We will only access, collect and/or use personal information that is reasonably necessary for or directly related to our functions and activities and the provision of our services to you.

Personal information is any information or an opinion about an identified (or reasonably identifiable) individual, regardless of whether the information or opinion is true or not or recorded in material form or not.

The types of personal information collected by us may include but is not limited to:

• –  contact information, such as name, position, practice, office and postal address, email address,        phone, facsimile and mobile telephone numbers;
• –  subscriber name and/or practice name;
• –  position or title (such as a specialist, practice manager, receptionist, IT consultant or otherwise);
• –  practice type (such as general practitioner, dermatologist, general surgeon, orthopaedic                    surgeon  or otherwise);
• –  information about devices (and number) requiring access to our software products;
• –  user names and email addresses;
• –  billing information, such as bank account details; and
• –  any other additional information you provide to us.

We do not collect sensitive information about you (such as information relating to your race, ethnicity, health or religion) unless you have given express consent, it is required or authorised by law or is reasonably necessary to establish, exercise or defend a legal claim.

We provide software products and services to assist health service providers to manage their practices, including by storing and managing patient information and records. Under the terms of our Master Service Agreement, we may have access to personal information such as patient personal, sensitive and health information (End-User Data).  This may include information about an individual’s health, disability, their use, receipt or request for provision of health services, dietary requirements, medical history, general practitioner, Medicare and health insurance details and other information provided to us.

We only use End-User Data for the purpose of delivering our products and services, and as permitted under the terms of our Master Service Agreement or this Policy.  We do not share End-User Data with third parties without consent or unless compelled to do so by law. We do not use End-User Data for marketing purposes.

We only collect personal information by lawful and fair means.

If it is reasonable and practical to do so, we will collect personal information directly from you.  We collect information in a number of ways, such as when you contact us by phone or email, when you use our Site, subscribe to our publications, attend our seminars or functions, or use our products and services. 

We may also collect personal information from third parties such as your representatives or publicly available sources of information. All personal information that we collect is reasonably necessary for the purposes relating to providing our products and services to you.

If someone other than you provides us with personal information about you that we did not ask for, and we determine that we could have collected this information from you had we asked for it, we will notify you as soon as practicable (unless to do so would be a breach of confidence).  If we could not have collected this personal information, we will lawfully de identify or destroy that personal information.

If we are unable to collect the personal information we reasonably require, then we may not be able to provide our services to you.

“Cookies” are small data files that may be downloaded to your computer when you visit a website, which may be used to track your use of that website.  Cookies must be enabled in order to use web based software products offered by us and may be used to provide users of your computer with information that we think may interest the users of your computer. 

We may use cookies from time to time to:

• –  track your usage of our software products;
• –  improve your experience on our software products;
• –  provide you with better service when you use our software products;
• –  authenticate your access to our software products; and
• –  recognise you when you return to our software products.

This information may be linked to any personal information you may provide and may be used to identify you. You can adjust your internet browser to disable or warn you when cookies are used. However, disabling cookies will stop our software products from functioning fully.

Our purpose in collecting, holding, accessing and using personal information, is:

• –  to provide and deliver our products or services to you;
• –  to communicate with you and administer our relationship with you;
• –  to discuss potential updates or advances to our products with you, and to keep you informed of        relevant upcoming events and our activities;
• –  to address any query, feedback or complaints you may have, and to record your marketing and        communication preferences;
• –  to improve and enhance our products and services and manage our business;
• –  for marketing and research purposes related to us or our partners;
• –  for data and user analytics;
• –  for clinical research and trials;
• –  to fulfil and comply with any legal, enforcement (including debt recovery), regulatory and                    contractual obligations (including any requirements under our Master Service Agreement); and

• –  to fulfil any other purpose that was made clear at the time of collecting the personal                              information.

If we hold personal information about you that was collected for a particular purpose, we will not use or disclose the information for another purpose without your consent, unless you would reasonably expect us to use or disclose the information for the secondary purpose.

We will not disclose your personal information to any third party other than as set out in this Policy (or as required by law, to protect our rights or property, or to avoid injury to any person).

In order to deliver the services that we provide to you, we may disclose your personal information to other organisations, only in relation to providing our services to you.  We take reasonable steps to ensure that these organisations are bound by privacy obligations in relation to the protection of your personal information.  

In order for us to properly provide our services to you, we may be required to disclose personal information to our partners for the purposes of providing external applications (such as patient apps, online government apps, online appointment bookings, remote patient monitoring) and for proper device integration (such as medical devices or payments, HICAPS or EFT), or other third party integrations subscribed to by you.  

