Privacy Policy

Effective Date: 10 January 2019
OUR PRIVACY COMMITMENT TO YOU

Lucky Health Pty Ltd (ACN 613 773 149) (‘Lucky Health’, ‘we’, ‘us’, or ‘our’) is an Australian technology company specialising in the provision of an innovative mobile application designed to assist end users to manage and adhere to their treatment plans in a positive, effective and rewarding way (Perx App) and other health and wellbeing services made available through the Perx App and other online platforms and websites provided by Lucky Health (collectively the Services). We have services agreements with a number of organisations including insurers, pharmaceutical companies and medical providers (Commercial Partners) pursuant to which we make the App available for use by people like you. We also have arrangements with a number of business partners for the provision of rewards (such as discounted goods or services)to users based on reported adherence through the Perx App (Rewards Partners).

We encourage you to read this Privacy Policy carefully so that you understand both our commitment to you and your privacy, and how you can participate in that commitment. Should you have any questions about this policy or our privacy practices, please email us at support@perxhealth.com.

ABOUT OUR PRIVACY POLICY

This Privacy Policy outlines how we manage your personal information and the steps we take to ensure that we comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). Our Privacy Policy describes the personal information we may obtain about you as well as how we collect, use, store and disclose your personal information, and how we protect that information in accordance with applicable data privacy laws. This Privacy Policy applies to all your dealings with Lucky Health in relation to your use of the Perx App and our Services.

WHAT IS YOUR PERSONAL INFORMATION?

When used in this Privacy Policy, personal information means any information or opinion relating to an identified or identifiable natural person. Personal information includes information such as your name, age, gender, postcode and contact details. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

WHAT IS YOUR HEALTH INFORMATION?

When used in this Privacy Policy, health information means any personal information relating to the physical or mental health of a natural person including information about the provision of health care services to a natural person. For example, health information may include any condition, type of medication prescribed, regularity of medication consumption, medication schedule, implied adherence data and health insurance details.

WHAT PERSONAL INFORMATION DO WE COLLECT?

We will need to collect certain personal information about you in order to grant you access to the Perx App and to provide our Services to you. We may collect the following types of personal information relating to you:

  • name;
  • mailing or street address;
  • email address;
  • telephone number and other contact details;
  • age and/or date of birth;
  • health insurance and/or pharmacy details or such other identifier or signup code as is provided by the relevant Commercial Partner that authorises your access to our services (where your access to our services is provided through your membership or affiliation with an entity that is a Commercial Partner of ours);
  • location data, IP address and other standard web log information;
  • any additional information relating to you that you provide to us directly through our website or the Perx App or indirectly through your use of our website or the Perx App or online presence or through other websites or accounts from which you permit us to collect information;
  • information you provide to us through customer surveys; or
  • any other personal information that we require in order to facilitate your dealings with us.
WHAT HEALTH INFORMATION DO WE COLLECT?

With your consent, we may also collect certain health information about you including but not limited to:

  • your medical conditions;
  • your medication brand names, drug names, dosage and other relevant information;
  • your medical and health improvements, results and outcomes;
  • the timing and regularity of your medication schedule;
  • your consumption of medication, both verified through the Perx App and self-reported;
  • photos of your medication as uploaded into the Perx App by you from time to time;
  • your prescription scripts both issued and dispensed;
  • your implied adherence rate, both verified by the Perx App and self-reported;
  • your General Practitioner’s name and practice details;
  • your insurance provider;
  • your insurance membership number;
  • your insurance policy type;
  • your medical appointments and bookings;
  • the pharmacy locations you have visited; and
  • any other health information that we require in order to facilitate your dealings with us.
HOW DO WE COLLECT YOUR INFORMATION?

Where possible we will collect personal information directly from you, however in certain circumstances it may be necessary to collect information about you from third parties. If we receive information about you from someone else, we will take reasonable steps to make you aware of the facts and circumstances of that collection.

We may collect your personal information in a number of ways including:

  • when you use our website or the Perx App;
  • when you communicate with us through post, telephone, chats, email, or when you share information with us from other social media applications, services or websites;
  • when you interact with our site, Services, content and advertising;
  • through our Commercial Partners
  • with your consent, through your medical practitioner;
  • with your consent, through your pharmacy dispensing records;
  • with your consent, through medical information systems such as government health records, systems used by medical professionals, pharmacy management systems and other similar systems; or
  • while conducting customer satisfaction and market research surveys.

