Privacy policy.

The “Octadoc” website located at www.octadoc.au, app.octadoc.com.au and www.octadoc.com.au together with all related relevant domains (the “Website”) is owned and operated by Iatroz Pty Ltd (ACN 631 364 193) of Suite 13, 17 Karp Court, BUNDALL QLD 4217 (“Iatroz”, “we”, “us”, “our”).

Through the Website, we provide subscription-based software services intended for practitioners in the medical industry (the “Services”).

Your (“you”, “your”, “user”, “subscriber”) use of the Website and the Services is subject to this Privacy Policy, which should be read in conjunction with our Terms of Use available at:

https://www.octadoc.au/terms

 

Iatroz is committed to protecting your privacy and adhering to the Australian Privacy Principals and other applicable privacy legislation. This page constitutes the privacy policy applicable to your subscription to, and use of, the Website, our Services and the information that we make available through the Services.

Before providing us with any information, you should read this Privacy Policy so that you understand and are comfortable with the ways that we collect, store and use the information that is shared with us. 

  1. Contacting Us:

 

                  1.1 If you have questions or feedback about this Privacy Policy or about our use of your Personal Information or data, please contact us in writing.

 

                  1.2 All notices should be sent by email to hello@octadoc.com.au

  1. Types of Information:

 

                  2.1 For the purposes of this Privacy Policy, “Personal Information” is information that is personally identifiable, such as a person’s first and last name, mailing address, email address, billing information, telephone numbers and/or other online contact information.

                  2.2 “Personal Information” can also include data that is usually non-personally identifiable on its own, such as location data or IP addresses, data about personal attributes or online identifiers, but that combined with other data or information may identify a natural person either directly or indirectly.

                  2.3 “Sensitive Information” may include information relating to a person’s racial or ethnic origin, religious beliefs or affiliations, political opinions, philosophical beliefs, health or genetic information, sexual preference, membership of professional or trade associations or unions or criminal record.

 

       3. Collection of User Information:

                  3.1 We collect Personal Information as well as non-personally identifiable information when users visit the Website, use our Services or register an account with Iatroz (“Account”). We collect Personal Information from users in optional, voluntary submissions, including but not limited to: 

                     (i)Profile information via subscription forms or registrations when you subscribe to, access or use our Website or Services (including, but not limited to, your professional status, specialty and number of hours worked in relation to your relevant medical field);

                     (ii) If you sign up to our newsletters using your Personal Information;

                     (iii) If you make contact with us in relation to customer service requests or feedback;

                     (iv) If we make contact with you in relation to your Account;

                     (v) If you download software or mobile applications for the purpose of accessing our Services on mobile applications;

                     (vi) If you enter competitions or other promotions offered by us by providing your information in response to the entry requirements; or

                     (vii) If you make contact with us for other reasons, for example by submitting your curriculum vitae in the course of making an employment request.

                  3.2 We also collect data via automatic processes when users visit or access our Website or Services. We generally collect non-personally identifiable information in these processes, but sometimes the information collected may be personally identifiable. For example:

                     (i) We use technologies (such as cookies) to track user activity and engagement with our Services, and to record information about Website traffic, Website usage, user locations (for example, via IP addresses), user activity and user preferences;

                     (ii) We may track activity relating to your interactions with our direct mail communications; and

                     (iii) We may track activity relating to your interactions with links contained on our Website.

                  3.3 Some cookies may be associated with Personal Information about you and some may not. Wherever possible, we anonymise and pseudonymise the information we collect via cookies or other tracking technologies.

                  3.4 We may also obtain information from third-party sources. We may use analytics tools and other third party technologies to collect non-personally identifiable information in the form of various usage and user metrics when you use or access our Website or services. For example, we may use Google Analytics features to collect data about traffic to our Website using tracking technologies. The information that is collected is generally aggregated data that does not identify any individual user.

                  3.5 Third-party analytics companies may combine the information collected for us with other information they have independently collected, but we take care to ensure that the information collected for us is pseudonymous or anonymous so that users cannot be identified when the information is combined.

