Welcome to the Privacy Policy of Swaspay Pty Ltd ABN: 30623973777, the proud owners and operators of the Aussie Scripts platform (Platform) along with the accompanying websites and app (Websites). At Swaspay, we hold your privacy rights in high regard and operate in full compliance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) outlined within it. We also adhere to the health privacy principles under State and Territory legislation. Our Platform offers secure access to digital health services, including telehealth and video consultations with registered doctors (Partner Doctors) and various health providers like pharmacists, pathology providers, and cosmetic nurses (Partner Providers). We understand the significance of your privacy and value the security of your personal information.

This privacy policy aims to clarify the information we gather about you, how we may utilize and disclose it, and the precautions we undertake to ensure security. Personal information, as defined by this policy, encompasses data or views about an identified individual or one who is reasonably identifiable, whether or not the information is factual and whether or not it is recorded.

Special considerations are given to the handling of sensitive information, which includes health data and details regarding race, ethnicity, political beliefs, and more. This policy encompasses all references to personal information, which inherently includes sensitive information unless stated otherwise.

Should you have any queries or concerns regarding your privacy, please reach out to our Compliance Officer via the contact information provided below:

Contact Person: Compliance Officer

Phone Number: +61 (07) 3491 7189

Email: info@aussiescripts.com.au

Postal Address:
Aussie Scripts
Suite No. 1672
17 Gould Road
Herston 4006 QLD AU

Please note that while our websites may contain links to third-party websites, we are solely accountable for the privacy practices and security measures of our own sites. We recommend reviewing the policies of other sites you visit.

Our data collection methods include interactions through our Websites, Platform, telephone communications, emails, and written or verbal exchanges. The personal information we gather varies based on our interaction with you and may include contact details, health information, sensitive details, and government identifiers like Medicare numbers.

We may also collect de-identified information through cookies on our websites, which is used for analytical purposes and does not link back to you individually. Our purpose for collecting, holding, using, and disclosing your personal information spans various activities, including communication, record-keeping, service provision, quality assurance, and compliance with laws. We prioritize the security and confidentiality of your data and only share it with authorized parties for legitimate purposes.

At Swaspay, we value your privacy and strive to maintain the highest standards of data protection and security. We are committed to transparency and accountability in handling your personal information.

2. Collection of personal data

Our collection of personal data is based on our interactions with you, which primarily take place through various channels such as our websites, platform, telephone conversations, emails, and written or verbal communications.

The types of personal data we gather can differ depending on the context of our engagement with you. This data may encompass identifying and contact details like your name, address, contact number, and email address. Additionally, it may include health-related information, such as details concerning your past, present, or future health, telehealth services provided to you, as well as pharmacy scripts, items, and referrals. This health information could be shared with us either directly by you through the platform or websites, or it could be provided by Partner Doctors or Providers via the platform while rendering services to you. We may also collect sensitive data like your birth gender and Aboriginal or Torres Strait Islander descent, along with official identifiers like Medicare numbers and individual healthcare identifiers.

Furthermore, through the use of cookies on our websites, we may gather de- identified information regarding your browser type, operating systems, and other webpages visited. This data is not linked to your personal information, ensuring your individual privacy.

Our collection extends to various individuals, including patients, their next of kin or carers, healthcare practitioners such as Partner Doctors and Providers, job applicants, employees, and contractors associated with Aussie Scripts, as well as third parties offering services to us.

In the case of patients, we chiefly obtain personal information from you directly when you utilize the platform or websites, contact us through various means, or if someone, with your approval, shares information about you. This can include your Representative or any Partner Doctor or Provider from whom you seek services via the platform.

For Partner Doctors or Providers engaging with us, we also gather personal data concerning your expertise, qualifications, and background. Specific details regarding this will be provided in the relevant agreements like the Contractor Agreement upon your registration as a Partner Doctor or Provider with Aussie Scripts. Additionally, we may receive personal data from third-party sources such as Google, Facebook, or Apple if you choose to log in to the platform using these platforms.