You may choose to deal with us on an anonymous basis or using a pseudonym. However, you acknowledge that if you do not provide us with the information we request, or if the information you provide to us is not accurate, our ability to provide the Perx App or the Services, or to otherwise fulfil the purpose for which you have provided your information may be severely limited.

WHAT HAPPENS IF WE RECEIVE UNSOLICITED PERSONAL INFORMATION?

If we receive personal information that we did not take any active steps to collect, we will determine whether we would have been permitted to collect that information as part of providing our Services in accordance with the law. We will destroy or de-identify unsolicited personal information that we would not collect as part of providing our Services if it is lawful to do so. If the information is of the type that we would ordinarily collect to provide our Services, we will manage that information in accordance with this Privacy Policy.

WHY DO WE COLLECT YOUR PERSONAL INFORMATION?

We will generally explain at the time we collect your personal information the purposes for which we will use it. We will only ever use your personal information for the purpose that we collected it or as otherwise set out in this Privacy Policy.

We may collect, hold, use and/or disclose your personal information for the following purposes:

  • to enable you to access and use our website, the Services and the Perx app;
  • to improve our Services (including our website and the Perx App) via internal research and development;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and any other information requested by you;
  • to administer and establish your eligibility for rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties;
  • to carry out our obligations to you under our Terms and Conditions of Use; and
  • for the purposes of direct marketing as detailed below.
DO WE USE YOUR PERSONAL INFORMATION FOR DIRECT MARKETING?

We may use your personal information to send you direct marketing communications and information about our services and products, and other related services and products if we have your permission or a legitimate interest in doing so. The Commercial Partner who authorised your access to the Perx App (if any) may also use your personal information for direct marketing purposes. In addition, our Rewards Partners may send you direct marketing communications and information but only where you have accepted a reward from them through the Perx App. We will not disclose any of your personal information to a third party for the purpose of direct marketing unless they are one of our Commercial Partners or Rewards Partners.

Direct marketing communications may take the form of emails, SMS, mail or other forms of communication, sent in accordance with the Spam Act 2003 and the Privacy Act. If you do not want to receive marketing material directly from us, you may opt-out by contacting us using the details set out in the Contact Us section below or, where the marketing material is sent via email, by following the ‘unsubscribe’ instructions that appear at the bottom of all marketing emails we send to you. If you wish to opt out of receiving marketing communications from our Commercial Partners or Rewards Partners you should contact them directly, or follow the ‘unsubscribe’ instructions that appear in the marketing communications sent by them (if any).

You acknowledge that we may receive remuneration from our Commercial Partners or Rewards Partners for communicating with you about their products or services, or for providing you with promotional items from them.

WHEN WILL WE DISCLOSE YOUR PERSONAL INFORMATION TO THIRD PARTIES?

The information we collect from you will be kept strictly confidential and secure at all times. Where it is necessary to disclose your personal information to third parties this will be done in a manner that is consistent with the APPs and only for a purpose consistent with the purpose for which the information was originally collected from you.

Importantly, we will not give, sell, rent, loan or otherwise disclose any personal information (including health information) to any third party, unless:

  • you would reasonably expect us to disclose the information in the course of providing the Services or the Perx App to you;
  • you have authorised us to do so;
  • such disclosure is provided for under contract, including under this Privacy Policy or our Terms and Conditions of Use;
  • we are legally required to do so, for example, in response to a subpoena, court order or other legal process;
  • we need to enforce or apply our Terms and Conditions of Use to which you have agreed (or other terms that have been agreed to apply to our relationship with you);
  • it is necessary to protect the rights and interests, property, or safety of Lucky Health, our clients or others;
  • our agents or contractors who assist us in providing the Services (including our Commercial Partners and Rewards Partners) require such information, for example in fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services and rewards or in other tasks from time to time. Our agents and contractors (including our Commercial Partners and Rewards Partners) will only use your information to the extent necessary to perform their functions;
  • all, or most, of the assets of Lucky Health or any single business unit within Lucky health are merged or acquired by a third party, or we expand or re-organise our business, in which case your personal information may form part of the transferred or merged assets; or
  • for any other purpose authorised by law.
DE-IDENTIFIED INFORMATION

We may use your personal and medical information in de-identified form (de-identification being a process by which a collection of data or information is altered to remove or obscure personal identifiers and personal information) to assist us in running our business. We may also provide de-identified information in aggregated form to third parties for research, marketing and other purposes.

