A.C.N. 665 169 068 PTY LTD (referred to as “The Company”, “our”, “us” or "we") is committed to protecting the privacy of the personal information of our current, former and potential users of our Service (referred to as “you” and “your”).
This privacy policy sets out how we manage your personal information held by us, including how we collect, use, hold, disclose and otherwise process personal information under any applicable privacy laws. You will also find information about how to contact us if you have any questions about privacy issues, including how to update or access your personal information or make a complaint.
If we are unable to collect sufficient personal information we may not be able to provide you with the full benefit of the Service.
By providing us with your personal information, whether in person, over the phone, by email, via the Service, Website or otherwise or by authorising (either directly or indirectly) third parties to provide us with your personal information you are deemed to have read this Privacy Policy and you are accepting and consenting to the practices described in this privacy policy.
Our Customer is the Client of speech therapy services that has been invited by their Clinician, has invited their clinician, or is otherwise using a Client account.
When a Clinician invites their Client, our treatment of any such Client personal information is governed by our agreements with the relevant Clinician, including our Terms of Service and HIPAA Business Associate Agreement, as applicable (our “Agreement”). If any provision in our Agreement conflicts with any provision in this Privacy Policy, the provision in our Agreement will prevail to the extent of such conflict. If we receive any inquiries or requests from Clients about their personal information provided to us by their Clinician, we will direct those inquiries or requests to the relevant Clinician.
If you are a Client who has been invited by your Clinician, we may retain your personal information on behalf of your Clinician. If you have questions about how we process Clinician supplied personal information, we encourage you to reach out to the appropriate Clinician. We may send any inquiries that we receive directly from you about our use of your personal information to that Clinician.
If you are a Client that inputs personal information into the Service directly, we will not access or use that personal information except for the limited purpose of anonymising and aggregating it or for one of the internal business purposes set out below. Once that information is anonymised and aggregated it is no longer personal information (ie can no longer be used to identify you) and is not regulated by this Privacy Policy.
Where possible we will collect personal information that we will use for our own business purposes directly from you. However, we will collect personal information in a variety of ways as a result of you using the Service and in certain circumstances we may collect your personal information from other third parties, including our related entities, service providers, contractors, and agents.
Generally, the types of personal information that we collect from or about you depends on the circumstances in which the information is collected. We have described below examples of the types of personal information that may be collected, however this is not an exhaustive list.
Client information: We collect information from you when you create or update your account. The main type of personal information that we collect is your full name and contact details, email addresses, phone numbers, mobile numbers, login name and password for the purpose of creating and managing your account, the name of your child or the person who the account will be used for, your age, the age of your child, or the age of person who the account will be used for, and the program that you, your child, or the person that the account will be used for is on, and the name and email address of your clinician.
Clinical information: We collect information from you when you use your account. The main types of information that we collect include audio recordings, audio samples, speech ratings, situations, situations names, planning names, session notes, cycle categories, and insight names.
Clinician information: We collect information from you when you create or update your clinician account. The main type of personal information that we collect is your full name and contact details, email addresses, phone numbers, mobile numbers, login name and password for the purpose of creating and managing your account, your practice name, and your practice details.
Clinical information from clinicians: We collect information from you when you use your account. The main types of information that we collect include client full names, client email addresses, client program, client child name, or name of the person the account is for, client age, client program, client stage, session notes, Zoom link, and any other details required to deliver Services to your client.
Payment information: We collect transactional information, such as credit or debit card numbers and tax IDs in order to process your payments for our Services. We may also collect your insurance information in order to process payments made to you by your Clients.
Communications and phone calls: When you communicate with us in relation to the Service, we may collect information about your communication and any other information you provide. This includes when you call or message us, in which case we may retain your call for fraud prevention, internal training and quality assurance purposes.
Device information: We may collect information about the devices you use to access the Service including the hardware model, device IP address, operating systems and versions, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, and mobile network information.
