This Statement is written in simple language. The specific legal obligations of eevi when collecting and handling your personal information are outlined in the Privacy Act 1988 (Cth) and in particular in the Australian Privacy Principles (APPs), which regulate the collection, storage, use and disclosure of personal information.
YOUR PERSONAL INFORMATION
We may collect and hold personal information about you (that is, information that can identify you) and is relevant to providing you with the goods and services you are seeking, and to our functions and activities. The kinds of information we typically collect depends on our relationship with you.
The kinds of information we typically collect include:
(a) If you are a client: your name, date of birth, personal and emergency contact information, health and medical information, health fund and payment details.
(b) If you are an employee: your name, date of birth, personal and emergency contact information, tax file number, superannuation details, bank account details, employment history and training details.
(c) If you are a contractor or supplier: we will also collect your personal and business contact details, ABN, and payment details.
Except as otherwise permitted by law, we only collect sensitive information about you if you consent to the collection of the information and if it is reasonably necessary for the performance of our functions and activities. Consent may be implied by the circumstances existing at the time of collection. There may also be circumstances under which we may collect sensitive information without your consent, as required or authorised by law.
METHOD OF COLLECTION
Personal information will generally be collected directly from you through the use of any of our standard forms, over the internet, via email, through a telephone conversation with you, or if you participate in an online survey. We may also collect personal information about you from third parties acting on your behalf.
There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
PURPOSE OF COLLECTION:
The personal information that we collect and hold about you, depends on your interaction with us.
Generally, we will collect, use and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities, and for the purposes of:
(a) providing goods and services to you;
(b) responding to your enquiries;
(c) facilitating our internal business operations, including:
- establishing our relationship with you;
- maintaining and managing our relationship with you and communicating with you in the ordinary course of that relationship (including responding to feedback or complaints);
- the fulfilment of any legal requirements; and
- analysing our business operations, services and customer needs with a view to developing new or improved business operations or services; and
(d) providing you with information about other goods and services that we and other organisations that we have affiliations with, offer that may be of interest to you.
We use our website to promote our work and publish resources to help our stakeholders understand and use the legislation we administer. We do not publish personal or health information on our website without permission.
FAILURE TO PROVIDE INFORMATION
If the personal information you provide to us is incomplete, we may be unable to provide you with the goods and services you are seeking.
If you access our website, we may collect additional personal information about you in the form of your IP address and domain name.
LINK TO EXTERNAL WEBSITES
Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures. When following links to other sites from this website, we recommend that you read the privacy statement of that site to familiarise yourself with its privacy practices.
SOCIAL NETWORKING SERVICES
We use social networking services such as Meta, Linkedin and YouTube to communicate with the public about our work. When you communicate with us using these services, we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service will also handle your personal information for its own purposes. We are not responsible for the privacy practices of social networking sites and social networking sites are not subject to our privacy policies and procedures. These sites have their own privacy policies.
Email addresses provided via this site will only be used to respond to specific user queries and will not be added to any mailing lists, nor disclosed to any other party without your knowledge and consent, unless required by law.
WEB STATISTICS AND COOKIES
USE AND DISCLOSURE
Any personal information you provide to us will only be used and disclosed for the purposes for which it was collected (as set out above), unless you consent to another use or disclosure, in emergencies or as otherwise required or authorised by law.
We may disclose personal information about you to:
(a) our employees, volunteers, contractors and consultants (workers), and other parties who require the information to assist us with facilitating our internal business processes, providing you with information and services, and with establishing, maintaining, managing, or ending our relationship with you;
(b) if you are a client: other health professionals and health fund providers;
(c) if you are an employee: the Australian Taxation Office, and your superannuation fund;
(e) third parties to whom you have agreed we may disclose your information (for example, your emergency contacts) or where the information was collected from you (or from a third party on your behalf) for the purposes of passing it on to the third party; and
(f) any other entity as otherwise permitted or required by law.
We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business. Personal information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided.
Sensitive information (including health information) is only used and disclosed for the purposes for which it was collected, unless your further consent is obtained or otherwise as permitted or required by law.
DISCLOSURE OF PERSONAL INFORMATION OVERSEAS
We are likely to disclose personal information about you overseas to service providers who assist us in operating our business located in New Zealand (for call monitoring facilities) and Finland (for bed sensors).
The security of your information is important to us. We have implemented security policies and measures to protect the personal information that we have under our control. However, you should be aware that there are risks in transmitting information across the internet. While we endeavour to protect personal information, we cannot guarantee or warrant the security of any information transmitted to us online and individuals do so at their own risk.
Once any personal information comes into our possession, we will take reasonable steps to protect that information from interference, misuse and loss, and from unauthorised access, modification and disclosure. If you are concerned about conveying sensitive material to us over the internet, you may prefer to contact us by telephone or mail.
We will remove personal information from our systems where it is no longer required (except where archiving is required) and in order to fulfil our obligations under the Privacy Act.
ACCESS AND CORRECTION
You may access any personal information about you held by eevi upon making a request. You may also have your own personal or health information, held by eevi, corrected in certain circumstances, for example if you wanted to update your contact details.
We encourage people wanting to access or amend their own personal or health information to contact us with their request. We may charge you a reasonable fee for processing your request (but not for making the request for access). If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, we encourage you to contact the staff member or team managing their information. We will respond to your request within a reasonable period. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
Informal requests do not need to be put in writing. If necessary, we will ask you to verify your identity or make a formal application instead.
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
If you are on one of our automated email lists, you may update your email preferences or unsubscribe by clicking the relevant links at the bottom of the email, or by emailing firstname.lastname@example.org and requesting to be unsubscribed from any further emails.
COMPLAINTS AND FEEDBACK
If you wish to make a complaint about a breach of the Privacy Act, the APPs or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.
If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.