This information may include (but is not limited to):

  • locations of users;
  • use of particular medicines;
  • implied medication adherence rates and patterns (both verified and self-reported);
  • medical and health improvements, results and outcomes;
  • dispensary records of scripts filled/not filled, and script filling behaviour and patterns that users have been prescribed by their medical professional; and
  • functions accessed by users including analytics of use of our products and services. When your personal information and health information is included in de-identified, aggregated data, it is not possible to identify you or anything about you from that data.
DISCLOSURE OF INFORMATION OUTSIDE AUSTRALIA

We may disclose personal information and health information outside of Australia but only to third party service providers that are engaged by us to act on our behalf and assist with our business functions and delivery of the Services and the Perx App. If we transfer your information to third parties outside Australia, we will take steps to ensure that your privacy rights continue to be protected to ensure that these third parties are either covered by data privacy laws substantially similar to those in Australia or the relevant third party adheres to data privacy standards substantially similar to the APPs.

USING OUR WEBSITE AND COOKIES

While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our website may not work as intended for you if you do so.

We may also use cookies to enable us to collect data that may include personal information. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.

HOW IS YOUR PERSONAL INFORMATION PROTECTED AND HOW LONG IS IT KEPT?

We employ a variety of security technologies and measures designed to protect your information from unauthorised access, use, or disclosure. For example, we use data encryption (at rest and in transit), firewalls and other security devices for our computer systems and cloud-based services. All of your personal information is stored on secure servers located in Australia which are protected by locked cages, 24/7 onsite security and surveillance and biometric access controls and all web-hosting is SSL-encrypted.

In addition, we have procedures that limit the access our employees and contractors have to your personal information. Only those people with a genuine need to know will have access to such information. We educate our employees about the importance of confidentiality and privacy through standard operating procedures and internal policies on data privacy and corporate integrity.

Your information is kept while we need it to provide the Services to you and where applicable, for as long as we are required to keep it to comply with relevant statutory requirements. Where we determine that it is no longer necessary to hold your personal information we will securely destroy, delete or permanently de-identify that information to the extent it is possible to do so.

If we become aware of unauthorised access to or disclosure of your personal information, we will take appropriate steps to rectify the data breach and notify you as soon as practicable and provide you with a description of the breach, the type of information involved and any recommended actions you can take to protect yourself.

LINKS

Our website and application may contain links to websites and services operated by third parties. Those links are provided for convenience only and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those links, and have no control over or rights in those links. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those links.

ACCESSING OR CORRECTING YOUR PERSONAL INFORMATION

You can access the personal and health information we hold about you by contacting us at support@perxhealth.com. We will need to verify your identity before allowing you to access your personal information.

We may refuse to allow you to access your personal information where:

  • access would pose a serious threat to life or health of an individual;
  • access would have an unreasonable impact on the privacy of others;
  • the request is frivolous or vexatious;
  • the information relates to a commercially sensitive decision-making process;
  • access would be unlawful;
  • access would prejudice enforcement activities relating to criminal activities and other breaches of law;
  • access relates to existing or anticipated legal proceedings; or
  • denying access is required or authorised by or under law.

If we cannot provide you with access to your information, we will advise you of the reasons in writing.

If you think that any personal or health information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.

MAKING A COMPLAINT

If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal or health information, you can contact us at support@perxhealth.com. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time.

If you think that we have failed to resolve the complaint satisfactorily, you may refer the matter to the Officer of the Australian Information Commissioner:

Mail: GPO Box 5218, Sydney, NSW 2001

Online: https://www.oaic.gov.au/privacy

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

CONSENT AND CHANGES TO OUR PRIVACY POLICY

By using our website, Services or the Perx App or by accepting our Terms and Conditions of Use which refer to this Privacy Policy, you are agreeing to the collection, use and disclosure of your personal information in accordance with the terms of this Privacy Policy.

We may change this Privacy Policy from time to time. We will let you know that the policy has changed by emailing you at the email address provided by you to us (if any) and also via a notification in the Perx App. Your continued use of the Perx App or our Services following notification of a change to this Privacy Policy indicates that you accept those changes. Through this document we will always let you know the information we collect, how we use it, and the circumstances under which such information may be disclosed by us.

CONTACT US

For further information about our Privacy Policy or practices, or to access or correct your personal information, or to opt-out of receiving marketing materials from us, or to make a complaint, please contact us using the details set out below:

Perx Support Team

support@perxhealth.com

For more information on your privacy you can visit https://www.oaic.gov.au