Privacy Policy

Home » Privacy Policy

About this Policy

Health Media Group Pty Ltd ACN 136 980 544 trading as Healthsite (“us”, “we”, or “our”) recognises the importance of your privacy and respects your right to control how your personal information is collected and used.

We are an Australian Privacy Principle Entity (“APP Entity”) as defined in the Privacy Act 1988 (Cth) (the “Act”). This policy complies with the Australian Privacy Principles as set out in the Act and describes the way that we may collect, hold and disclose personal information and how to contact us if you have any questions about how we handle your personal information or would like to access the personal information we hold about you (“Privacy Policy”).

This Privacy Policy applies to our website, https://www.healthsite.com.au/ (the “Site”) which is operated by us, and to the products and services provided by us which are detailed on the Site (”Our Services”).

IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS OUR WEBSITE, USE OUR SERVICES OR PROVIDE ANY INFORMATION ABOUT YOURSELF TO US.

In this policy “Personal Information” means any information that may identify you, or by which your identity might be reasonably determined. The information you provide us may include, amongst other things, your name, address, email address and phone number. For our Privacy Policy, your Personal Information includes Sensitive Information.

Sensitive Information” is a subset of Personal Information and, for the purposes of Our Services includes your health information. As part of delivering Our Services, we may collect or infer health and other sensitive information about you as defined by the Privacy Act 1988 (Cth) (“Privacy Act”).

Certain health information may be inferred from other information that you give us. Before you can give us health information, you must give your explicit consent to the processing of that health information by us. You can withdraw your consent to us processing your health information at any time. For example, in using Our Services we may collect medical history information about you, or you may provide us with your current health status to assist us in providing you services. In general, we attempt to limit the sensitive information we collect, however this may not always be possible due to the services we provide.

Where we collect sensitive information from you we will only do so if it is considered reasonably necessary for us to collect such information for us to perform our functions or activities and you consent, or collection is required or authorised by law or another exception under the Privacy Act applies. However, we may also collect Sensitive Information without your consent where we it is otherwise permitted by the Privacy Act in order to carry out Our Services. This includes where collection is required to lessen or prevent a serious threat to your life, health or safety or to public health and safety. For more information on health services please contact us.

Children’s Privacy

Our Site and Our Services do not address anyone under the age of 16 (Children). Our Site and Our Services are intended for and directed to adults and we do not knowingly collect personal information from Children without the express consent of a parent or legal guardian.

If you are a parent or guardian and you are aware that your Children have provided us with personal information, please contact us. If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers.

Collection

The purpose for which we collect Personal Information is to provide you with the best service experience possible on the Site, whilst you use our Services and for our internal business purposes that form part of normal business practices. Some provision of Personal Information is optional. However, if you do not provide us with certain types of Personal Information, you may be unable to enjoy the full functionality of the Site or Our Services.

As part of Our Services, you can provide further information regarding the reason you wish to use Our Services, such as health information when you use our Booking System Application to book an appointment with a doctor. When you use Our Services and submit your Personal Information, we store that Personal Information and we transfer it to the practice management system of the medical practice you book an appointment with. We do this to be able to assist you with your appointment with the medical practice. We will ask for your explicit consent to allow us to store this type of information before you use this service. Without your consent, we cannot provide you with Our Services.

To provide Our Services to you, we may collect Personal Information. This information may include:

  • your name;
  • your date of birth;
  • your contact details (e.g. address, email address, phone number);
  • your gender;
  • your marital status;
  • occupation;
  • credit card information (if you pay for a service);
  • cultural background;
  • allergies;
  • your medications;
  • your emergency contact details;
  • your next of kin details;
  • the type of appointment you are requesting;
  • the reason you are seeking that type of appointment;
  • information about your private health insurance fund, including your membership number;
  • your Medicare, Pension, Health Care Card and Veteran Affairs number and details;
  • technical data such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access Our Services; and
  • analytics data which we may collect directly or use third party analytics tools, to help us measure traffic and usage trends for our products and services. These tools collect information sent by your browser or mobile device, including the pages you visit and other information that assists us in improving our products and services. We collect and use this analytics information in aggregate form such that it cannot reasonably be manipulated to identify any particular individual user.

