1. Privacy Statement
2. Kinds of Personal Information Collected
In the course of conducting our business, we collect personal information from you including, but not limited to:
- Your full name;
- Your title;
- Your contact details (including street address, postal address, email address, phone number and fax number);
- Your emergency contact details;
- Your time zone;
- Your gender;
- Your date of birth;
- Your place of birth;
- The languages you speak;
- Your marital status;
- Your next of kin;
- Your general practitioner’s name and contact number;
- Your occupation and employment status;
- Location information;
- Transactional information including method of payment and your consultation dates and times;
- Your reasons for using the Website or any of our products and services;
- Your preferences and opinions relating to the Website or any of our products and services;
- Information received through the provision of administrative services by us; and
- Logs, which may include information such as your Internet Protocol (IP) address, browser type, browser version, clickstream data, the pages of the Website that you visit, the features of the Website, activities or actions you do while using the Website, the time and date of your visit to the Website, the time spent on any pages of the Website, the number of consultations that you have, the duration of each consultation, the technical performance of your video calls, and other log related information relating to your use of the Website.
3. Use of Personal Information
Talked (including its staff, contractors and volunteers) will use the personal information you provide in the provision of services to you.
We may use the personal information you provide for evaluating, improving, personalising and developing our business, the Website, our other products and services, and to protect our users. We may also use your personal information in the course of:
- improving the Website, our other products and services, and user satisfaction;
- providing and delivering the Website and our other products and services to you;
- providing support to you (including technical support) with regard to the use of the Website and our other products and services;
- promoting and delivering our Site and our other products to organisations and individuals;
- assisting in the provision of administrative services to the Therapists;
- our internal research and statistical purposes (including market segmentation and customer value analysis);
- enabling us to forward to you other information or material which we believe may be of interest to you, or that you have indicated you may be interested in receiving.
We automatically gather information to monitor the use of the Website and our other products and services. Most of the data we collect is aggregated, and such aggregated information is effectively anonymous to us.
4. Information Retained by Therapists
All of the Therapists providing their Services for Talked are independent practitioners and are not employed by us. However, they are all registered members of professional bodies which stipulate best practices for information management and the provision of Services.
Your Therapist may gather additional information during the sessions you have together. Often, your Therapist will make notes about your session, either during or immediately following your appointment. This information is used by your Therapist to provide the best possible Service to you. Your Therapist is responsible to ensure that this information is securely held according to the confidentiality policies stipulated by their governing professional organisations and in accordance with Australian privacy law.
We may collect and store the clinical notes and/or clinical assessments of Therapists who are registered with us, which relate to your consultation with the Therapist if we are requested to do so by the Therapist or the Therapist chooses to store this information on the Talked Therapy Platform. The personal information we collect is reasonably necessary for the purposes of conducting and improving our business and our products and services. Given the nature of the products and services we offer, some of the information we collect may be sensitive information including health information. This information may be collected in a number of ways, including:
- through the Website;
- through the Services;
- through our account creation process on the Website;
- from our users;
- through the administrative services provided by us;
- through marketing research including surveys;
- from competitions and surveys;
- through any of our other business activities or events;
- through a person seeking employment with us, having been employed by us or being employed by us; and/or
- by otherwise having some form of contact with a person, such as by personal contact, mail, telephone, email, video teleconferencing, Internet or other forms of telecommunication.
We endeavour to only collect personal information about you from you, where it is reasonable and practical to do so.
5. Disclosure of Personal Information
In the course of conducting our business, we may also disclose your personal information to other entities including:
- external service providers, so that they can provide products and services in connection with the operation and improvement of our business;
- our affiliates, including but not limited to other organisations and businesses within our group of organisations;
- as required by any Court order; and
- as permitted under the Privacy Act or any other applicable law.
We will not use or disclose information about individuals for other purposes without consent, except in exceptional circumstances, such as if the disclosure is required by law or is necessary to protect the rights or property of Talked or any other individual, or to lessen a serious threat to a person’s health or safety. This may include if we have concerns that there is a serious threat to your health or safety.
Certain services we provide and features on the Website are open to any other account holders to view, including, but not limited to, our blog (if any), community forum (if any) and certain aspects of your personal user profile. Any information you create or post in these locations may be available and accessible to other users of the Website.
The Website may also enable you to upload, post, transmit, display, perform or distribute content, information or other data, which may include your personal information. Any information that you choose to disclose by means of such features will become public information.
We strongly urge you to exercise caution when deciding to disclose your personal information by such means. You agree to assume all responsibility for all personal information that you have made public.
6. Storage and Security of Personal Information
We will use all reasonable endeavours to maintain the security of the personal information we collect against misuse, interference, loss, unauthorised access, modification or disclosure.
Data transmissions over the Internet cannot be guaranteed to be fully and absolutely secure. The Website and our services have security measures in place designed to protect against the loss, misuse and alteration of the information under our control. The precautionary steps we have taken or plan to take to protect personal information include:
- storing all our cloud information in Australia by way of our secure and encrypted servers;
- external messaging of data is not permitted;
- adopting measures to protect our computer systems and networks for storing, processing and transmitting personal information;
- adopting procedural and personnel measures for limiting access to personal information by our staff;
- regularly reviewing our information collection, storage and processing practices; and
- secured encrypted servers, password protection for electronic files, multi-factor authentication procedures, securing paper files in locked cabinets and physical access restrictions.
We cannot ensure or warrant that your personal information will always be secure during transmission or protected from unauthorised access during storage therefore you provide your personal information to us at your own risk. Please contact us immediately if you become aware or have reason to believe there has been unauthorised use of your personal information in connection with the Website.
7. Cross-Border Disclosures
We may disclose personal information to outsourced information technology service providers, including cloud computing providers and data storage providers, based overseas and located in the United States of America and Europe.
With the exception of the above, we will only disclose your personal information to an overseas recipient if:
- you consent to the transfer; or
- the disclosure of the information is required, authorised or permitted by or under Australian law, other applicable law or a court/tribunal order.
If you use a Link to access a third-party website, you do so entirely at your own risk. You should always read the applicable privacy policies on the other website.
9. Accessing and updating your personal information
If you have established an account with us, you may access and amend your personal information through the Website after you log in. It is your responsibility to ensure that all of your personal information is accurate and kept up to date.
If you wish to amend personal information that we hold that you are not able to amend through the Website, please contact us by writing to us at firstname.lastname@example.org. We will reasonably endeavour to respond to your request for access within 7 business days. You are responsible for advising us of any changes to your personal information.
If you wish to delete your profile from the Website, please contact us by writing to our Privacy Officer at email@example.com. Please be aware there may be residual information left behind on our servers from your profile / personal information which is beyond our control. If applicable, any legal requirement on us to maintain certain records of your personal information shall prevail over any of your requests.
10. Mandatory Data Breach Notifications
Pursuant to the Privacy Act 1988, we are required to notify you and the Australian Information Commissioner if we suspect that a data breach (relating to your personal and/or health information) has occurred and there is a real risk of serious harm to you as a result of the breach.
11. Applicable Law
13. Contact Us
For any further information about this Policy please contact us at firstname.lastname@example.org.