Privacy Policy

PRIVACY POLICY

Corporate Work Health Australia Pty Ltd ACN 149 617 738 of 1 Hearn Street, Altona North, Victoria 3205 (“we”, “us”, “our” or “CWHA”), complies with the Privacy Act 1988 (Cth) (“Privacy Act”) and the applicable Privacy Principles in the Privacy Act when handling personal information, together with the together with all rel-evant State health records Legislation (“Health Records Acts”) and the applicable Health Privacy Principles in the Health Records Acts (as the case may be) when handling personal information which is health information, together with the General Data Protection Regulation (GDPR) to the extent it applies.
We take the protection of your personal information seriously. Personal information includes personal data (as defined in the GDPR) and means any information or opinion, whether true or not, about a person who is identi-fied or whose identity can reasonably be established or any information relating to an identified or identifiable natural person (“Personal Information”).
Collection:
We collect Personal Information for the purposes of delivering our products and services (“Ser-vices”). We may collect information through the CWHA website located at https://corporateworkhealth.com.au (“Website”), or in the course of providing our Services from time-to-time.
We collect Personal Information:

• from clients – when they register an enquiry, book an assessment or training package, in the course of providing our Services in the workplace and/or at any other time from time-to-time in the course of providing our Services;
• from clients’ employees or other personnel in the course of providing our services in the workplace and/or at any other time from time-to-time in the course of providing our services;
• when they are engaged to supply services to us (such as Osteopathy, Physiotherapy, Exercise Physiologist or Occupational Therapist services), provide information to us or invoice us for the provision of their services;
• when we receive enquiries through the Website and when the Website is otherwise accessed or used;
• when we receive enquiries via email.
The kind of Personal Information we may collect will depend on who you are (e.g. a client, employee of a client or patient or third party service provider) and the nature of your interaction with us, and may include your full name, email address, postal or residential address, age, medical conditions, medical history, current or past in-juries, billing information and other Personal Information. If you do not provide us with all the information we request, we may not be able to deliver our Services.

Some Personal Information we collect may include health information. Health information includes any infor-mation collected about your health or disability, and any information collected in relation to a health service you have received (“Health Information”). We collect Health Information from clients’ employees or other person-nel in the course of providing our services in the workplace and/or at any other time from time-to-time for the purposes of providing our Services in the safest and most appropriate way, and to optimise the quality of our Services.

Consent:
By engaging us or registering your details on our Website, and/or using our Website or supplying in-formation or documents to us or otherwise engaging our Services, you freely give your specific and informed consent to us collecting, using and disclosing your Personal Information (including Health information) for the purposes specified in this Privacy Policy.

Use:
We may use any Personal Information collected (excluding Health Information) to provide our Services, oper-ate the Website, send you our newsletter, respond to feedback and complaints, communicate with third party service providers, develop new Services, or if needed to enforce our client terms and conditions with you. If you are a third-party service provider, we will use your Personal Information to email you to accept your offer to provide Services, correspond with you in relation to the provision of Services and to pay your invoices.

In all cases, unless you have opted out, you consent to us using your Personal Information (excluding Health Information) for direct marketing purposes by us alone in order to tell you about our Services. We may contact you by mail, telephone, email or SMS to market our products and Services. We will always give you the oppor-tunity to opt out of receiving any future direct marketing correspondence.

Health Information
We comply with the Health Privacy Principles and the GDPR in the collection, use and disclosure of all Health Information. We collect Health Information:

• from our clients or patients when they attend our practice for the purposes of Osteopathy treatments or otherwise incidentally volunteer information about their medical conditions, injuries or general health and wellbeing;
• as necessary for the provision of our Services, but only as necessary for the provision of our Services, or as otherwise in accordance with your consent, or as may be required by law including Court order;
• only from you (or from someone authorised by you) (including your caregiver if you have one);
• with care, taking reasonable steps to ensure your information remains confidential and that any persons we disclose it to in accordance with this Privacy Policy are also required to keep it confidential;
• with accuracy, on the basis that you may at any time request a copy of the Health Information that we hold by emailing us at admin@corporateworkhealth.com.au

In the event our records are found to be inaccurate, we will rectify any inaccuracies on the basis of the further information you provide.

Disclosure and sharing:
You expressly agree that we may disclose Personal Information (excluding Health Information) to third parties for purposes associated with the provision of our Services and to third party service providers we engage to help us deliver our Services and for our own marketing purposes. We will only disclose Personal Information to additional third parties with your consent or if permitted or authorised to do so by law.