We may also collect details of conversations we have had with you or any other information relevant to us. As part of your health assessment, we may send you follow-up emails regarding the advice we provide to you and to assist you by reminding you to seek medical attention when necessary.

We may also collect Sensitive Information about you such as medical reports, referrals, medication, health history and other important health information where you consent and such information is reasonably necessary to provide Our Services to you.

We automatically collect information through our Site and Our Services, that is often not personally identifiable, such as the website from which you came to our Site, your IP address, browser type and other information relating to the device through which you access the Site. We may combine this information with the Personal Information we have collected about you.

Use and Disclosure

Personal Information collected by us will generally only be used and disclosed for the purpose it was collected.

We use your Personal Information to assist you in the best possible way. When you use our booking system for appointments with health professionals, we will disclose your Personal Information to the health professionals that you have selected and their practices for the purpose of arranging such appointments or prescriptions.

When you consent, your Personal Information may be used or disclosed for the following reasons:

  • To supply you with Our Services.
  • To manage our business and to improve Our Services continuously.
  • For our customer service to help you.
  • To send you email notifications or SMS messages relating to the appointments you have made using Our Services.
  • To send you email notifications or SMS messages relating to pathology results.
  • To provide you with our marketing magazine (Thrive Magazine).
  • In order to support research, we may use your data (sometimes for reward), pseudonymised (without a direct link to your identity) or anonymised (without us being able to identify you at all). This may include sharing your data with third parties. By using Our Services, you explicitly consent to this use of your Personal Information. As such, your Personal and Sensitive Information may be reviewed by our employees or consultants who work for us and third parties who provide hosting of medical records other information. All employees, consultants and third parties with access to your Personal and Sensitive Information are bound by strict confidentiality.

When you pay for Our Services we use third party payment processors to facilitate that payment (at the date of this Privacy Policy, that payment processor is Tyro: https://www.tyro.com/privacy-policy/). Third party processors may obtain personal information about you when they process your payment. Our payment processors have their own privacy policies. You should read and consider them before you agree to make a payment for Our Services.

In order to lawfully process Sensitive Information for you, we will ask for your consent. We require your consent before we can assist you. When you wish to withdraw your consent, please contact us via the contact details at the bottom of this Privacy Policy. When you withdraw your consent, we will not be able to provide you with Our Services and you will have to discontinue using Our Services.

We may, from time to time, use Personal Information, other than Sensitive Information, for other purposes where it would be reasonably expected by you or if permitted by the Privacy Act, including to effect or enforce a transaction, procuring legal and accounting, auditors advice and advice from other consultants. We may also disclose your Personal Information in circumstances where we are compelled by other Australian laws or a court of law to do so.

In the event that we sell our business, or engage in a transfer, mergers, restructure or change of control or other similar transactions, customer information (containing Personal Information) is generally one of the business assets that forms part of the transaction. Your Personal Information may be subject to such transfer. In the unlikely event of insolvency, Personal Information may be transferred to a trustee or debtor in possession and then to a subsequent purchaser.

Access and Accuracy

You can access and/or correct Personal Information we hold about you at any time by contacting us. We encourage you to contact us to keep your Personal Information up to date.

We will respond to your request for Personal Information within a reasonable time. We reserve the right to charge an administration fee to cover the costs of responding to your request, for example, where Personal Information is held in storage.

If required by law or where the Personal Information may relate to existing or anticipated legal proceedings, we may deny your request for access to your Personal Information. We will respond to your request, setting out the reasons for our refusal in writing.

Storage and Security

We will take reasonable steps to protect your Personal Information from misuse, loss, unauthorised access and modification or disclosure. We use commercially reasonable physical, technical and administrative measures to protect Personal Information that we hold, including, where appropriate, password protection, encryption and SSL to protect our Site. However, we are not responsible for the storage and security of your Personal Information that is held by third-party service providers. These third-parties have their own privacy policies and you should read and satisfy yourself that about their privacy obligations with respect to the storage and security of your Personal Information.

Despite taking appropriate measures to protect Personal Information collected, used and stored by us, no data security measures we implement can guarantee 100% security of your Personal Information at all times. We cannot guarantee the security of any Personal Information transmitted to us via the internet and such transmission is at your risk. This is an inherent risk you assume when you use our services.

