Privacy Policy

What information do we collect?

The Privacy Act 1998 (Cth) (“Privacy Act”) defines types of information, including Personal Information and Sensitive Information. This Privacy Policy applies to the collection of your Personal Information and/or Sensitive Information.

Under the Act:

Personal Information is information about an identifiable individual, whether true or not, and whether recorded or not.

Sensitive Information includes information such as an individual's health, ethnicity, religious beliefs, or membership of professional bodies.

For the purposes of this Privacy Policy ‘Information’ refers to Personal Information and Sensitive Information, as the case may be.

The kind of Information we collect depends on how you use the Platform and Services. It may include:

• name, date of birth, profession and personal contact details including email and/or phone number;
• your location (state or postcode), IP address and the date and time of your access to our Platform or Services;
• communications from you including survey responses, testimonials, feedback or complaints;
• details about your family members, including your parents, or persons close to you, your care preferences, your parents medical and health conditions and your activities relating to care;
• general health and wellness information which you provide to us;
• any information you choose to share with us, either directly or when using our Services or Platform;
• information about your health and any medical condition, Medicare number, your health insurance fund and your communications with health professionals;
• IP address, device type, browser type;
• Platform usage data (e.g., session duration, features accessed);
• Session identifiers (temporary, non-personal);
• Cookies to understand Platform use and customise your experience (these do not generally identify you personally); and
• any other information of any kind in any form provided by you or any health professionals engaged by you.

How we collect your Information

To provide our Services we need to collect Information.

We may collect Information from you in multiple ways, including via the Platform, telephone and email, from individuals or representatives that you have authorised and from health professionals and their medical practices or health care clinics.

We collect your Information when:

• you use of Services;
• access the Platform;
• you contact us;
• engage a medical practitioner or health care provider who uses our Services or provides with your Information;
• you provide it to us directly.

Where you are using the Services on behalf of someone else such as a child, spouse or other person (a third party user or “TPU”), by accessing and utilising the Services on behalf of that person you affirm and warrant that you have obtained all necessary consents and authorisations from such TPU to (i) enter and submit the TPU's Information to use the Services, and (ii) for us to collect and use the Information of the TPU in accordance with this Privacy Policy. You further warrant that you possess the necessary legal authority to grant this consent and authorisation on behalf of the TPU, thereby binding the TPU to this Privacy Policy. In instances where the TPU is a minor or is otherwise incapable of entering into a contract, you affirm your authority to agree to compliance with Privacy Policy on their behalf.

Purpose of Collection and Use

Through the course of engagement, you or a person or organisation nominated by you, such as your doctor, TPU or a health care provider, may choose to share Information with us. We collect and use your Information to:

• Provide you with the Platform and/or our Services;
• Plan, provide, maintain, monitor, protect, evaluate and improve our Services and develop new Services;
• Facilitate administrative services, billing processes, payments, and the recovery of debts;
• Promote the services of third-parties which we deem may be of interest to you;
• Provide you with personalised support and services;
• Direct you to appropriate resources, guides, and support services;
• Ensure your safety and the safety of others;
• Improve and develop our Services;
• Analyse and enhance user experience;
• Train our staff, contractors, and other personnel to ensure high standards of service;
• Engage in risk management activities and managing legal liabilities and claims, including interactions with insurers and legal representatives;
• Address enquiries and resolving complaints related to our services;
• Seek advice from consultants, professional advisers, and other experts to support our operational decisions; and
• Comply with our legal and regulatory obligations.

We may use your Information as follows:

Third Party Practices

You hereby acknowledge and agree to us sharing your Information with third parties, such as clinics, practices, physicians, doctors, allied health clinics and health professionals that offer medical and health related services in Australia, in connection with our Services;

Information You Provide

You will be required to provide Information. We may utilise the Information you submit in order to provide our Services to you, confirm your identity, manage our relationship with you and contact you.

Cookies

When you use the Services, we may use common technologies such as cookies and web beacons to keep track of users' interactions with the Platform to improve the quality of the Services. We may also collect your Internet Protocol (IP) address to track and aggregate non-personally identifiable information, your referring website addresses, browser type, domain name, and access times.

Log Information

When you access the Services, our servers automatically record certain information. These server logs may include information such as your web request, your interaction with a service, IP address, browser type, browser language, the date and time of your request, and one or more cookies that may uniquely identify your browser.

Communications

When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our Services. We may use your email address to communicate with you about our services.

Third Party Applications

We may make available third party applications, during the provision of the Services. The information collected by us when you enable a third party application is processed under this Privacy Policy. Information collected by the third party application provider is governed by their own privacy policies.

Other Third Parties

We may also disclose de-identified information of our users to third parties that collect and process data for analysis, research and quality assurance purposes.

Other Websites

This Privacy Policy applies to our Platform only. We do not exercise control over any websites displayed or linked from within our Platform. These other websites may place their own cookies or other files on your computer, collect data or solicit Information from you.

If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.

You hereby expressly consent to us reporting our findings to a medical professional or emergency services, which includes disclosing your personal information to that third party, if we determine there is a harm to you or others.

Storage and Data Retention

Clear Labs is committed to the protection and privacy of Information entrusted to us by our users. In alignment with this commitment, all Information collected through our Platform, Services, provided by you or our third party affiliates (including healthcare providers) or any interactions related to our business operations, is stored on secured servers provided by Vercel which are located in Australia. You hereby consent to your Information being processed and stored in Australia.

No Information will be transferred or stored outside Australia without appropriate safeguards.