                  3.6 Iatroz does not generally collect Sensitive Information from users and subscribers. However, if Sensitive Information is collected, it will only be on the voluntary provision of users with their informed consent. If you do volunteer information to Iatroz, including Sensitive Information, you

are also providing consent for Iatroz to collect, store and use that information for the purpose of collecting it. 

 

  1. Collection of Patient Information:

                  4.1 Through the use of our Services, users may provide, and we may collect, Personal and or/Sensitive Information about third parties, including information about a user’s patients or other patients of a medical professional (“Patient Information”).

                  4.2 Prior to submitting any Patient Information, users are expected to remove any information that identifies a third party individual or could reasonably enable the identification of a third party individual, including, but not limited to, a user’s patients or other patients of a medical professional (see section 5 of our Terms of Use).

                  4.3 For the avoidance of doubt, if you provide us with Patient Information, it is your responsibility to ensure that:

                     (i) it is non-identifiable;

                     (ii) you are authorised to disclose that information to us;

                     (iii) without us taking any further steps under applicable data protection or privacy laws, we may collect, use and disclose such information for the purposes described in this Privacy Policy;

                     (iv) the individual concerned is aware of and/or consents to your use of their Patient Information, including the fact that their Personal Information is being collected in a nonidentifiable manner, the purposes for which that information is being collected, the intended recipients of that information and the individual’s right to obtain access to that information.

                  4.4 Where requested to do so by us, you must also assist us with any requests by an individual to access or update their Patient Information where you have collected from them and entered into our Website

                  4.5 Iatroz does not intentionally collect identifiable Patient Information. However, where Iatroz becomes aware (or is notified) that it has been provided (or has collected) Patient Information that is identifiable, Iatroz will:

                     (i) de-identify or delete such identifiable Patient Information; and

                     (ii) will not disclose such identifiable Patient Information to any third parties.

  1. Our Use:

 

                  5.1 Iatroz uses Personal Information and non-personally identifiable information to optimise user experience and to enhance our relationship with our users through communication, sharing features, marketing and advertising.

                  5.2 Iatroz collects and employs user information, without limitation to:

 

                     (i) Provide users with access to all parts of the Website and the Services;

 

                     (ii) Enable users to access the Website and the Services;

 

                     (iii) Confirm order details and process payments;

 

                     (iv) Provide users with customer support, respond to users’ requests or seek user opinions or feedback;

 

                     (v) Share communications such as newsletters, process transactions, send updates, receipts and newsletters regarding our Services or the Website and to connect users to Iatroz services and to the products and services of our partners and licensees;

 

                  (vi) Analyse information received from cookies and tracking technologies in order to personalise content and information, provide the most relevant information and services, administer, support and develop the Website and improve the Services;

 

                     (vii) Prevent abuse and fraud;

 

                     (viii) Conduct administrative and internal business purposes;

 

                     (ix) Conform to legal requirements or respond to legal processes or orders, whether or not a response is required by applicable law;

 

                     (x) Enforce the Terms of Use or this Privacy Policy;

 

                     (xi) Protect Iatroz’s rights; or

 

                     (xii) Protect the safety of users.

                  5.3 We and our authorised third parties may access, aggregate and otherwise use de-identified data (including Patient Information) provided to us by you via your use of our Website and Services:

                     (i) to audit, research, measure and analyse the information in order to maintain, administer, enhance and protect our products and services, including analysing usage trends and patterns and measuring the effectiveness of content, features or services;

                     (ii) for health and medical research, public health and service activities, healthcare and medical-related services; and

                     (iii) to prepare aggregate reports for current or future investors, advertisers, sponsors or other partners to show trends about the general use of our services. Such reports may include age, gender, geographic, demographic or other general user information, but will never include Personal Information or Patient Information that personally identifies you or a third party.