Location information: When you use certain features of the Service, we may collect different types of information about your general location or more specific location information (e.g. precise location from your mobile GPS). Most mobile devices allow you to control or disable the use of location services for applications in the device’s settings menu.
Statistical information: We may collect non-personal information about your use of the Website and the Service to improve the features and overall user experience. This may include statistical information such as pages accessed on the Website and the Service, search terms, links that are clicked on, Website and Service visit times, browsers and operating systems, IP address, and cookies.
We may also collect other personal information as otherwise permitted or required by law, as well as any other information that you choose to provide us.
We do not collect any ‘Special Categories of Personal Data’ about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your genetic and biometric data) unless you voluntarily provide this. Nor do we collect any information about criminal convictions and offences.
We only collect and process personal information that we consider necessary for the effective functioning of the Service and business.
We only collect, hold, use and disclose personal information for the purposes for which it was originally collected (and for related purposes which you would reasonably expect), unless required or authorised by or under law or if the individual concerned has consented to another use. Some of the specific purposes for which we collect, hold, use and disclose personal information includes to:
Create with the templates for your program
Update your account
Enable us to correspond with you for reasons related to the Service;
Allow us to effectively operate the Service and our business;
Measure the effectiveness of the Service and understand how people use and interact with the Service;
Contribute to anonymised and generalised data that we may use for our internal business purposes or that we may provide to third parties (for which we may collect a fee), including for statistical and research purposes;
Prevent breaches of our Terms of Service and ensure the security of the Service;
Conduct investigations relating to the Service and make risk assessments;Allow our business and Service to be audited;
Advertise and market our business, such as to send you promotional messages, marketing or advertising (unless you opt out);
Publish things on our Website;
Ensure we comply with our obligations. We will use information to ensure we comply with the law, including disclosures authorised under applicable privacy laws and any other relevant legislation.
We may also process your personal information for other purposes which are disclosed to you, and to which you consent, whether expressly or by implication by providing us with your personal information with knowledge of how we intend to use it.
The Company may use the following Subprocessors to host Customer Data or provide other infrastructure that helps with the delivery of our Services:
Activity: Cloud Service Provider
Location: United States, Australia, New Zealand, United Kingdom
Activity: Cloud-based Online Payment Services
Location: United States
Activity: Cloud-based marketing automation
Location: United States
We respect the privacy of your personal information and will take all reasonable steps to keep it strictly confidential.
If you are a Client, at which time you grant your Clinician access to your account, you give them permission to access your personal information, excluding your access and billing information such as your password or credit card data, including the right to export your data to comply with their clinical obligations. Please refer to our Terms and Conditions (s14.2) to learn more about the rights your clinician has over your data.
We may also disclose your personal information to third parties if required in connection with the purposes described in this privacy policy. This may include disclosure to the following persons:
our employees, officers, contractors, third party service providers, agents, and partners;
our related or affiliated companies and their respective employees, officers, contractors, service providers and agents (and our related or affiliated companies may disclose the personal information directly to their contractors, service providers and agents);
our accountants, insurers, lawyers, auditors and other professional advisors;
any other third parties to whom you direct or permit us to disclose your personal information (e.g. third parties with whom we have directly or indirectly arranged services for your benefit);
third parties that require the information for law enforcement or to prevent a serious threat to public safety; and
as otherwise permitted or required by or under any applicable law.
In the event that we sell a part of or the whole of our business, our records of personal information may be transferred to the new business owner or any of its related or affiliated companies (as the case may be).
Any recipients of your personal information shall only be entitled to use your personal information as required for the purposes for which it was provided to them, which shall be consistent with the purposes described in this privacy policy.
We will take reasonable steps to ensure that any third party to whom we disclose personal information is required to comply with applicable privacy law. One way we achieve this is by placing contractual obligations on third parties governing the use of personal information that we provide them with.
Your provision of personal information to us (whether directly or indirectly) will constitute your consent for us to disclose this information in accordance with this privacy policy.