We do not transfer or store any of your personal information to people in foreign countries, however our partners may do so.  In many cases the transfer will be necessary for the performance of our Master Service Agreement with you and contract with them or for the implementation of measures taken in response to a request by us or for the performance of a contract with a third party which is concluded in your interests.  Personal information that is stored overseas may not be subject to the Act or the APPs.  By providing your personal information or using our services, you consent to this transfer.

Our Site and the software products offered by us may from time to time contain links to other websites, and those third party web sites may collect information about you. You acknowledge that linked sites are not operated by us and we take no responsibility for the content or privacy practices of other websites that are linked to our software products or Site. 

We may use personal information about you for the primary purpose of providing you with our services, and for other purposes for which you would reasonably expect us to use that information.  As noted above, we do not use End-User Data for marketing purposes.

You acknowledge and agree that we may from time to time use personal information collected by us for our marketing and research purposes. This may include sending updates and information related to Genie Solutions or its activities by post, telephone or any form of electronic communication.  We may also share your personal information with our partners who may use any email address or other contact information you provide to us at any time for this purpose. You authorise us, and our partners, to use any email address or other contact information you provide to us for this purpose.

You can, at any time, opt out of receiving our marketing material by contacting us. Once you opt out of receiving marketing material from us, you agree and acknowledge that this removal from our distribution lists may take several business days after the date of your request to be removed.

You agree and acknowledge that even if you opt out of receiving marketing material, we will still send you essential information that is necessary, or we are legally required, to send you relating to the services we provide.

Data analytics is a service we use which tracks software products offered by us and transmits that data in a form accessible to us.  We use data analytics to collect information about the use of our software products to monitor system performance, test systems and develop and implement upgrades to systems.  We may use data collected by data analytics for the purpose of interpreting the usage of our software products, to evaluate, improve and develop the software products, and for our internal business purposes.

We are committed to the protection of personal information from unauthorised use or access.  We take reasonable steps to protect personal information from misuse, interference and loss, unauthorised access, modification or disclosure and to comply with the APPs. 

Digitally stored personal information is password protected.  Passwords are only provided to those employees of Genie Solutions who require access to the records in the course of their duties in providing our customers with our services, such as troubleshooting and monitoring system functionality.

Notwithstanding the reasonable steps taken to keep information secure, security cannot be guaranteed and breaches may occur.  In the event of a security incident we have in place procedures to promptly investigate the incident and determine if there has been a data breach involving personal information, and if so, to assess if it is a breach that would require notification.  If it is, we will notify affected parties in accordance with the Act.

If you reasonably believe that there has been unauthorised use or disclosure of your personal information, please contact us immediately.

Where we hold personal information, and the information is no longer needed (or no longer required by law to be retained by us), we will take such reasonable steps in the circumstances to destroy the personal information or to ensure that the information is de-identified.

Any files that are destroyed are done so through secure electronic destruction processes.

We may make changes to this Policy from time to time to take account of changes to relevant laws and technology, changes to our business operations and practices and general changes to the external business environment.  A current copy of the Policy is maintained on our Site.

Access and accuracy of personal information

You have the right under the Act to seek access to your personal information held by us, and we take all reasonable steps to ensure that your personal information held by us is accurate, up-to-date, complete, relevant and not misleading.  If you want to access your personal information, or if you believe that it is incorrect, incomplete or out of date, please contact us in writing (see below).

We will respond to any such request within a reasonable period and we will grant access provided the request does not fall under one of the exceptions to access stated in the APPs.  We may charge a reasonable fee for providing that information. 

Access may be denied in certain circumstances permitted under the Act (such as where the request creates a serious threat to the life or safety or is otherwise unlawful).

If you want to make a complaint about our management of personal information, to correct information or request further information, please contact us. Our Privacy Officer will contact you about your complaint as soon as reasonably practicable and we will attempt to resolve it with you.

If you are not satisfied with the outcome of your complaint, you may refer your complaint to the Office of the Australian Information Commissioner by contacting 1300 363 992 or by visiting the website www.oaic.gov.au. Further information about the Act and the APPs is also available from the Office of the Australian Information Commissioner.

If you wish to contact Genie Solutions in relation to any privacy related matter, please use any of the following methods of contact:

Email: privacy@geniesolutions.com.au
Phone: 1300 889 362
Address: PO Box 2034, Fortitude Valley QLD 4006