If we no longer require the use of your Personal Information, we will take reasonable steps to destroy or permanently de-identify it when we are legally permitted to do so.

Personal Information may be stored electronically through third-party data centres, which may be located overseas, or in physical storage at our premises or third-party secure storage facilities. Wherever possible, we use third parties who provide high standards of data security and storage in compliance with Australian Privacy legislation. However, we are not responsible for the storage and security practices of third parties, or data breaches affecting third party providers we use.

Data Breach Notification Scheme

If we have reason to suspect a data breach has occurred, we will undertake an assessment in accordance with the Notifiable Data Breach Scheme. If we determine there has been an eligible data breach, we will notify you as soon as reasonably practicable.

If the breach relates to the My Health Records Act, we may disclose your Personal Information to the My Health Records System Operator under section 73A of that Act.

Identifiers

An identifier is a unique number assigned to an individual to identify them. Identifiers include Medicare Numbers and Tax File Numbers. We may adopt an identifier given to you by a government agency as our identifier of you, unless we are not permitted by law.

Cookies, Web Beacons and Analytics

When you interact with our Site, we strive to make your experience easy and meaningful. We, or our third-party service providers, may use cookies, web beacons (clear GIFs, web bugs) and similar technologies to track site visitor activity and collect site data. We may combine this data with the Personal Information we have collected from Customers. Examples of information that we may collect include technical information such as your computer’s IP address and your browser type, and information about your visit such as the products you viewed or searched for, the country you are in, what you clicked on and what links you visited to get to or from our Site. If we identify you with this information, any use or disclosure of that information will be in accordance with this Privacy Policy.

Third-party Websites

This Privacy Policy does not apply to any third-party linked which may also collect and use information about you. We are not responsible for any of the information collected by any such third party.

At times, our Site may contain links to other third-party websites. Any access to and use of such linked websites is not governed by this Privacy Policy, but, instead, is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.

Marketing Emails

We may send you direct marketing emails and information about products and services that we consider may be of interest to you. These communications will only be sent via email and in accordance with applicable marketing laws, such as the Spam Act 2004 (Cth), and only if you consent to receive marketing emails from us. If, at any time, you would like to stop receiving these promotional emails, you may follow the opt-out instructions contained in any such email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails or promotions from us, we still may send you email about your account or any services you have requested or received from us, or for other customer service purposes. We do not provide your Personal Information to other organisations for the purposes of direct marketing.

We may share your contact details with our related entities (as defined by the Corporations Act 2001) for the purposes of our related entities providing you with direct marketing, such as our Thrive Magazine.

If you receive communications from us that you believe have been sent to you other than in accordance with this Privacy Policy, or in breach of any law, please contact us using the details provided below.

Consent to International Transfer

We may transfer your Personal Information to organisations in other countries. Recipients may include our related entities or employees, external service providers such as administration providers or information technology providers such as cloud storage and data processing. We only transfer information where we reasonably believe that the recipient is legally or contractually bound to principles that are substantially similar to the Australian Privacy Principles.

Changes to this Policy

We may change this Privacy Policy from time to time. Any updated versions of this Privacy Policy will be posted on our Site. You should check periodically to review our current Privacy Policy, which is effective as of the effective date listed above. Your continued use of any of our Site and our services constitutes your acceptance and understanding of the Privacy Policy as in effect at the time of your use. If we make any changes to this Privacy Policy that materially affect our practices with regard to the Personal Information we have previously collected from you, we will endeavour to provide you with notice in advance of such change by highlighting the change on the Site, or where practical, by emailing you. This Privacy Policy is current as of 02/03/2021.

Complaints and Enquiries

If you have any questions or complaints regarding privacy, or if at any time you believe we may have wrongfully disclosed your Personal Information or breached our Privacy Policy, please lodge your complaint in writing to:

Our Privacy Officer via email through our website contact form @ https://www.healthsite.com.au/contact/

If you are not satisfied with our response, you are entitled to contact the Office of the Australian Information Commissioner by calling 1300 363 992 or writing to the Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 1042.