You will only receive marketing communications from us and/or third parties if you have consented to this when you provided your contact details to us (or if you have otherwise submitted your consent to us for these purposes). These communications may be sent in various forms, including mail, SMS, fax, and email, in accordance with the applicable marketing laws of your jurisdiction.
You have the right to ask us not to use your personal data for marketing purposes. You can request that you stop receiving information from us at any time by contacting us at the address set out below (please see clause 15).
We do not disclose identifiable information about individuals to our advertisers or sponsors, but we may provide them with anonymised aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in London). We may make use of the personal data we have collected from you to enable us to comply with our advertisers' and sponsors’ wishes by displaying their advertisement to that target audience.
Our Service and Website use a technology called cookies to record the preferences of visitors and enable us to optimise the design of our website. A "cookie" is a small data element that a website transfers to your computer for record keeping and experience customisation purposes. The length of time that a user’s computer stores cookies is determined by the user’s browser settings.
The use of "cookies" is an industry standard and helps show us how the Service is used. During normal usage the Service and Website "cookies" do not store your email address or other personal information about you unless you have given your consent, or if it is essential for technical reasons. We use this technology to generate statistics and measure website activity to improve the usefulness of the Service. Each time you access the Service or Website, our server may deliver certain customised information (such as advertisements) to you based on the data stored in your cookie. Third party vendors may utilise cookies to collect information about the content you view on the Service and/or Website and use that information to show our advertisements on websites and/or serve these advertisements based on your prior use of the Service or visits to our Website and other internet activity. We may also use analytics data supplied by third party vendors to inform and optimise our ad campaigns.
Some of the tags that are used on the Service and Website include, but are not limited to, container tags (such as Google tag manager), which include retargeting tags and analytics tags. These tags provide us with aggregated knowledge and information on website behaviour and user preferences.
By using the Service and Website you consent to the use and storage of cookies on your end device. You can also use the Service and Website without cookies. If you do not wish to receive any cookies you may set your browser to refuse cookies. Not all features of the Service and Website may be available if you do not enable cookies. We recommend you enable cookies in order to enjoy the Service.
Any personal information that falls within the scope of this privacy policy is collected and held by The Company or trusted third parties we may engage to store information on our behalf (such as cloud hosting service providers).
We will take reasonable steps to protect your personal information from misuse, interference, corruption, loss or unauthorised access, modification or disclosure, including through physical, electronic and procedural safeguards. For example, we only use cloud storage providers that represent to us that they are compliant with the United States’ Health Insurance Portability and Accountability Act (“HIPAA”), an internationally recognized standard of protecting health information. However, to the extent permitted by law, we will not be responsible for and exclude all liability arising in relation to any misuse, interference, corruption, loss or unauthorised access, modification or disclosure of your personal information.
If we provide you with any passwords or other security devices it is important that you keep these secret and confidential and do not allow them to be used by any other person. You should notify us immediately if the security of these devices is breached to prevent the unauthorised disclosure of your personal information.
If we become aware of any breach involving your personal information we will comply with the requirements of any applicable privacy laws relating to the reporting of privacy breaches.
This clause 11 applies if you reside in Australia.
Some of the third parties to whom we disclose personal information may be located outside Australia. In addition, our cloud storage provider, websites and systems may also be based on servers located outside of Australia.
If we disclose personal information to third parties based offshore, we will comply with the requirements of any applicable privacy laws that relate to the transfer of personal information offshore.
This clause 12 applies if you reside in the European Union or United Kingdom.
To deliver services to you, it is necessary for us to share your personal information outside the European Economic Area (“EEA”), e.g.:
with our offices outside the EEA;
with our service providers located outside the EEA; and
if you are based outside the EEA.
These transfers are subject to special rules under European and UK data protection law and whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring any such transfer out of the EEA complies with data protection law and all personal information will be secure.
