The WellAware App

Version 1.2 – 10 Sep 2020

About this policy

Your privacy is important to us. The Privacy Act 1988 requires organisations that are bound by the Australian Privacy Principles (“APPs”) to have a privacy policy. This Privacy Policy sets out the way in which WellAware.Life Pty Ltd A.C.N. 624 999 775, [insert address of registered office] (“WellAware” “us” “we” “our”) collects and handles personal information for the purposes of the WellAware device application (“App”). Wellaware is the owner of the App. This Privacy Policy, together with our Terms of Use, forms the entire agreement between WellAware and you.

We may amend or update this Privacy Policy when our information collection and handling practices change. If this happens, any updates will be published on our App and our website (https://www.wellaware.life/) and we will use our best endeavours to notify you either by email or by posting a notice of the changes in the App. If you do not agree with the changes you must cease accessing the App. If you continue to access or use the App after the changes come into effect, we will assume that you have agreed to them.

What is WellAware?

Wellaware is a data and digital solution that aims to provide you with proactive health management education and information relating to chronic disease. We do this by using advanced data analytics that consist of our proprietary algorithm in conjunction with Australian health data sets and your personal information to provide you with personalised data relating to your risk of chronic disease.

What is the App?

The App is a customisable digital App that provides you with information relating to your personalised
chronic disease risk factors. Its functionality includes providing you with:

  • a personalised chronic disease risk factor assessment;
  • a list of key tests applicable to your risk factors;
  • information about the benefits of regular testing;
  • test appointment and self-checking reminders;
  • information relating to how tests may be conducted;
  • links to third party health professionals; and/or
  • where the tests may be available.

You may then use the App to assist you when communicating with your chosen health professional/s. You may also choose to use the App to source a health professional (through a third-party link), store your health records, record notes from your health consultations and to obtain push notification reminders.

We are able to provide this functionality by collating, processing and analysing your personal information (including sensitive and health information provided by you). Your personal information and the information we create about you through processing and analysis is then made available to you.

The App may be made available through an App store, or otherwise may be made available to individuals who have been invited to participate by their provider, as approved by WellAware.

If you access the App as an authorised user of your provider’s account (“Authorised User”), your provider has given us your name and email address so that we may invite you to use our services. We do this by sending you an email that contains a link to enable you to create an account in the App and provide some further personal information. It is your choice whether you create an account in the App. During the account creation process you will be provided with information about the App and the way we collect and handle your personal information, including this Privacy Policy. As an Authorised User, the information you provide us may also be aggregated, de-identified and given to your provider on an anonymous basis.

If you have purchased the App through an App store, you will be asked to provide some personal details in order to create an account. This information will include your name, email address and date of birth.

Whether you have purchased the App in the App store or accepted an invitation to participate from us or your provider, by creating an account in the App you will be taken to have understood and agreed to this Privacy Policy and the Terms of Use of the App.

The App is designed to provide health information to you that is suitable to your individual needs. Because of this, the exact nature of the personal information that the App collects and handles, differs from person to person. All personal information is collected and handled in accordance with the requirements of the Privacy Act 1988 and the APPs. The App does not of itself provide stand-alone medical or health advice, diagnosis or treatment. It is designed to be used in conjunction with the clinical decisions and care provided by your health professional/s.

The App is not considered to be software as a medical device. As such, it is not currently approved as such by the Australian Therapeutic Goods Administration.

The App is only available to people who are over 18 years of age and who are lawfully residing in Australia.

We hope that this privacy policy is straightforward and clear; however, if you have any questions about
it, please e-mail: privacy@WellAware.life

What personal information does the App collect?

‘Personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  1. whether the information or opinion is true of not; and
  2. whether the information or opinion is recorded in a material form or not.

