1. We're here to help. Get in touch.
You can get in touch with us at any time about the way we handle and safeguard your information.
If you want to:
- ask questions
- update your information
- update or delete your Heidi Platform account
- change your user preferences
- register a concern
- opt out of marketing
- anything else…
We're just a call or a few clicks away.
If you have any questions or complaints about how we handle your information you can get in touch with us at firstname.lastname@example.org
2. About us
As part of our service, we provide the Heidi Platform application (Platform) to qualified medical practitioners (including their relevant medical clinic) and other health professionals (Practitioners) for patients of Practitioners.
The Platform facilitates the delivery of healthcare services including by:
- we, our or us – we mean Heidi Health Trading Pty Limited (ABN 84 649 783 871), and our related bodies corporate identified below at section 14.
- our services – we mean the provision of the Platform to you as a Practitioner and related services that we provide.
- you - we mean you, the reader of this policy.
- your information – we mean your personal information within the meaning of the Australian Privacy Act1998 (Cth) (Privacy Act)
- privacy laws – we mean all privacy and data protection laws that apply to us when we handle your information, including applicable health information laws, the Australian Privacy Principles and the Privacy Act.
3. What information do we collect?
We collect and hold the following categories of information, including personal information, health information, payment information, device information, and general information to help us improve our services.
When you access and use our website, Platform or other services, we collect and hold the following main categories of information. These are set out in the table below. If you choose not to provide the information we request from you, we may not be able to provide you with the services you require.
We may also collect other types of information from you.
We may also collect health information of Patients from Practitioners, including where a Practitioner has treated a Patient arising out of, or in connection with the Platform. This may include information that a Practitioner provides directly to us, or otherwise makes available to us.
The types of health information may include your medical history, clinical notes, test results, disease status and prescribed medications (amongst others).
When we refer to 'de-identified' information, we mean information that has undergone a process of removing all personal identifiers that can reasonably identify you so that there is no reasonable likelihood of re-identification occurring.
When we use this information for the purposes of business improvement, it is always in de-identified form.
4. How do we collect your information?
We collect your personal information when you engage with us or from third parties.
In many instances, we collect personal information directly from you. Here are some of the main ways.
We may also collect information (including health information) from Practitioners (including the relevant medical clinic). For example, when you undertake a consultation with a Practitioner arising out of, or in connection with the Platform, we may collect health information about you from the Practitioner. This may include information about the diagnosis, conditions, treatment, advice or other information relating to your health, or your consultation with the Practitioner. We may also collect information about you from our related companies, third party service providers and other organizations that we partner with. For example:
- when you are referred to a pharmacy or specialist, we may collect information relating to that engagement;
- when you apply for a job or position with us, we may collect information about you from any recruitment consultant, your previous employers, referees, CV checking agencies or others who may be able to provide information to assist us with our decision; and
- where you are a Practitioner, we may collect information about your qualifications, registrations, training and education background from third party sources, for purposes which include verifying your status as a qualified medical practitioner.
5. How do we use your information?
We use your personal information to enable us to deliver and improve our products and services.
We may collect, hold, use and disclose your personal information (including health information) for the following purposes:
Some of our Platform functionality may involve the use of third party services. Where these are used, de-identified information may be disclosed to those third parties in order to provide you with that functionality.
Unless permitted or required by law, we won't use your health information without your consent.
6. How do we use your personal information for marketing, and how do you opt out?
We may use your information for marketing purposes, but you can opt-out at any time.
We and our carefully selected business partners may send you direct marketing communications and information about our services or products. This may take the form of emails, SMS, mail or other forms of communication. We'll always conduct our marketing practices in accordance with privacy laws and other applicable laws.
If we do send you marketing messages using your information, you'll be able to opt out at any time – either by using the unsubscribe facility in the relevant message or by contacting us (it's easy – see section 1).
We may also market our services to you generally – including via social media, advertising through our website or through third party websites and other digital or non-digital platforms. We'll always do this in accordance with our legal requirements.
Without your consent, we will not:
- use any of your health information to send you marketing communications; or
- disclose any of your health information to a third party in order for them to market to you.
7. Do we store or share your information outside of Australia?
Your personal information is stored in Australia
We store all of your personal information in Australia, and in accordance with all applicable laws. Some of our Platform functionality relies on the use of third party services whose servers may be located outside of Australia (including in the US). Where these services are used, information may be disclosed to those third parties in order to provide you with that functionality.
9. Using our website and Platform
We may also use third party analytics tools such as Google Analytics, Meta Pixel, Mixpanel, Braze or Segment to help us gather and analyze information relating to your use of our website and Platform.
10. How do we protect your information?
We take a number of measures to keep your information safe.
We generally hold personal information in our electronic databases. Our website and Platform and our working environment are built with integrated physical, electronic and managerial processes designed to safeguard your information and protect it from misuse, interference loss and unauthorized access, modification or disclosure. Here are some of the key things we do to protect your information.
11. What are your rights in relation to your information?
You have rights in relation to your personal information. You can contact us to exercise any of your rights in relation to your information.
Here are the things you can ask us to do in relation to your information at any time while you use our website, Platform or other services.
When you contact us in relation to a request for access, correction or to make a complaint, please include your name and contact details (such as email address and phone number) and clearly describe your request or complaint. We will contact you promptly to let you know we have received your correspondence. We will formally respond to your complaint within 30 days.
Where we are not able to fulfil your request to access, correct or delete your personal information for a legal or other reason, we will let you know why. We may also need to verify your identity when you request your personal information.
If you're not happy with the way we handle your query or handle your information (including our response to your request to access or correct your personal information), you have a right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) by visiting the OAIC website.
If you are a current or former employee and you have any questions in relation to our handling of your personal information, please contact us at email@example.com
13. Changes to this policy
15. Find out more
You can find out more about the various privacy laws and other rules, regulations and standards we've mentioned in this policy by visiting the website of the Office of the Australian Information Commissioner.
- OAIC home https://www.oaic.gov.au/