3. Purposes of Personal data collection, storage, usage and disclosure

Our accumulation, retention, utilization, and revelation of personal data serve a multitude of purposes, which include:

• Facilitating communication with you
• Maintaining records
• Providing functionality of our Websites and Platform, such as connecting patients with Partner Doctors or Providers
• Enabling healthcare service delivery by Partner Doctors or Providers through the Platform
• Ensuring the successful provision of services by third-party providers via our Platform
• Supporting the routine operation of our Platform and Websites
• Managing relationships, enhancing services, and gauging your satisfaction
• Sharing crucial information about the Platform, Websites, or personal data
• Conducting market research
• Invoicing and processing service fees
• Carrying out quality assurance, training, and meeting insurance requirements
• Ensuring compliance with laws and supporting authorized government or law enforcement endeavors
• Addressing urgent threats to individuals, public health, or safety
• Addressing urgent threats to individuals, public health, or safety

• Facilitating service provision by Partner Doctors or Providers via the Platform
• Coordinating with third-party suppliers and service providers as well as operational purposes
• Sharing with relevant stakeholders including representatives, authorized third parties, and emergency services
• Complying with legal obligations and aiding government or law enforcement agencies

4. Data sharing

In addition to sharing personal data within our related bodies corporate, we also share information with:

• Service providers aiding in data storage, IT support, payment systems, and targeted advertising
• Partner Doctors and Providers on the Platform to facilitate service delivery
• Healthcare assessment and accreditation bodies with your consent for service evaluation

5. Storage of personal data

To mitigate unauthorized access, usage, or disclosure, we have implemented reasonable physical, electronic, and managerial protocols to safeguard and fortify the personal information we amass. The personal data we collect is stored utilizing Transport Layer Security (TSL) to ensure users enjoy secure and confidential access. Currently, our plan is to house collected personal information on servers situated in Australia. By utilizing the Platform, you implicitly consent to the storage of your personal information in this manner. We undertake reasonable measures to shield your personal information, encompassing:

• Password safeguarding: Users must establish a secure password to access the Platform. Automatic log-ins require authentication using the designated password. Password changes are subject to rigorous authentication for user verification.
• Secure storage and management: Firewall barriers, encryption mechanisms, data segregation, backup, and authentication procedures are employed to uphold Platform security and safeguard your account and personal data.
• Interoperability: We adhere to stringent interoperability standards to ensure the secure transmission and handling of your data.

6. Tracking technology and cookies

Similar to numerous other website operators, we may employ a conventional technology known as 'cookies' on our Websites. These cookies are small data fragments stored by browsers on computer hard drives to track navigation patterns during website visits.

Cookies utilized within our Websites do not serve to extract personally identifiable data and are strictly applied for internal management purposes. Although most browsers automatically accept cookies, you retain the option to configure your browser settings to prevent cookie storage. It is important to note that disabling cookies may impact the service extent we can offer you.

7. Advertising and promotion

Upon registering to utilize the Platform, unless you choose to opt-out afterward, your consent permits us to utilize your personal data for promotional and advertising endeavors. Should you permit us to leverage your information for these objectives, periodic notifications encompassing product details, service offers, or other promotions we deem pertinent may be sent to you. This includes information pertaining to services on the Platform and products/services offered by third parties. Correspondence will be conducted through your preferred communication method as indicated on the Platform.

We utilize third-party vendor services like Google's 'Customer Match' and Facebook's 'Custom Audience' to exhibit advertisements. If you have supplied us with your contact information and not opted out of receiving direct marketing, this data may be shared with these vendors to facilitate remarketing services on our behalf. Rest assured, we do not vend or disclose your details to external parties for their promotional activities.

At any juncture, you retain the option to unsubscribe from marketing communications by utilizing the unsubscribe feature in relevant messages or reaching out to our privacy officer, as detailed at the inception of this privacy policy.

8. Your privileges

Your entitlements concerning your held personal information comprise:

• Access: The right to solicit a copy of your data in a format suitable for reuse or transfer to another party or trusted healthcare provider.
• Rectification: The ability to request corrections or updates to your data.
• Grievance: The liberty to voice concerns or grievances regarding your privacy or our management of your personal information. We take these matters seriously, committing to investigate and respond to complaints within 21 days.
• Account Closure: If you desire to deactivate your Personal or Family Account, navigate to the "My Profile" section on the Platform, proceed to "My Account" and opt for "Delete Account." Alternatively, you can contact us via email. Closure requests result in archiving the provided details and all associated information securely by Aussie Scripts for up to 8 years unless deletion is requested, complying with local laws, particularly the Health Records Act.

9. Overview

This privacy policy takes effect as of May 2024. Given periodic modifications, the most recent rendition can be accessed on our Websites. Continued navigation and use of the Websites and Platform following updates signify acknowledgment and acceptance of the revised terms within this privacy policy.

Last revision: May 2024