‘Sensitive information’ is a subset of Personal information. Sensitive information is

  1. information or an opinion about an individual’s:
    1. racial or ethnic origin; or
    2. political opinions; or
    3. membership of a political association; or
    4. religious beliefs or affiliations; or
    5. philosophical beliefs; or
    6. membership of a professional or trade association; or
    7. sexual orientation or practices; or
    8. criminal record;
    9. that is also personal information; or
  2. health information about an individual; or
  3. genetic information about an individual that is not otherwise health information; or
  4. biometric information that is to be used for the purposes of automated biometric verification or biometric identification; or
  5. biometric templates

The App collects your personal information, including your sensitive personal health information, in order to provide you with personalised functionality. To use the App we must obtain your name, email address and date of birth. If this information is not provided, you will not be able to use the App.

The main way we collect personal information about you is when you provide it to us. We offer a range of functions within the App, many of which collect personal information from you. It is your decision whether you use these functions, and how much personal information you provide. This information is voluntary, but the more information you provide and the more accurate you are, the more accurate our analysis. If you do not want to provide this personal information, you can choose to not use these functions.

For example, when you create an account in the App, you will be asked to complete an assessment that includes questions about you generally, about your family history of disease and about your health and wellbeing in particular. The App then processes and analyses this information to produce a personal chronic disease risk profile that will be displayed on a dashboard (for example, your likely risk of bowel or breast cancer as measured against data sourced from Government and leading health organisations). Based on your personalised disease risk profile, you will be presented with a variety of information and actionable disease prevention tasks (e.g, available tests from your doctor) to match your needs. Some of these you can complete yourself, while others will require you to work with your chosen health professional. Importantly, it is you who manages your own care options in collaboration with your health professional.

The App also collects other categories of your personal information in order to provide services to you. These include:

  • Technical data – the App gathers technical data through browsing and usage information, in particular via the use of cookies. Acceptance of these cookies is required in order to use the App (see Terms of Use for further detail). The App also collects technical data associated with your smartphone, tablet or computer (such as IP addresses, access provider, hardware configuration, software configuration, country of origin), or associated with the App (such as a log and history of all data exchanges, and a log and history of connections);
  • Identity data – the App collects personal information when you create an account. This data includes information about your identity (such as name and email address) and demographics (such as date of birth, gender and lifestyle information);
  • Self-reported health data – the App collects data you enter in response to questions about your health when you use it (such as height, weight, stress levels, other lifestyle factors and medical history);
  • Behavioural data – the App automatically collects behavioural data, including but not limited to, data about location, device (phone, tablet or computer) and usage.

How does the App use personal information?

The main purpose for which we use your personal information is to provide you with the App’s services. We analyse and process the personal information we collect from you to produce personalised health information about you that is made available to you within the App.

We also use personal information for several other related purposes, including:

  • quality assurance;
  • communicating with you;
  • monitoring and assessing the operation of the App;
  • de-identifying your personal information so that it can be used for development, research and business purposes;
  • providing technology and help desk support;
  • responding to complaints, queries, feedback and requests; and
  • maintaining records of your access to the App.

How do we de-identify your personal information?

Information that is de-identified is information that is no longer about an identified individual or an individual who is reasonable identifiable. If we de-identify your personal information we will do so by removing all persistent identifiers (such as name, email address, device identifiers, IP addresses and cookie IDs) and also having regard to the Office of the Australian Information Commissioner’s (OAIC) guidance publication ‘De-identification and the Privacy Act.’ See https://www.oaic.gov.au/privacy/guidance-and-advice/de-identification-and-the-privacy-act/. The purposes for which we will use de-identified personal information are set out later in the privacy policy.

We have also implemented a security program that contains administrative and technical controls that are designed to safeguard your personal information, including but not limited to, industry standard encryption technology.

How does the App disclose your personal information?

We engage a third party to assist us with the App development who will have access to information contained in the App, however the third party is bound by confidentiality restrictions that are designed to ensure that the third party may only have access to personal information for purposes related to providing technical assistance.

We may also disclose your personal information for purposes permitted by the APPs. These include disclosure:

  • to third parties at your express request;
  • where it is necessary to lessen a serious threat to life, health, safety of any individual or to public health or safety and it is unreasonable or impractical for us to obtain your consent; and
  • if required or authorised by or under an Australian law or a court/ tribunal order or regulatory authority.

