Corporate Work Health Australia Pty Ltd ACN 149 617 738 of 1 Hearn Street, Altona North, Victoria 3205 (“we”, “our”, “us” or “CWHA”), complies with the Privacy Act 1988 (Cth) (“Privacy Act”) and the applicable Privacy Principles in the Privacy Act when handling personal information, together with the Health Records Act 2001 (Vic) (“Health Records Act”) and the applicable Health Privacy Principles in the Health Records Act when handling personal information which is health information.
We take the protection of your personal information seriously. Personal information includes any information or opinion, whether true or not, about a person who is identified or whose identity can reasonably be established.
Collection: We collect personal information for the purposes of delivering our services and communicating with clients. We may collect information through the CWHA website located at www.corporateworkhealth.com.au, (“Website”), or in the course of undertaking our services in workplace risk assessment/training and/or seminar/workshops or from clients or their personnel verbally and/or in writing from time-to-time in the course of the conduct of our services.
We collect personal information:
- from clients – when they register an enquiry, book an assessment or training package, in the course of providing our services in the workplace and/or at any other time from time-to-time in the course of providing our services;
- from clients’ employees or other personnel in the course of providing our services in the workplace and/or at any other time from time-to-time in the course of providing our services;
- from third party service providers – when they are engaged to supply services to us (such as instructor services), provide information to us or invoice us for the provision of services;
- when we receive enquiries through the Website and when the Website is otherwise accessed or used;
- when we receive enquiries via email.
The kind of personal information we may collect will depend on who you are (e.g. a client or third party service provider) and the nature of your interaction with us, and may include your full name, email address, company name, billing information and other personal information. If you do not provide us with all the information we request, we may not be able to deliver our services.
Some personal information we collect may include health information. We collect health information from employees or other personnel in workplaces when carrying out risk assessment/training and/or seminars/workshops.
This enables us to safely, appropriately and accurately provide our services, assess the needs of clients and their employees or other personnel in the provision of our services (as the case may be) and to generally assist in optimising the quality of our service.
Use: We may use any personal information collected (excluding health information) to provide our services, operate the Website, send you our newsletter, respond to feedback and complaints, communicate with third party service providers, develop new services, or if needed to enforce our Terms and Conditions with you. If you are a third party service provider, we will use your personal information to email you to accept your offer to provide services, correspond with you in relation to the provision of services and to pay your invoices.
In all cases, unless you have opted out, you consent to us using your personal information (excluding health information) for direct marketing purposes in order to tell you about our services. We may contact you by mail, telephone, email or SMS to market our products and services. We will always give you the opportunity to opt out of receiving any future direct marketing correspondence.
We comply with the Health Privacy Principles in the collection, use and disclosure of all health information. We collect your health information:
- from employees or other personnel in workplaces when carrying out risk assessment/training and/or seminars/workshops
- as necessary for the provision of our services, but only as necessary for the provision of our services, or as otherwise in accordance with your consent, or as may be required by law including Court order;
- only from you (or from someone authorised by you) (including your caregiver if you have one);
- with accuracy, on the basis that you may at any time request a copy of the health information that we hold by emailing us at email@example.com and where our records are found to be inaccurate, we will rectify any inaccuracies on the basis of the further information you provide.
Disclosure and sharing:
When a service is purchased by you, we may disclose your personal information, including relevant health information to a third party service provider contracted to us who is involved in the delivery of that service.
If you provide your consent, we may pass on your health information to third party service providers where that information is needed for them to deliver a secondary service you have requested from them.
Data security and quality:
We will take reasonable steps to protect the personal information we collect and hold from misuse, loss and interference and from unauthorised access and modification, and to make sure it is accurate, complete and up-to-date when we collect, use or disclose it.
To assist us, please ensure you provide us with your correct details, and let us know if you believe the information we have about you is inaccurate, incomplete, out of date or misleading (and we will take reasonable steps to correct the information). We may take steps to destroy or permanently de-identify information when it is no longer needed for any purpose for which it may be used or disclosed. We may retain and use de-identified information.
You can modify your browser to prevent cookie use – but if you do this our service (and our Website) may not work properly. The information stored in the cookie is used to identify you. This enables us to operate an efficient service and to track the patterns ofbehaviour of visitors to the Website.
Access, correction and complaints:
You can request, and we will provide you with access to, any personal information we hold about you (including any health information) (subject to any applicable legal exceptions). Please also let us know if you have any concerns or complaints about the way we are handling your personal information so we can address them. Requests should be submitted by email (firstname.lastname@example.org). Where our records are found to be inaccurate, we will promptly rectify any inaccuracies on the basis of the further information you provide.
Transfer in certain circumstances: If there is a sale, merger, consolidation, change in control, transfer of substantial assets, reorganisation or liquidation of us then, in our sole discretion, we may transfer, sell or assign personal information collected to one or more relevant third parties.
For further information on your privacy rights go to: www.privacy.gov.au
For further information on the Health Records Act, go to: https://www2.health.vic.gov.au/about/legislation/health-records-act; http://www.health.vic.gov.au/hsc/downloads/hppextract.pdf