In some circumstances, the European Union General Data Protection Regulation (“GDPR”) provides additional protection to individuals located in Europe. The fact that you may be located in Europe does not, however, on its own entitle you to protection under the GDPR. Neither our Platform, website and Services do not specifically target customers located in the European Union and in fact target people located in Australia, we also do not monitor the behaviour of individuals in the European Union, and accordingly the GDPR does not apply.

You acknowledge that if you request us to transfer your Information to an overseas recipient, the overseas recipient may have laws which are different and potentially not as protective as the laws of your own country. In the circumstances, we do not require the overseas recipients to comply with the Australian Privacy Act 1988 (Cth) and we will not be liable for any mishandling of your information in such circumstances.

Security Measures

We undertake to employ reasonable security measures to safeguard your Information against unauthorised access, alteration, disclosure, or destruction of data, including Information. Our security practices include, but are not limited to, the application of standard industry encryption methods during the storage and transfer of Information, the implementation of access controls and monitoring systems to regulate access to data, and the enforcement of strict confidentiality obligations on our team members and service providers who are granted access to Information.

We also ensure access to information is restricted to authorised personnel only and governed by internal access controls and clinical reviewers are bound by professional confidentiality obligations.

We do not warrant that these security measures will prevent any unauthorised access to or unauthorised alteration, disclosure or destruction of the data. We disclaim all liability in relation to any unauthorised access, alteration, disclosure or destruction of data that is outside our reasonable control.

We take endeavour to ensure the information we hold is accurate, up-to-date, complete, and relevant to the purposes for which it is used.

Data Retention

We may review, monitor and retain data we collect in relation to your use of our Services. This data contains meta data and does not include your Information. You may request deletion of your conversation data by contacting us as set out in this Privacy Policy.

Access and Control of your Information

Under the Australian Privacy Principles, you have rights regarding your information:

• Access (APP 12): You may request access to information we hold about you.
• Correction (APP 13): You may request correction of any inaccurate or incomplete information we hold about you.
• Deletion: You may request deletion of your conversation data, subject to:
  • Legal and regulatory retention requirements;
  • Legitimate business purposes (such as ongoing safety monitoring); and
  • Technical limitations.
• Complaints: You have the right to make a complaint about our handling of your Information.

To make a request for access, correction or deletion of your Information please contact us at support@clearlabs.com.au with sufficient details to identify you and handle your request.

We will endeavour to respond to access, correction, or deletion requests within 30 days. In some circumstances, we may not be able to provide access, make corrections, or delete data (for example, where retention is required by law or where deletion would compromise safety monitoring).

Disclaimer and Release

You acknowledge and agree that Clear Labs disclaims all and any guarantees undertakings and warranties, expressed or implied, in the provision of the Services and is not liable for any loss or damage whatsoever (including personal injury or property damage, negligence or otherwise, incidental or consequential loss or damage) arising out of, or in connection with the Services or your Information, to the fullest extent permitted by law.

Where we cannot exclude such liability under the Competition and Consumer Act 2010 (Cth), our liability to you will be limited to: (i) if the breach relates to goods, the replacement or repair the goods or (ii) if the breach relates to services, the supply of those services or the payment of the cost of those services supplied again.

You hereby release, discharge and hold harmless Clear Labs from all actions, proceedings, claims or liabilities brought against or made upon Clear Labs by you arising directly or indirectly in connection with the provision of the Services, whether in contract, tort (including negligence), breach of statutory duty or otherwise, on the part of Clear Labs. For the avoidance of doubt, this release extends to all directors, officers, employees, contractors, agents, representatives, licensees or permitted assigns of Clear Labs.

Changes to this Privacy Policy

We may amend or vary this Privacy Policy from time to time, in our sole discretion, by publishing the amended Privacy Policy on the Platform. You should review this Privacy Policy periodically so that you are updated on any changes. The Privacy Policy that applies to your use of the Services is the Privacy Policy in effect at the time of your use of the Services. By accessing or using the Services after we have posted any such changes, you accept the amended Privacy Policy. If you do not agree to the updated terms of use, you must cease using the Services.

Sale of Business

If we, or any of our group companies, merge with, or is acquired by, another business, sells all or a portion of its assets, or undergoes reorganisation, financing or change of control, your Information may be disclosed to our advisers and any prospective purchaser's adviser and may be among the assets transferred/sold to an acquirer. However, your Information will always remain subject to this Privacy Policy or one substantially similar hereto.

Governing Law

This Privacy Policy and any contract to which they apply is governed by the laws of New South Wales and are subject to the jurisdiction of the courts of New South Wales.

Contact and Feedback

Clear Labs takes your privacy concerns seriously and is committed to transparent and fair resolution of complaints.

Any feedback, comments, ideas, improvements, or suggestions (collectively, “Feedback”) provided by you to Clear Labs with respect to the Services becomes the sole and exclusive property of Clear Labs. By submitting Feedback, you irrevocably assign to Clear Labs all of your right, title, and interest in and to your Feedback, including any intellectual property rights therein. Clear Labs shall be entitled to the unrestricted use and dissemination of this Feedback for any lawful purpose, commercial or otherwise, without acknowledgment or compensation to you. You hereby waive any moral rights you may have in such Feedback and agree that you have no recourse against Clear Labs for any alleged or actual infringement or misappropriation of any proprietary rights in your Feedback.

For all privacy enquiries, access or correction requests, complaints, or general questions you may contact us by email at support@clearlabs.com.au.

For complaints not resolved to your satisfaction you may contact the Office of the Australian Information Commissioner www.oaic.gov.au.