Last updated: 7 October 2022
1 General information
2 What personal information do we collect?
2.1 The personal information we collect may include (but may not be limited to) your name, contact details, Internet Protocol (IP) address, occupation, employer, payment details, images of you and other information relating to your dealings with us.
2.2 We also collect sensitive information from you, which includes health information (including images of skin lesions), where it is relevant to us providing goods or services to you.
3 Why do we collect your personal information?
3.1 The purposes for which we collect your information include:
(a) verifying your identity;
(b) providing you with our goods or services;
(c) contacting you about our goods and services to you (see section 7);
(d) developing and improving our goods and services (including through AI, data analytics and machine learning) and obtaining feedback including surveys;
(e) for our internal business and marketing purposes and those of our related bodies corporate
(f) contacting you (including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner);
(g) recruitment and engagement processes, including job interviews; and
(h) medical research and grant submissions.
3.2 If we are not able to collect personal information about you we may not be able to provide you with products, services and assistance to the extent that they require us to collect, use or disclose personal information.
4 How do we collect personal information?
4.1 Dermscreen collects personal information from you in a number of different ways. We may collect personal information directly from you or in the course of our dealings with you, for example when you:
4.2 We may also collect personal information about you from another Dermscreen group entity, from publicly available sources, or in some cases, from third parties including:
(a) provide personal information to us;
(b) browse or use our Website (including via cookies);
(c) use our goods or services; or
(d) contact and correspond with us, for example to ask for information.
(a) our business partners, agents and service providers, which may include medical and health practitioners; and
(b) Electronic medical records.
5 Collection and Use of Information Collected Automatically
5.1 We receive and store certain types of information automatically, such as whenever you interact with the Website or use our services. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, device ID, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier.
5.2 When you visit our website, our web servers gather your IP address to assist with the diagnosis of problems and to enable us to provide the best level of service.
5.4 We treat information collected by cookies and other similar technologies as non-personal information unless:
(a) applicable laws require us to treat them as personal information; and
5.5 You can choose to disable cookies on your computer if you wish by updating your browser settings, but please note that this may cause some malfunctions on the Website.
6 Use and disclosure
6.1 Dermscreen may use or disclose your personal information for the purpose for which it was collected. We will also use and disclose your personal information for a secondary purpose that is related to a purpose for which we collected it, where you would reasonably expect us to use or disclose your personal information for that secondary purpose.
6.2 Other instances when we may use and disclose your personal information include:
(a) where you have expressly or impliedly consented to the use or disclosure;
(b) in confidence, to our advisers and insurers;
(c) in confidence, to third parties to improve our services and obtain feedback; and
(d) where the use or disclosure is authorised or required by or under an Australian law or court/tribunal order.
6.3 We may also disclose your personal information to third parties, including:
(a) amongst other Dermscreen group entities, where applicable;
(b) with our advisors and consultants; and
(c) with third party service providers we use in conducting our business, subject to confidentiality provisions as we deem appropriate (including, without limitation, medical and health practitioners, billing or data storage services, email filtering, virus scanning and other technology services providers, and archival services providers).
6.4 Some of the third parties to whom we disclose your personal information may be located outside Australia.
6.5 For example, we may transfer your personal information to external national or overseas facilities in the course of data processing, back up and scanning or for the purposes of obtaining other services from third parties.
6.6 The countries in which these third parties are located will depend on the circumstances. However, in the course of our ordinary business operations we may disclose personal information to our third party suppliers located in Canada and Macedonia.
7 Information about events, the Website and our services
We may contact you via email, SMS or other means in order to provide you with updated information about the goods or services you have ordered from us, the Website, in relation to events or to provide you with other information about our goods and services. If you do not wish to receive any such information, please contact us to opt out as set out below.
8 Links to External Websites
We provide links to third party websites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our Website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that website and its privacy statement.
9 You may access and correct your personal information
You have a right to request access to, or correction of, your personal information held by us. If you wish to access, correct or update any personal information we may hold about you, please contact us as set out in section 13 below. However, we may charge for providing access to this information and we may refuse access where the Act allows us to do so.
10 Complaints process
10.2 A complaint should first be made in writing to Dermscreen. Your complaint will be taken seriously and will be assessed by an appropriate person with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with relevant information we may require.
10.3 You can also complain to the Office of the Australian Information Commissioner (the “OAIC”). The Act requires your complaint to the OAIC be in writing by:
(a) online privacy complaint form;
(b) downloaded privacy complaint form;
10.4 You can send your complaint to the OAIC either by:
(a) email, send it to email@example.com;
(b) mail, send it to GPO Box 5218, Sydney NSW 2001 (send it by registered mail if you’re concerned about sending it by standard post);
(c) fax, send it to 02 9284 9666.
11 Storage and security of your personal information
11.1 We host and store our customer data electronically in our IT systems. These may include Australian and internationally-based cloud servers or the servers of third parties within and outside of Australia.
11.2 Dermscreen will take reasonable steps to keep any personal information we hold about you secure. However, except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.
13 Contact us
13.1 Please direct any privacy issues or queries to Dermscreen’s Privacy Officer on 1300 610 009 or at firstname.lastname@example.org