Privacy Policy
Rosemary Health Pty Ltd T/A RoseRx (ACN 632 003 377) (“RoseRx”, “we, “us” and “our”) is fully committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth).
This Privacy Policy sets out how we will collect, use, protect and share the personal information we collect about you when you access our website and use the Platform or Digital Services, as such terms are defined in our User Terms.
This policy does not apply to information collected by operators or providers of third-party websites, applications, or telehealth and other services, including those that may be linked to, or accessible from, the Platform or Digital Services. Please read the privacy policies describing how third parties handle your personal information.
Types of personal information we may collect
The types of information we may collect include:
- name and contact details (e.g. address, email and telephone number);
- demographic information (e.g. date of birth and gender);
- professional information (e.g. if you are a health professional, including AHPRA registration numbers);
- insurance information, medical history, prescriptions, purchased medication and other health information or other information supplied by you;
and information about your use of the Platform or Digital Services, including:
- interaction information, such as information you provide to request a service or report a problem and information about how you access and use the Platform or Digital Services;
- technical data such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Platform or Digital Services; and
- web analytics data which we may collect directly or use third party analytics tools, to help us measure traffic and usage trends for our products and services.
Circumstances of collection
How do we typically collect your personal information?
We typically collect your personal information in the following ways:
- directly from you when you provide it to us, such as through e-mail, phone calls, text messages, website forms, and our webchat function on our Platform or Digital Services, including via the use of third-party applications, services, and products that we integrate into the Platform or Digital Services;
- automatically through records of your activities as you navigate through or use the Platform or Digital Services;
- from third parties, for example, service providers, and business partners; and
- by generating new information (including predictions) based on other information about you or attributed to you.
Cookies and similar technologies
We and our service providers may use cookies, local storage, session storage, web beacons, and other data collection and analytics technologies to receive and store certain types of information when you interact with the Platform or Digital Services.
A cookie is a small file or piece of data sent from a website and stored on the hard drive of your computer or mobile device. Local storage and session storage technologies are an alternative to cookies that store and save data locally only. You may refuse to use cookies, web beacons or some of the proprietary measurement software features by selecting the appropriate settings on your browser or the settings section of your mobile or tablet device. However, please note that if you do this, this may cause certain parts of the Platform or Digital Services to be unavailable to you or to not work as intended.
Web analytics and advertising services
We and our service providers may use web analytics and advertising services such as Google Analytics, Facebook Pixel and Instagram, to collect certain information relating to your use of our Platform or Digital Services and provide you with interest-based advertising based on your online activity.
Why we collect your personal information
We collect personal information (and may use and disclose it) for a variety of reasons in connection with the Platform and Digital Services including to:
- provide you with the Platform and Digital Services;
- provide you with other information, products, or services that you request from us or that we believe may be of interest to you;
- provide services to our clients and partners;
- personalise your experience with us, develop, support, maintain, secure, audit, review, and improve the Digital Services and other products and services that we may develop from time to time;
- analyse data and information about the provision, use, activity, and performance of the Platform and Digital Services and any other products and services, including those that we may develop or provide in the future, as well as of their users, including you;
- generate and share de-identified statistical data, including through matching your information with other data, to uncover collective insights about the use of our services or the services and products of our clients and partners; and
- deal with your complaints, returns, enquiries and requests.
We may also collect, use and disclose your personal information:
- to operate our business including to maintain and update our records;
- to exercise our rights and discharge our obligations under the law;
- to protect the safety, health, rights, property, or security of the Platform and Digital Services and other users;
- to comply with our legal obligations, respond to requests from law enforcement and government agencies or exercise our legal rights;
- to facilitate a sale or restructure of our business; and
- with your consent for any other purpose.
If you do not provide your personal information to us, we may not be able do these things, for example we may not be able to provide you with the Platform or Digital Services.
Disclosure of your information
Our usual disclosures
We may disclose personal information to third parties including:
- our related companies;
- service providers who assist us with the activities described in the ‘why we collect your personal information’ section (eg. IT and infrastructure support services; payment processing services; data analytics services; information, product marketing, or content fulfillment services);
- professional advisers (eg. lawyers, accountants and consultants)
- to a buyer or other successor in interest of our business and to their professional advisers and proposed and actual financiers in the context of a sale of all or part of our business; and
- government and law enforcement agencies (e.g. in connection with lawful information requests).
Overseas disclosures
Some of the third parties described above may be based in countries outside Australia, including in the European Member States and other European countries.
These parties will often be subject to obligations to protect the personal information they have access to, but we will not always ensure they meet specific requirements of Australian privacy laws, and you may not have rights against us or them under Australian privacy laws.
Storage and security of your personal information
We hold personal information electronically and in hard copy form, both at our own premises and with our third party storage providers (which may include in the cloud).
We take protecting the security of personal information seriously and are subject to strict requirements to protect personal information. We use both technological and physical methods to protect personal information from misuse, loss or unauthorised access, modification or disclosure. Depending on the circumstances, these methods may include electronic access controls, premises security and network firewalls.
The transmission of information via the Internet is not completely secure. Although we do our best to protect your information, we cannot guarantee the security of your information when it is transmitted to, on, or through our Platform or Digital Services or otherwise disclosed to us.
Accessing and updating your personal information
Access
We will take reasonable steps to ensure that your personal information which we collect, use or disclose is complete and up-to-date.
You, or your authorised representative, can request access to the information we hold (see ‘Contact Us’ session below).
We may require you to verify the authorisation, and charge a fee to reflect our reasonable costs of responding to your request.
Correction
In many cases, you will be able to correct information yourself online. We will take reasonable steps to correct personal information we hold if it is inaccurate or incomplete on your request without charge.
In some circumstances, we may not be able to comply with a request that you make in respect of your personal information. Where these reasons to refuse a request in respect of your personal information exist, we will advise you of those reasons at the time you make your request.
Queries
If you have any queries, or wish to make a complaint, about this Privacy Policy or the way your personal information has been collected, held or used, please contact us at the contact details set out below.
We aim to respond promptly, generally within 30 days. If you are not satisfied with our decision, you can contact us to discuss your concerns.
If the complaint remains unresolved, you have the option of notifying the Office of the Australian Information Commissioner (OAIC). Contact details can be found at OAIC's website: www.oaic.gov.au.
Contact Us
If you have any questions about this Privacy Policy or the Platform or the Digital Service, or wish to make a complaint, please contact us at compliance@roserx.health.
Revision of this Privacy Policy
This Privacy Policy was last updated on 25th April 2023.
We may change, modify, or revise this Privacy Policy in order to comply with any applicable laws or for any other reason at any time. The variation will take on the date the notice is posted on the website. Where we make material changes that require notice to you under applicable privacy laws, we will use commercially reasonable efforts to directly notify you of such change.