WellAware’s policy is that we will not disclose your personal information for such a purpose unless we are legally required to do so, for example by a court order or a law enforcement agency warrant.

How does the App disclose de-identified information?

We may generate de-identified data to use for development, research and business-related purposes (including, without limitation, to develop and improve our products and services and to create and distribute reports and other materials that we may provide to third parties). We do not sell personal information collected through the App to third parties.

Maintaining the integrity of your personal information

Some of your personal information that is collected by the App is entered directly into the App by you and should be accessible to you when you log in to the App. If your contact details change, we ask that you update this information promptly.

If you wish to correct or amend any of your personal information, please read the information we have provided about access and correction below.

How do we keep your personal information secure?

We take all reasonable steps to protect your personal information from misuse, interference and loss as well as from unauthorised access, modification and disclosure.

Your personal information is stored on computer systems located in Australia. Access to these systems is highly restricted and controlled. Personal information we collect is protected by organisational, physical and logical security measures. Data communications between the App services are protected by encryption. Hence data traffic via the Internet between the App and our systems is encrypted. Only staff who have a need to access your information to perform a specific task or function are granted access to such information.

WellAware employees and contractors must abide by this Privacy Policy and are kept up-to-date on security practices.

Although we take appropriate measures to safeguard the security of your personal information, we cannot guarantee its security. To assist in preventing unauthorised use or disclosure of your personal information, you must keep confidential any sign-in information and passwords related to the App. Further, you can protect the data in the App on your smart device (phone, tablet or computer) by use of a PIN code, face ID or fingerprint technology to restrict unauthorised access to your smart device. Whenever you have finished using the App you should log out. You should not leave your device unattended while you access the App.

In the event of any data breach, we will follow the specific requirements of the Privacy Act 1988 and the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) and notify you and other affected individuals as appropriate.

Your use of an Internet Service Provider (ISP) to communicate with or from the APP will be subject to the separately provided terms of use of such services. In particular, note that any data processing and/or transmission of data by your ISP is outside the scope of this policy and not the responsibility of WellAware.

If you use the App as an Authorised User through systems made available to you by a provider, those systems are not provided by, and are not the responsibility of, WellAware.

How can you access and correct your personal information?

You can access, view, manage and update your personal information and consent status details at any time. Simply sign in to the App to view and update your information via the settings menu.

If you think that your personal information is inaccurate in the App, please get in touch by emailing privacy@WellAware.life and we will take reasonable steps to ensure that it is corrected. In order to protect your personal information, we may require identification from you before changing or releasing any requested information.

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy or WellAware’s privacy practices, please contact us at:

WellAware Privacy Officer

Call: +61 411 699 107
Email: privacy@WellAware.life
Mail: WellAware.life Pty Ltd
PO Box 252
Black Rock, Victoria, 3193

We will quickly acknowledge access or correction requests, or complaints, and use our best endeavours to respond fully within 30 days of receipt of your request.
If you think that we have failed to resolve a complaint satisfactorily or you still have a concern, or would like more information you can contact the Office of the Australian Information Commissioner in any of the following ways:

Online: https://www.oaic.gov.au/individuals/
Call: 1300 363 992
Email: enquiries@oaic.gov.au
Fax: +61 2 9284 9666
Mail: Office of the Australian Information Commissioner,
GPO Box 5218, Sydney NSW 2001, Australia
(or GPO Box 2999, Canberra ACT 2601, Australia)

How and when is my data deleted?

The App includes a feature allowing you to delete your account at any time. This is irreversible and will permanently and immediately delete all data associated with your account. Otherwise, WellAware will only keep your personal information for as long as is necessary for the purposes of the App, or as required by law. When your personal information is no longer needed for the purpose for which it was collected, we will take reasonable steps to destroy or permanently de-identify it. However, most of the personal information is or will be stored in client files which will be kept by us for a minimum of 7 years.

Last updated: 10 Sep 2020