We respect your rights to privacy under the Privacy Act 1988 (Cth) (Act) and we comply with all of the Act’s requirements in respect of the collection, management and disclosure of your personal information.
What is your personal information?
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can provide the best possible quality of service and to perform our business functions, including:
- to assess the performance, and improve the operation, of our app and website;
- to detect and prevent errors, security incidents and malicious, deceptive, fraudulent or illegal activity;
- for the administrative, planning, product or service development, quality control and research purposes of LeoraTechnologies Pty Ltd, its related bodies corporate, contractors or service providers;
- to provide your updated personal information to our related bodies corporate, contractors or service providers;
- to update our records and keep your contact details up to date;
- to provide technical or help desk support;
- to process and respond to any complaint made by you; and
- to comply with any relevant law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country.
The other purposes for collection of personal information will depend on how you engage with us as described below:
1. Customers accessing our services through our website or app
We collect your personal information to: provide mental health support services to you through our website and app; send you communications in connection with your use of our website and/or app (including notifications, updates, security alerts and administrative messages); comply with any Australian State or Territory legislation in respect of the use, collection and retention of health information; or, recommend healthcare service providers to you and link you with those providers.
2. Healthcare professionals accessing our services as service providers
We collect your personal information to: provide you with access to protected or privileged areas of our app and website; facilitate communications between yourself and users of our app and website; reimburse you for the provision of services; or, verify your identity and credentials.
3. Clients that subscribe to our employee assistance program (EAP) services
We collect your personal information to: provide EAP services to your employees and/or staff through our website and app; answer enquiries and provide information or advice about existing and new products or services; invoice you for the provision of the EAP services; send you marketing material; or, conduct surveys to better understand the effectiveness of our services.
What personal information do we collect and hold?
We aim to collect the minimum amount of personal information necessary in the circumstances but depending on how you engage with us and the information that you choose to disclose, we may collect your:
- mailing or street address;
- email address;
- telephone number;
- age or birth date;
- profession, occupation or job title;
- employer’s name and contact details;
- current or historical health information(including information about your disability status, mental health and general wellbeing);
- lifestyle and background information; and
- credit card information or bank account details.
We may also collect:
- details of any products and/or services that you have purchased from us or which you have enquired about, together with any additional information necessary to deliver the products and/or services and to respond to your enquiries;
- any additional information relating to you that you provide to us directly through our app or website or indirectly through use of our app or website, through our representatives or otherwise;
- any other information you choose to provide to us when you create an account with Leora, including any personal identifiers that you provide when creating an account through our app or website;
- information you provide to us when you communicate with us, such as by email or on our app or website when you chat with the chatbot functionality; and
- IP addresses and location data.
How do we collect your personal information?
We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:
- through your access and use of our app and website(including when you create an account);
- during conversations between yourself and our chatbot on the app or website; or
- through communications between you and our representatives.
We may also collect personal information from third parties including:
- from healthcare professionals that you are connected with on our app or website; and
- from your employer, where your employer has engaged us to provide products and services.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- users may not be able to create an account or access our website and/or download our app;
- we may not be able to provide the requested products or services to you, either to the same standard or at all;
- we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions; or
- we may be unable to tailor the content of our app or website to your preferences and your experience of our app and website may not be as enjoyable or useful.
To whom may we disclose your information?
We may disclose your personal information to:
- our employees, related bodies corporate, contractors or other service providers for the purposes of operation of our app, website or our business, fulfilling requests by you, and to otherwise provide products and services to you;
- your employer, for insurance or other limited purposes, but only if your employer has engaged us to provide products and services; and
- any organisation for any authorised purpose with your express consent.
We may combine or share any information that we collect from you with information collected by any of our related bodies corporate.
Direct marketing materials
We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS and email, in accordance with applicable marketing laws, such as the Spam Act 2003(Cth) and the Do Not Call Register Act 2006 (Cth). You consent to us sending you those direct marketing communications by any of those methods. If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.
We do not provide your personal information to other organisations for the purposes of direct marketing.
How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by emailing it to you).
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact our Privacy Officer using the contact information below and provide written details of the incident so that we can investigate it.
We will attempt to confirm with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title, and contact details of the investigating officer and the estimated completion date for the investigation process.
After we have completed our enquiries, we will contact you, usually in writing by email, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view.
Do we disclose your personal information to anyone outside Australia?
No, we will not store any personal information outside of Australia.
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in electronic form. Whilst we endeavour to keep our systems secure, as our app and website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. Accordingly, any personal information or other information which you provide to us online is transmitted at your own risk.
To the extent permitted by law, personal information is destroyed or de-identified when no longer needed. In some circumstances, Leora Technologies may retain certain data, including personal information, for a period of up to 7 years (or another period as required by law) to comply with Australian State or Territory legislation in respect to retention of health information.
Our app and website may contain links to other platforms operated by third parties. Those third parties are responsible for informing you about their own privacy practices and we are not responsible nor provide any warranties in relation to the privacy practices of any third party.
We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.
Please contact our Privacy Officer at firstname.lastname@example.org.