.

     

    For more information about privacy issues in Australia and protecting your privacy, visit the Office of the Australian Information Commissioner’s website.

     

     

     

    Sub Processors

     

    For further information

    • Cliniko – DPA

    • Google Analytics – DPA

    • Twilio (includes SendGrid) – DPA

    • Microsoft Azure – DPA (language selection required)

    • Brevo – DPA

    • Atlassian – DPA

    Data Storage Location

    • Sydney Australia (Azure East)

     

    Contact Us

     

    For further information about our Privacy Policy or practices, or to access or correct your Personal or Sensitive Information, or make a complaint, you can contact the Data Protection Officer of QUANTCARE, Zafar Issadeen using the details set out below:
    Email: zafar.issadeen(at)quantcare.io

     

     

    Last updated: 04.11.2023

    info(at)quantcare.io