Medisa – Privacy and Confidentiality policy
This privacy and confidentiality policy applies to Medisa Pty Ltd ABN: 64 169 434 244 and its related bodies corporate (collectively referred to as “our”, “us”, “we”).
Medisa respects every individual’s right to privacy and we are committed to maintaining the privacy and confidentiality of your personal information in accordance with the National Privacy Principles in the Privacy Act 1988 (Commonwealth).
This privacy and confidentiality policy explains how we manage personal information we may collect about you.
Privacy law is regulated by the Australian Information Commissioner. Further information about privacy legislation can be obtained from the Office of the Australian Information Commissioner website at: www.oaic.gov.au
This privacy and confidentiality policy explains how Medisa complies with privacy obligations under the Privacy Act regarding the collection, use, disclosure, storage, security and access of the personal information of consumers, customers, students, donors, members, volunteers, job applicants and staff.
Collection of personal information
Medisa will only collect personal information necessary to deliver our services and conduct the business activities that support this. We may collect the following types of personal information depending upon your interaction with our business:
- your name, address and contact details (eg: phone, email and fax)
- details for next of kin or emergency contact
- donor number
- job applications
- the product and services you have purchased or which you have enquired about, together with additional information necessary to deliver those products and services and to respond to your enquires
- where required by the police or other government bodies to provide information
- photographs, video recordings and audio records of you
- payment details (eg: credit card details)
- other information relevant to the relationship of the individual with Independence Australia
We may also collect sensitive information such as:
- details of a complaint
- health and wellbeing information where relevant to the services or the performance of the duties sought by the individual
Methods of collecting personal information
Medisa collects personal information through a variety of methods including:
- electronic or face to face interactions
- interaction with our website
- requests for information
- provision of goods and services
We collect personal information directly from individuals or their authorised representatives; through referrals from other service providers, product order and deliveries, donations, campaigns and via purchased lists.
Information collected on our website
In common with many websites, we may collect aggregated information which tells us about visitors to the Medisa site but not the identity of those visitors.
For example, we may collect information about the date, time and duration of visits and which pages of the Medisa website are most commonly accessed. This information is used by us to help to administer and improve the Medisa website.
The Medisa website may use ‘cookies’.
A ‘cookie’ is a packet of information placed on a user’s computer by a website for record keeping purposes.
Cookies are generally used on Medisa sites to:
- manage advertising – we use advertising companies to deliver our online advertising. When you see one of our ads on a third-party website, cookies are sometimes used to collect anonymous information about what pages you visit and the type of software you are using.
- monitor traffic – we use Google analytics to gather anonymous information about how people are using the Medisa site, this information includes times of visit, pages visited, and some system information about the type of computer you are using. We use this information to enhance the content and services offered on the site.
You can configure your browsers to accept all cookies, reject all cookies, or notify you when a cookie is sent. (Each browser is different, so check the “help” menu of your browser to learn how to change your cookie preferences).
Use of personal information
Medisa uses personal information to provide goods and services.
We may also use personal information to notify individuals of information and opportunities which they may find interesting.
De-identified data may be used to meet regulatory and funding requirements or for the purposes of internal reporting and improvement of services.
Where not previously requested, and in accordance with Privacy legislation, we may use personal information to communicate with individuals through emails, newsletters or direct marketing. All such communications will provide an option to opt out or unsubscribe.
Requests to opt out or unsubscribe can also be directed to email@example.com or 1300 721 733
To whom we may disclose your information
The third parties we may disclose your personal information to include, but are not limited to:
- our employees, contractors, or services providers for the purposes of operation of our website or our functions, fulfilling requests by you and to otherwise provide information, products and services to you including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors and professional advisors such as accountants, solicitors’, business advisors and consultants
- government departments/agencies who provide funding for Medisa services.
Security of personal information
Medisa will take reasonable steps to protect personal information from misuse, interference and loss, unauthorised access, modification or disclosure.
Personal information held by Medisa is stored electronically in secure databases, or where retention of hard copy documents is required, in secure filing systems.
Only authorised Medisa personnel are provided with access to an individual’s personal information. Where personal information is no longer required by Independence Australia, or where required by law, Medisa will securely destroy or de-identify information in accordance with legal requirements for retention and disposal.
Access and correction
Individuals may request access to the personal information Medisa holds about them.
Where reasonable and practicable to do so, and in accordance with the provisions of the Privacy Act, Medisa will provide supervised access to an individual’s personal information.
Requests to access personal information must be made in writing, either by email or hard copy directed to firstname.lastname@example.org or Medisa Privacy Officer, 84/14 Loyalty Road, North Rocks, NSW 2151.
In the event access to records requires a significant allocation of resources, we may charge a reasonable administration fee to cover costs. Corrections or updates to personal information supplied by consumers or their authorised representatives must be made by the individual or their authorised representative.
In all cases, Medisa staff must be satisfied changes are authorised by the individual in question. Requests to change personal information supplied by consumers or their authorised representative will be actioned as a priority.
Disclosure of personal information overseas
In situations where Medisa may disclose personal information overseas, Medisa will take reasonable steps to ensure that the overseas entity will comply with the Australia Privacy Principles.
Use, adoption or disclosure of government related identifiers
Medisa will not use, adopt or disclose an identifier assigned to an individual by a Commonwealth agency unless required to by law or where reasonably necessary and in accordance with the Australia Privacy Principles.
Anonymity and pseudonymity
Where practical, individuals may deal with Medisa anonymously or use a pseudonym. The majority of our services, however, will require collection of personal information to enable Medisa to provide the appropriate goods, services or response.
When collecting personal information directly from an individual, Medisa will take reasonable steps to notify, or otherwise ensure that the individual is aware:
- if and/or when Medisa is likely to disclose an individual’s personal information to overseas recipients and, if it is practicable to specify, the countries in which those recipients are likely to be located
If Medisa collects personal information from someone other than the individual, or the individual may not be aware that the organisation has collected the personal information, reasonable steps will be taken to notify the individual, or otherwise ensure that the individual is aware:
- that Medisa collects or has collected the information
- of the circumstances of the collection, including:
- from whom the information was collected; and
- the law under which Medisa collected the information
- to whom Medisa may disclose the information, and
- of the consequence of Medisa not collecting the information
Review and improvement
Complaints and enquiries
Medisa takes all complaints seriously. To lodge a complaint, either complete the Complaints and Suggestions form on the Medisa website or you can direct your complaints or suggestions via email@example.com or call 1300 721 733