Privacy Policy

The Privacy Act 1988 (Cth) currently defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable;

1. Whether the information or opinion is true or not and
2. Whether the information or opinion is recorded in a material form or not

If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “personal information” and will not be subject to this privacy policy.

The kind of personal information that we collect from you will depend on how you use the website. The personal information which we collect and hold about you may include:

1. Other information
   • Re-identified technical data such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the website
   • web analytics data, which we may collect directly or use third party analytics tools, to help us measure traffic and usage trends for our products and services. These tools collect information sent by your browser or mobile device, including the pages you visit and other information that assists us in improving our products and services. We collect and use this analytics information in aggregate form such that it cannot reasonably be manipulated to identify any particular individual user.
2. General Information
   • your name;
   • your date of birth;
   • your contact details (e.g. address, email address, phone number);
   • your gender and/or birth sex;
   • occupation;
3. Health Information
4. Information provided when book an appointment
5. Demographic information
6. Professional information
   • For doctors, we may collect information about your professional credentials, including but not limited to your Bank Account Number and the Bank.
   • Information about your professional registration, credentials and experience, associations or memberships, or any other information that you or your Practice provide about you to be published on your profile or listing.
7. Financial and Transaction information
   • If you process a payment or other financial transaction with your Practice via the Platform, general details of that transaction (including a record), however, credit card information will be held by a secure payment provider to ensure it is kept safe. We don’t see your full credit card number, nor do we store it, though we do have the ability to transact on your behalf to enable payment processing only.
8. Any other personal information you send or disclose to us, including our records of any communications or interactions we have with you.
9. Details of any communications or interactions you have with a patient using the Platform – for example, details of an appointment with you that is managed using the Platform (and any related communications).

1. We may collect personal information directly from you or whenever you input such information onto the website or via third party management software that is integrated into the Platform, or in connection to your practice.
2. We may also collect personal information from your patients or potential patients, or the Practice that employs or otherwise engages you.
3. We also collect cookies from your computer, which enable us to tell when you use the website and to help customize your website experience. As a rule, however, it is not possible to identify you personally from our use of cookies.
4. Depending on the nature of your relationship (or potential relationship) with us, we may also collect your personal information from other sources such as advertising, public records, mailing lists, contractors, our staff and our business partners.

1. The purpose for which we collect personal information is to provide you with the best service experience possible on the website.
2. By using our website, you consent to the receipt of direct marketing material. We will only use your personal information for this purpose if we have collected such information directly from you, and if it was material of a type which you would reasonably expect to receive from us. We do not use sensitive personal information in direct. All direct marketing material will include a simple means by which you can request not to receive further communications of this nature.
3. We collect, hold and use personal information for the purpose of providing our services, for providing analytical services, communicating with our clients and potential clients, suppliers and contacts (including periodic marketing contact), and for the purpose of managing the provision of services to our clients.
4. We may collect and process sensitive information such as health information for the purpose of providing our analysis services to our medical practice clients. This kind of information is strictly controlled by us. Sensitive information such as health information is not collected or used by us in any other way or for any other purpose unless it has been aggregated and anonymized for use in analytics and other reports. Certain subscribers to our services may have the ability to opt out based on the level or type of subscription held. This will be set in your subscription package.
5. We may also use personal information where necessary in order to comply with our legal and regulatory obligations.
6. Personal information will be retained for the duration of the subscription of the medical practice that disclosed the information to Platform. Within 60 days of the subscription lapsing and there being no reasonable likelihood of the subscription being renewed, Mediportal Pty Ltd., will delete all such information.
7. We use information for security purposes.

1. We customarily disclose personal information only to third party service providers who assist us in operating the website.
2. Personal information disclosed to us by you is one of the inputs we use to provide analysis services back to that practice. Only authorized users of the practice can access the analysis, through a password-controlled login.
3. We use tier-one service providers for hosting and processing of data (and in respect of processing of sensitive information, only providers in Australia).
4. We may, from time to time, disclose information to professional advisers for the purpose of obtaining advice. We may provide information to law enforcement agencies if requested, or if we believe unlawful activity has taken place.
5. Your personal information may also be exposed from time to time to maintenance and support personal acting in the normal course of their duties.
6. Your personal information may be shared with courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights.
7. We may share your personal information with other persons notified to you at the time we collect your personal information, with those to whom you give your consent to, or to whom we are authorized or required by law to make such disclosure.

You have the right to request, subject to certain exceptions;

• Access to the personal information we hold about you.
• To correct inaccurate personal information.

We may charge you a reasonable fee for our costs in providing you with access to your personal information, but we will let you know about this once we have processed the initial request.

In some circumstances, we may not permit access to your personal information, or may refuse to correct your personal information, including, but not limited to, where:

• Giving access would have an unreasonable impact on the privacy of others;
• The information relates to existing or anticipated legal proceedings and the information would not be discoverable in those proceedings;
• Giving access would be unlawful;
• Denying access is otherwise required or authorized by law; or
• The request for access is frivolous or vexatious.

If we deny you access to or we refuse your request to correct your personal information, we will give you our reasons for this in writing.

If you would like to access or correct any information, please contact us as set out below.

If you have a complaint concerning the manner in which we maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by our staff/personnel and we may seek further information from you to clarify your concerns. If we agree that your complaint is well-founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.

In respect of sensitive information such as health information provided to us by our client medical practices, we use technical infrastructure (cloud storage and processing providers) located in Australia. We do not, as a matter of strict policy, disclose such personal information to any overseas recipients.

Other information such as contact and accounting information, may be stored and processed by us using infrastructure providers outside Australia.

We do not otherwise disclose personal information to any recipient outside Australia.

The Privacy Act 1988 (Cth) (“the Act”) and corresponding Australian Privacy Principles (“APPs”) require relevant Australian entities to ensure that, before disclosing personal information overseas, reasonable steps are taken to ensure that overseas recipients do not breach the Act or the APPs (APP 8.1). It is not always possible to ensure that overseas recipients will comply. We do not take any responsibility for the actions of overseas third-party recipients of personal information. By agreeing to this Privacy Policy, you are agreeing that your personal information may be disclosed overseas, and that APP 8.1 will not apply to that disclosure. This means that you will not have recourse against us under the Act in the event that an overseas recipient of your personal information breaches the APPs.

We will take all reasonable precautions to protect your personal information from unauthorized access or disclosure, or misuse or loss.

Some of these precautions include:

• Password Encryption
• All the data stored as encrypted (MySQL) enables data at rest encryption
• Any connectivity details are stored as encrypted JSON Web Token
• All Database connectivity happen through Azure VPN
• Standard security scans conducted by a recognized third-party company.

In some circumstances the European Union General Data Protection Regulation (GDPR) provides additional protection to individuals located in Europe. The fact that you may be in Europe does not, however, on its own entitle you to protection under the GDPR. Our website does not specifically target customers located in the European Union and we do not monitor the behaviour of individuals in European Union, and accordingly the GDPR does not apply.

If you have any queries, or if you seek access to or seek to correct your personal information, or if you have a complaint about our privacy practices, you can contact us through: info@mediportal.com.au or support@mediportal.com.au

You can write to us or call us on

Mediportal Pty Ltd
‍Paragon Consultants,
First Floor,
160, Stirling Highway,
Nedlands,WA6009

‍

From time to time, we may update this privacy policies. Will notify you of any material changes to our privacy policies as required by law. An updated policy document will be posted on our website. Please check our site periodically for updates.