We will keep your personal information for as long as it is required for the purposes for which it was collected, taking into consideration our need to answer queries or resolve problems, provide improved and new services, and comply with legal requirements.
When the personal information that we collect is no longer required or is not required to be retained by law, we destroy, delete or permanently anonymise it (except for any personal information located on an off-site server or which is stored as electronic back-up data that cannot be readily accessed).
Where applicable law sets a minimum or maximum retention period, we will comply with such restriction.
By using the Service and Website you consent to receiving communications from us or from third parties on our behalf using the contact details you have provided (including, without limitation, via direct mailing, email, SMS, telephone call, and other phone number based messaging) which promote and market our Service from time to time.
You can opt out of those communications at any stage by contacting us using the contact details set out below at clause 15 or by utilising the "unsubscribe" facility included on all such communications. Once you have unsubscribed from these communications, we will remove you from the corresponding marketing list as soon as is reasonably practicable.
If you wish to unsubscribe from marketing material you receive from us, please contact us directly.
If your personal information changes, or if you no longer desire our Services, you may modify or remove it by logging into your Account and making the changes in your Account settings.
You may obtain confirmation from us as to whether or not we hold personal information about you. You may also request a copy of the personal information and/or request that corrections or changes are made to it. You can make such requests in relation to your personal information by contacting our Privacy Officer using the details set out below. Please quote your name and address and, if possible, provide brief details of what information you want a copy of (this helps us to more readily locate your information).
We will provide you with access to your personal information unless we are required or authorised to refuse such access by law. There may be instances where we cannot grant you access to the personal information we hold. For example, The Company may need to refuse access if granting access would interfere with the privacy of others, if it would result in a breach of confidentiality or is not readily retrievable. If we refuse for whatever reason, we will give you written reasons for refusal.
In some cases, there may be a charge associated with retrieving and providing a copy of your personal information to you. If so, we will advise you of this prior to sending your information.
If you are located in the United States and The Company does not agree that there are grounds for amendment, then The Company will add a note to the personal information stating that you disagree with it. In addition, The Company will not charge for simply making the request and will not charge for making any corrections to your personal information.
At all times we will strive to ensure that your personal information is treated confidentially and in accordance with any applicable privacy laws. However, if you have any questions or complaints about the handling of your personal information, please contact our Privacy Officer in the first instance using the contact details set out in clause 15 above and we will do our best to assist.
If you are not satisfied with our response, you may refer your complaint to the applicable regulator. If you ask us, we will endeavour to provide you with information about relevant complaint avenues which may be applicable to your circumstances. We note that:
If the Australia Privacy Act 2020 applies to your personal information and we are unable to resolve your concerns you have the right to make a complaint to the Office of the Australian Information Commissioner. For further information on making a complaint visit https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us
If the General Data Protection Regulation applies to your personal information, that regulation gives you the right to complain to the supervisory body in the EEA state in which you live, work, or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted online at www.ico.org.uk/concerns or alternatively by telephone on 0303 123 1113.
Our Website may contain links to other sites and plugins that are owned or operated by third parties and which are therefore not under our control, including the websites and plugins of our third party service providers. We take no responsibility for linked websites or plugins and provide them solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or warranties about their accuracy, content or thoroughness. Your disclosure of personal information to or in connection with third party websites and plugins is at your own risk. This privacy policy applies solely to our collection of personal information and not personal information collected by us.
We reserve the right to amend this privacy policy from time to time by posting an updated privacy policy here on our Website. We will collect, use, hold and disclose your personal information in accordance with our most recently updated version of the privacy policy. We recommend that you regularly review this privacy policy when you visit our Website.
If you do not agree with any aspect of the updated privacy policy, you must promptly notify us and you may be required to cease using our Service and Website.
This privacy policy was last updated in October 2023.
“Agreement” has the meaning given to that term in clause 2.
"App” means the progressive web application accessed on a smart phone, computer, tablet, or any other device capable of running the progressive web application, available for download, which operates the business of The Company.