You expressly agree that we may disclose your Health Information to our Osteopathy services provid-ers (who may be third party contractors) for the provision of Osteopathy services to you, PROVIDED ALWAYS that such third party Osteopathy service providers are subject to the restrictions of this Pri-vacy Policy and a legal obligation of non-disclosure of your Personal and Health Information.

Some places outside of Australia may have inadequate data protection laws or may offer differing levels of protection of Personal Information which are not as high as in Australia. We agree only to use data processers who provide sufficient guarantees and that they will implement appropriate technical and organisational measures that ensure compliance with the GDPR and protect the rights of the data subject, and only to third parties who agree to comply with this Privacy Policy.

You may authorise us to stop processing your Personal Information at any time.

Data security, protection and quality:
We will protect the Personal Information we collect and hold from misuse, loss and interference and from unau-thorised access and modification, and to make sure it is accurate, complete and up-to-date when we collect, use or disclose it.
We have procedures of monitoring the security and safety of data as well as procedures in place for dealing with any data breaches, and the associated requirements of notifying you and appropriate authorities where that data security of your Personal Information is breached.

To assist us, please ensure you provide us with your correct details, and let us know if you believe the infor-mation we have about you is inaccurate, incomplete, out of date or misleading (and we will take reasonable steps to correct the information). We may take steps to destroy or permanently de-identify information when it is no longer needed for any purpose for which it may be used or disclosed.

Your right to erasure:
The right to erasure (which encompasses the ‘right to be forgotten’) gives you a right to require us to delete your Personal Information in certain circumstances, and/or to return it to you including, but not limited to where your Personal Information is no longer necessary for the purpose for which it was collected, or where you withdraw your consent and there is no other legal ground for processing your data. If you wish to have your Personal In-formation erased and/or returned to you please notify us at admin@corporateworkhealth.com.au

Cookies:
We may use “cookies”; technology to store data on your computer using the functionality of your browser. Many Websites do this because cookies allow the Website publisher to do useful things like find out whether the computer visited that Website before.
You can modify your browser to prevent cookie use – but if you do this our service (and our Website) may not work properly. The information stored in the cookie is used to identify you. This enables us to operate an effi-cient service and to track the patterns of behaviour of visitors to our Website.

In the course of serving advertisements to our Website (if any), third-party advertisers or ad servers may place or recognise a unique cookie on your browser. The use of cookies by such third-party advertisers or ad servers is not subject to this Privacy Policy, but is subject to their own respective privacy policies.

Access, correction and complaints:
You can request, and we will provide you with access to, and a copy of any Personal Information we hold about you (including any health information) (subject to any applicable legal exceptions). Please also let us know if you have any concerns or complaints about the way we are handling your Personal Information so we can address them. Requests should be submitted by email admin@corporateworkhealth.com.au
Where our records are found to be inaccurate, or if you wish to modify the Personal Information we hold about you, we will promptly make these changes on the basis of the further information you provide.

Transfer in certain circumstances:
If there is a sale, merger, consolidation, change in control, transfer of substantial assets, reorganisation or liqui-dation of us then, in our sole discretion, we may transfer, sell or assign Personal Information collected to one or more relevant third parties, subject always to this Privacy Policy.

Changes to this Privacy Policy:
This Privacy Policy forms part of our Terms and Conditions and therefore the agreement between you and us (either in your capacity as a client or a third-party service provider). We may, from time to time, amend this Privacy Policy, in whole or part, in our sole discretion. Any changes to this Privacy Policy will be effective im-mediately upon the posting of the revised Privacy Policy on https://corporateworkhealth.com.au. Depending on the nature of the change, we may announce the change on the https://corporateworkhealth.com.au homepage or by email (if we have your email address). However, in any event, by continuing to use the Website and/or our service following any changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Privacy Policy, as amended from time to time, in whole or part, you must terminate your use of the Website and inform us immediately prior to any further receipt of our Services.

Contact us:
If you have any questions about this Privacy Policy, or if you wish to request access to your Personal Infor-mation, correct or update you details or raise any privacy concerns you may have, please contact us at ad-min@corporateworkhealth.com.au

For further information on your privacy rights go to: www.privacy.gov.au

For further information on the Health Records Acts, go to:

https://www.alrc.gov.au/publications/2.%20Privacy%20Regulation%20in%20Australia/state-and-territory-regulation-privacy

For further information on the GDPR, go to:
https://ec.europa.eu/info/law/law-topic/data-protection_en

Last Updated 10 April 2019