Privacy Policy

MyRounds Pty Ltd ACN 634 132 657 and its related bodies corporate and its related bodies corporate (referred to in this document as we, us or our) recognises that your privacy is very important and we are committed to protecting the personal information we collect from you.  The Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage your personal information and this policy sets out how we collect, use, disclose and otherwise manage personal information about you.  In addition, the Healthcare Identifiers Act 2010 (Cth) (Healthcare Identifiers Act) applies in relation to our handling of health identifiers (such as Medicare numbers), and if you are resident in New South Wales or Victoria, the Health Records and Information Privacy Act 2002 (NSW) and Health Records Act 2001 (Vic) will apply to health information collected and handled.

We may collect and hold personal information about you, that is, information that can identify you, and is relevant to providing you with the services you are seeking.

The kinds of information we collect from you depends on our relationship with you.  If you are an individual whose health service provider is using our Platform to assist in providing you with health services, we refer to you in this privacy policy as a ‘patient’.  If you are a health service provider or other individual using our Platform to assist in providing health services, we refer to you in this privacy policy as a ‘provider’.  Users of our website or social media channels and individuals seeking information about our goods and services are referred to in this privacy policy as ‘users’.  We also interact with employees, contractors, and job applicants, and use those terms accordingly.

The kinds of information typically entered into our Platform by providers with respect to patients includes names, date of birth, gender, contact details, Medicare number, health fund information, information in relation to illnesses and medical diagnosis, information in relation to hospital admittance and hospital procedures, and information in relation to health services provided to you.  In addition to health information, we are likely to collect and hold other sensitive information about you, including your religious beliefs or affiliations, racial or ethnic origin, and sexual preferences or practices.

The kinds of information we typically collect from providers includes names, contact details, place and type of business, ABN (with respect to sole traders), all relevant provider numbers, and other information relevant to providing you with the goods and services you are, or someone else you know is, seeking.

The kinds of information we typically collect from employees, contractors, and job applicants includes names, contact details, personal information contained within a job application or resume, bank account and superannuation fund information, tax file number and ABN (with respect to sole traders).  We may also collect and hold sensitive information about you, including health information, racial or ethnic background, sexual orientation or practices, criminal record, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, genetic information, biometric information, and biometric templates.

We may also collect information through the use of our website and digital platforms, including user preferences, ‘cookie’ information, and geographical location.  Additional personal information we collect from users includes name and contact details, and any other personal information relevant to providing the information you are seeking.

If you are a provider, employee, contractor, job applicant, or user, personal information will generally be collected directly from you through a variety of avenues, including the use of our Platform, any of our standard forms, when you sign up to receive our emails or other communications, using our website or social media accounts, via email, through a telephone conversation with you, in person, or through an employment application from you. There may, however, be some instances where personal information or health information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you.  We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.

If you are a patient, any information collected and held by us will be provided to us via a provider using our Platform, with your consent.  If you are a job applicant, we may collect and hold personal information about you provided by referees, recruiters, or past employers.

If we receive unsolicited information about you that we do not ask for or which is not directly related to our functions or activities, we may be required to destroy or de-identify that information, provided it is lawful and reasonable to do so.

The personal information we collect and hold about you depends on your interaction with us.  Generally, we will collect, use and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:

(a) providing the Platform and the functionality available through the Platform;

(b) providing goods and services to you or someone else you know;

(c) facilitating our internal business operations, including:

(i) fulfilment of any legal requirements (including maintaining employment records);
(ii) establishing our relationship with you (including processing and assessing your job application);
(iii) maintaining and managing our relationship with you and communicating with you in the ordinary course of that relationship (including response to enquiries, feedback or complaints);
(iv) maintaining and managing the engagement of an employee or contractor, and terminating that engagement;
(v) analysing our services and customer needs with a view to developing new or improved goods and services;
(vi) contacting you to provide a testimonial for us; and

(d) providing you with information about other goods and services that we and other organisations that we have affiliations with, offer that may be of interest to you.

Except as otherwise permitted by law, we only collect sensitive information about you if you consent to the collection of the information and if the information is reasonably necessary for the performance of our functions, as set out above.

If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you with the Platform or other goods and services you are seeking, and we will not be able to assess your job application.  Failure to provide all or some of the information required of an employee may adversely affect our ability to comply with our legal obligations of your employment.

If you access our website, we may collect additional personal information about you in the form of your IP address and domain name.

Our website may contain links to other websites.  We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.

Our website uses cookies.  The main purpose of cookies is to identify users and to prepare customised web pages for them.  Cookies do not identify you personally, but they may link back to a database record about you.  We use cookies to monitor usage of our website and to create a personal record of when you visit our website and what pages you view so that we may serve you more effectively.

Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above).  We may disclose personal information about you to:

(a) our employees, contractors, and related entities to facilitate our and their internal business processes;

(b) third party service providers who assist us in operating our business and providing services to you (including payment processors, cloud data storage suppliers, information technology service providers, mail distribution service suppliers, or professional advisers such as lawyers, accountants, and auditors) and these service providers may not be required to comply with our privacy policy;

(c) our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions;

(d) third parties to whom you have agreed we may disclose your information; and

(e) as otherwise permitted and required by law.

We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business.  Personal information or health information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided under this privacy policy.

We will also disclose your personal information to a third party where the personal information or health information was collected from you for the purposes of passing that personal information on.

If you are a patient, your health service provider may disclose your personal information to additional entities.  Please ensure to read your health service provider’s privacy policy to understand how they collect, use, and disclose your personal information.  We are not responsible for the acts of your health service provider with respect to your personal information.

We won’t sell, trade, or exchange your personal information or health information without your permission.

We are not likely to disclose personal information about you overseas.

We store your personal information in different ways, including in paper and in electronic form.  The security of your personal information is important to us.  We take all reasonable measures to ensure that your personal information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.

Some of the personal information and health information we collect is hosted on third party data servers located within Australia.  We take reasonable steps to ensure any third party data storage suppliers we partner with have appropriate cyber and physical security controls in place.

Where personal information we hold is no longer necessary, we delete the information or permanently de-identify it, subject to specific laws in respect of data retention.

You may access the personal information we hold about you, upon making a written request.  We will respond to your request within a reasonable period.  We may charge you a reasonable fee for processing your request (but not for making the request for access).

We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately.  We will take reasonable steps to correct the information so that it is accurate, complete and up to date.

If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If you have any queries or concerns about our privacy policy or the way we handle your personal information, or you wish to make a complaint about a breach of the Privacy Act, the APPs, or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate your complaint and respond to your queries and concerns.

Email address: accounts@myrounds.com.au

Website: myrounds.com.au

For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner.  To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.