                  5.4 European Union and European Economic Area: This section is relevant to users in the European Union and the European Economic Area (“EU Users”):

                     (i) In accordance with the General Data Protection Regulations, we will not track EU Users’ activity or target EU Users using Personal Information without express consent from applicable users.

 

                     (ii) For the avoidance of doubt, Iatroz shall not direct personalised advertising and marketing to any EU Users without express consent from applicable users. This includes tracking activity using Personal Information or targeting users with advertising that uses Personal Information.

 

  1. Tracking Technologies:

 

                  6.1 Iatroz uses cookies to analyse their users’ engagement with their Website and the Services and to provide them with a better user experience.

                  6.2 Cookies are small files that are placed on browsers by websites in order to understand users engagement with particular websites. They also store settings and information to facilitate more convenient access to and use of web pages that have been previously visited. Cookies do not cause damage to a user’s computer and are not malicious files.

                  6.3 Most browsers automatically accept cookies, but users can usually choose to disable cookies by changing their privacy options in their browser settings. However, users should be aware that disabling cookies may result in experiencing technical problems with some parts of the Website because some functions on the Website will require enabled cookies.

                  6.4 Other tracking technologies used by Iatroz in the collection of user information include pixels, web beacons, clear GIFs or other similar technologies. These may be used in a similar way to the use of cookies – to track the actions of users and email recipients and provide reports about usage and engagement with the Website and the Services.

  1. When We Disclose Personal Information:

 

                  7.1 Generally, Personal Information will not be disclosed to individuals or organisations outside of Iatroz without your prior consent. However, Personal Information may be disclosed in the circumstances described in this Section.

                  7.2 When we do disclose information to third parties, we use non-personally identifiable information wherever possible and we require third parties to only collect and use Personal Information in accordance with this Policy and for no other purpose other than providing us with agreed services.

                  7.3 We may provide data to our third-party service providers for their use in performing internal business functions or collecting information on our behalf. Wherever possible this information is non-personally identifiable.

                  7.4 We may disclose user information if we are legally bound to do so, or if in our reasonable opinion, such disclosure is necessary to prevent harm to ourselves, to our partners or affiliates, to other users or to third parties. We will notify users of such disclosure wherever practicable in all such instances.

                  7.5 In the event that there is a change of ownership, control or interests in Iatroz (whether as a whole or in part), then the party that attains ownership or control or interest in Iatroz will obtain access to any existing user information that we store and use. We will make reasonable efforts to notify you by posting a notice on our Website or sending you an email or direct communication.

  1. Your Choices - Opting Out:

 

                  8.1 Users have a general right to access, edit and manage the collection, processing and use of their Personal Information. Users may opt-out of any activity that involves collecting or processing their information for direct marketing purposes. To exercise this right, please refer to the sections below, including the opt-out options offered by us and our third-party service providers.

 

                  8.2 You may opt-out or unsubscribe from receiving communications from Iatroz at any time by changing the settings via a hyperlink in the footer of emails received from Iatroz.

 

                  8.3 If you do not wish to have your browsing activity tracked, you may opt-out of the services currently used by Iatroz by sending us your request at hello@octadoc.com.au

                  8.4 Notwithstanding the opt-out options, you agree that by accessing the Website or subscribing to the Services, Iatroz may still send you relevant administrative notices from time to time.

  1. Your Choices – Account Deletion and Editing:

 

                  9.1 You may, at any time, update, correct, or delete Personal Information that you have provided to us by updating your preferences on the Account settings page or by contacting us (per the details under the Contacting Us section at the top of this page). Whenever you are entitled to access such information, and the information is not otherwise accessible by logging into your Account, we will provide such information to you via email.

                  9.2 If you delete your Account or Personal Information, any account data associated with your account will be removed from accessible systems and will no longer be accessed or used by us, unless required by law. Iatroz will take reasonable steps to destroy or permanently de-identify Personal Information it holds if it is no longer needed to provide you with access to our Website or subscription service and if the information is not required to be saved under the Australian law or other Commonwealth record.