“Customer” means the entity with whom The Company enters into an Agreement for the purposes of providing access to the Service to the Client or any other named parties
“Client” means the person undergoing care with the Clinician, who signs up to a Client account.
“Clinician” means the person giving care to the Client, who signs up to a Clinician account
“Service” means the service relating to the healthcare e-portfolio platform accessed through our App and/or Website.
“Website” means the online medium of the domain of “speechpathology.co”, which operates the business of The Company. This term includes website operations performed on “speechpathology.co”.
California residents have certain rights under the California Shine the Light law and the California Consumer Privacy Act (“CCPA”).
In this Supplemental California Consumer Privacy Act Privacy Policy (“CCPA Privacy Policy”), we, The Company, provide information about our data processing practices as required by the CCPA and supplement the disclosures in our Privacy Policy and other privacy notices. This CCPA Privacy Policy is effective and was last updated in August 2022, and is addressed only to residents of the State of California.
In general, within the preceding 12 months:
We have collected the categories of personal information listed in clause 4 of our Privacy Policy.
We have collected these categories of personal information directly from you, when you use our Services, and from third parties for the purposes described in clause 5 of our Privacy Policy.
We have disclosed the following categories of personal information for business purposes: Identifiers and contact information; professional and employment-related information; commercial information; transactional information; and internet and network activity information.
We have not sold your personal information.
As of January 1, 2020, certain California residents are entitled to privacy rights under the CCPA. Customers who wish to exercise these rights should direct their requests to the customer who controls their personal information.
You have the right to request to know (i) the specific pieces of personal information we have about you; (ii) the categories of personal information we have collected about you in the last 12 months; (iii) the categories of sources from which that personal information was collected; (iv) the categories of your personal information that we sold or disclosed in the last 12 months; (v) the categories of third parties to whom your personal information was sold or disclosed in the last 12 months; and (vi) the purpose for collecting and selling your personal information.
You have the right to request that we delete the personal information that we have collected or maintain about you. We may deny your request under certain circumstances, such as if we need to comply with our legal obligations or complete a transaction for which your personal information was collected. If we deny your request for deletion, we will let you know the reason why.
If you choose to exercise any of these rights, we will not discriminate against you in anyway. If you exercise certain rights, understand that you may be unable to use or access certain features of our Services.
You may exercise your right to know and your right to deletion twice a year free of charge. To exercise your right to know or your right to deletion, please contact us using the contact details set out in clause 16 of our Privacy Policy.
We will take steps to verify your identity before processing your request to know or request to delete. We will not fulfill your request unless you have provided sufficient information for us to verify you are the individual about whom we collected personal information. If you have an account with us, we will use our existing account authentication practices to verify your identity. If you do not have an account with us, we may request additional information about you to verify your identity. We will only use the personal information provided in the verification process to verify your identity or authority to make a request and to track and document request responses, unless you initially provided the information for another purpose.
You may use an authorised agent to submit a request to know or a request to delete if:
The authorised agent is a natural person or a business entity registered with the Secretary of State of California; and
You sign a written declaration that you authorize the authorised agent to act on your behalf.
To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorised by you to act on their behalf.
If you provide an authorised agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.
Our California customers are also entitled to request and obtain from us once per calendar year information about any of your personal information shared with third parties for their own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. To request this information please contact us using the contact details set out in clause 16 of our Privacy Policy.
The Company is a global company, and we acknowledge that your Personal Information and the obligations of healthcare practitioners may be subject to access and privacy laws in the country of those clients reside. We take all reasonable steps to comply with local access and privacy laws.
If you have any questions or complaints about our Privacy Policy or how we handle your Personal Information, contact us at speechpathology.co. This is our preferred method of contact.
We also have a dedicated Data Protection Officer to help you with any requests or questions you have about your data. They can be reached at speechpathology.co
© 2023-2024 Speech Pathology Company Pty Ltd
