Updated: 15 March 2020
1. What information does The CPAP Clinic collect?
The personal information we collect depends on which of our services you use and the information you choose to provide.
For end users of our products and services, we may collect:
- your name;
- your date of birth;
- your gender;
- your contact details (address, email address and phone number);
- your payment/financial information;
- your Medicare number and details;
- your health insurance information;
- information about your healthcare professionals, including your treating physicians;
- identification and background information;
- your image or a photograph of you;
- your authorised representative or guardian’s name and contact details;
- information about the products and services you use from us and externally;
- your sleep, health, and health-related lifestyle information;
- any other information you provide to us.
We generally collect information about you when:
- you register an account with us;
- you interact with us, e.g. when you call, email or visit our website and social media channels;
- when you make an appointment or visit one of our clinics;
- when we receive information and prescriptions from your healthcare professional;
- you sign up to receive marketing communications, interact with us via social media or other on-line platforms (including when you participate in on-line communities) or participate in promotional offers and surveys;
- your healthcare professional provides us data in relation to your medical care;
- we provide products and services on behalf of third parties that you have a relationship with, such as pharmacies and other medical clinics.
In certain circumstances, we may also collect publicly or commercially available personal, identity, geographic and demographic information about you.
If you are a health professional using our services, we collect information about you and your practice, qualifications of practitioners, information about the products you purchase and the services you use, and any other information you provide to us. We collect information about you when
- you register an account with us;
- you register to attend conferences and meetings with us or with third parties;
- we engage you to provide us with a service;
- you interact with us, including when you meet with our sales representatives and attend training for our products and services;
- you purchase our products.
In most cases, we collect personal data about you from you, but in some circumstances, we may receive personal data about you from third parties, such as
- family members, legal guardian/s and/or a person you have authorised to provide your personal information to us; and
- health professionals and their practices (e.g. via their practice management software) that may be involved in your care.
When you visit our websites or use any of our mobile applications, we collect:
- technical data such as your internet protocol (IP) address, login data, your browser type, browser activity and related information;
- information about the computer system you are using including the type of system and operating software;
- Analytics data which we may collect directly or via third party tools to help us measure traffic and establish trends for our products and services;
- any information you may enter or share with us.
2. How do we use your personal data?
The CPAP Clinic primarily uses your personal information to provide the services or information that you have chosen to receive. We may also use your information
- to provide you with our products and services such as sleep testing, sleep apnea, respiratory treatment or general wellness products or annual reviews, or to respond to your requests for information or materials, and to create, develop and maintain our relationship with you;
- To process payments;
- to communicate with you via telephone and unencrypted email and text messages (SMS messages), including to send you:
- newsletters and patient information sheets
- information relating to products, programs, services or general information we believe may interest you; and
- relevant, timely marketing messages.
You will be able to stop receiving these communications at any time by
- clicking on the “Unsubscribe” link on email correspondence
- replying “Stop” to SMS correspondence or
- emailing email@example.com.
- to target communications to you on social media platforms.
- to communicate with your health insurer and healthcare providers, e.g. to update them with your treatment outcomes if they have referred you to us for treatment or support.
- to undertake quality assurance measures, statistical analyses, surveys and research (including market research) to enhance existing, and develop new products and services, including improvements to our websites.
- to fulfil our legal, regulatory and risk management obligations including initiating and defending any legal claims.
3. How do we protect, and how long will we retain, your personal information?
We will take reasonable steps to ensure that we protect the personal information which we may collect from misuse, interference and loss and from unauthorised access. We employ a number of different security and privacy controls comply with applicable data protection laws. Despite the security measures and steps taken by us, it is impossible to guarantee absolute security with respect to information sent through the internet. By interacting with us through the internet, you accept the inherent security implications of dealing online over the internet. We also rely on the accuracy of the personal information as provided by you, or by third parties. We will retain your personal information for the purpose of compliance with laws regarding medical data and financial record information, limitation periods for taking legal action, and good business practice.
4. Who do we share your personal data with?
- to provide you with products and services you have purchased, including parties that are subcontracted to assist us in providing these services;
- for legitimate business purposes (e.g. third party providers such as IT and software services providers, payment service providers, data hosting, marketing, order fulfilment, shipping providers, third parties that collect and process data such as Google reCAPTCHA, and our professional advisers and consultants such as lawyers).
- with any affiliate or subsidiary of The CPAP Clinic.
- if we are required to do so by law, or for legal proceedings;
- with your consent.
5. Your rights to your personal information?
You are entitled to request access to your personal information, that your information be deleted or de-identified, or that we correct inaccuracies regarding your information.
If you request that we delete or not process your information, we will be unable to perform the actions necessary for us to provide you with services and products, or otherwise respond to your requests.
In some situations we may not be able to comply with your request with respect to your personal information to the extent required or otherwise permitted by law (e.g. we may be required by law to retain certain information that you have requested to be deleted, or in relation to legal proceedings).
To advise us of any changes to or make requests regarding your personal data, or if you wish to make a complaint about a breach of your privacy, you can contact our Privacy Officer on the details below. You may also have the right to lodge a complaint in relation to our processing of your personal data with a local supervisory authority.
The CPAP Clinic Pty Ltd
Suite 103, 6 Eden Park Drive,
Macquarie Park NSW 2113
6. Links to other sites
Our website, applications and other communications may from time to time include links to third-party sites whose information and privacy policies may differ from ours. You should consult the other sites' privacy policies, as we have no control over information that is submitted to, or collected by, these third parties.