                  9.3 If you choose to have an Account with us in the future, you will have to register for a new one, as none of the information previously submitted will be held or saved within your account or in accessible files.

                  9.4 You are entitled to request that your Personal Information is dealt with by us either anonymously or under a pseudonym where it is practical for us to do so.

 

                  9.5 If we are not able to remove your Personal Information for any reason, we will notify you of this with an accompanying explanation.

 

  1. When Information Leaves Australia:

 

                  10.1 Like many organisations, we use infrastructure and service providers, partners, licensees or suppliers who are based or hosted outside Australia. User information may be disclosed with, or accessed by, such third parties, most often in Portugal, but also globally.

 

                  10.2 In the event that we are required to disclose your Personal Information to overseas third parties, we will take reasonable steps to ensure that such disclosures are subject to reasonable confidentiality terms, that the overseas third party is subject to a law or binding scheme that protects your information in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles protect your information or that the overseas third party

takes steps to prevent a breach of the Australian Privacy Principles in relation to your information.

  1. Protection and security:

 

                  11.1 We take measures, including the implementation and maintenance of physical, electronic and managerial procedures, in an effort to assure the security, integrity and accuracy of all Personal Information that we collect and to protect your Personal Information from misuse, loss, unauthorised modification, disclosure or access.

 

                  11.2 Iatroz:

 

                     (i) Restricts access to Personal Information to those employees who need access to perform their job functions;

                     (ii) Will only collect Sensitive Information where required by law or with the user’s consent and will only use and disclose Sensitive Information for the purpose for which it is provided;

 

                     (iii) Will take reasonable steps to ensure that the Personal Information it holds is accurate, complete and up to date; and

 

                  (iv) Will take reasonable steps to ensure that third parties collect and use information in accordance with this Privacy Policy and for no purpose other than providing Iatroz with requested services, however, you understand and accept that we cannot guarantee the safe handling of your information by third parties and are not responsible for the conduct of third parties in collecting, storing and using your information.

                  11.3 Occasionally we will include links to third party websites on our Website or in communications to you. Whenever you choose to follow such links to any other websites you should be aware that our privacy policy no longer applies and that each third-party website's privacy policy will govern their collection, storage and use of any of your Personal Information from the moment you leave our Site. You should read the available privacy policies on any third party websites before accessing or using the services provided on that site.

 

                  11.4 If we learn of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps.

  1. Changes and Updates to this Privacy Policy:

 

                  12.1 We regularly review our compliance with this Privacy Policy. This Privacy Policy was last updated in January 2020 and may be updated by us, from time to time, in our sole discretion.

                  12.2  If Iatroz is going to use the user’s Personal Information in a manner materially different from that stated at the time of collection it will notify applicable users to seek consent by contacting them (via email, text or other means) prior to commencement of such usage.

                  12.3 From time to time, Iatroz may make changes to this Privacy Policy and:

                     (i) where such change is minor or insubstantial, you will be bound by the amended Privacy Policy; or

                     (ii) where such change is significant or substantial, Iatroz will post a notice on its Website or email its users to make them aware of the changes.

                  12.4 We encourage users to review this Privacy Policy periodically to stay informed about our collection, use and disclosure of Personal Information. Your continued access or use of our Website or Services constitutes your agreement to this Privacy Policy and any updates.

  1. Enforcement:

 

                  13.1 Please feel free to direct any questions, concerns or complaints regarding our Privacy Policy or Iatroz’s treatment of Personal Information by contacting us (per the details under the Contacting Us section at the top of this page).

                  13.2 We will contact the complaining party regarding their concerns and will cooperate with the appropriate regulatory authorities to resolve any complaints regarding Personal Information that cannot be resolved internally.

 

                  13.3 Users in the European Union and European Economic Area have the right to lodge a complaint with the relevant supervisory authority in their member state. We encourage you to contact us first wherever possible so that we can respond to your concerns. We will do our best to resolve them promptly in accordance with relevant laws and policies.