Privacy Policy

PRIVACY POLICY

INTRODUCTION

Kailo Medical Pty Ltd ACN 151 330 997 and its related companies (we, us, our) regard the privacy of our customers, personnel, suppliers and other individuals who visit our website, interact with our products and services, or communicate with us, as important. This privacy policy sets out how we collect, use, disclose, store and protect your personal information.

‘Personal information’ is defined in the Privacy Act 1998 (Cth) (the Act). In general terms, personal information is information (whether that information is a fact or an opinion) about an individual who is identified or reasonably identifiable from that information, or from other information combined with that information.

Some types of personal information are classified as 'sensitive information' and/or 'health information'. These are subject to additional protections under the Act. Sensitive information can include information about your racial origin and your health status. Health information generally means information or an opinion about an illness, injury or disability and may include information about symptoms, diagnoses and information about any health-related service you have had or will receive, including any test results, clinical notes, medical reports and appointment details.

CHANGES TO THIS POLICY

We may make changes to this privacy policy from time to time, including to reflect changes to our website or our products or services, that may impact how we handle personal information. If we make a change, we will upload the revised privacy policy to our website, so we recommend you check back regularly to review any changes. Changes to this privacy policy will apply from the date that we upload the revised policy to our website, and your continued use of our website or our services after that time constitutes your acceptance of the changes.

PERSONAL INFORMATION WE COLLECT

The types of personal information that we may collect about you will depend on the purpose for which the personal information is collected.  This can include:

  • in the case of our customers (including healthcare providers and individual medical professionals such as sonographers, technologists and radiologists) (Healthcare Providers) who are purchasing our products and/or services – your representatives’ contact details including names, email address, telephone number(s), and personal information of your personnel that may be inputted into our products and/or services;
  • if you are browsing our website or using our platform - technical information and general analytics, such as web browser type and browsing preferences, Internet service provider, referring/exit pages, date/time stamps, IP address, time zone and geolocation data (if applicable), some of which is collected automatically, as well as information about your usage of our website and/or platforms when browsing (see: "How do we collect personal information" below);
  • if you have contacted us to make a complaint, provide feedback, submit an enquiry or request a call-back – your name, mailing or street address, email address, and telephone number(s), and any personal information in the body of your communication;
  • if you have requested to receive news from us about our products and services, or our offers, promotions, or events– your name, mailing or street address, email address, and telephone number(s), and any personal information in your request;
  • in the case of prospective employees or contractors – your name, mailing or street address, email address, and telephone number(s), and any personal information in your application. We also collect personal information where you voluntarily submit a CV or resume to us. We collect this regardless of whether your application is unsolicited or in response to a position we have advertised. We also collect personal information that is recorded during any interview, or obtained through any pre-employment checks and government-issued identifiers such as tax file numbers;
  • in the case of visitors to our sites where we have audio visual monitoring technology installed - audio visual footage and recordings that may include images of individuals who attend those sites; and
  • in the case of our suppliers, contractors and distributors – the name, mailing or street address, email address, and telephone number(s) of relevant contacts and individual service providers.

We also collect or process the following types of sensitive information and health information:

  • in the case of prospective employees or contractors – in certain circumstances, details of medical conditions or disabilities to permit us to comply with our legal obligations; and
  • in the case of patients of Healthcare Providers – health information (as well as personal information that is not sensitive) that you may provide through the Kailo Questionnaire or KailoFlow™ (such as details of any health condition and your health history) and health information (such as your appointment details and health records), medical images, information, reports and diagnoses provided through your Healthcare Provider’s use of our products and/or Services (including through our KailoFlow™ and KailoHub™ platforms). 

HOW WE COLLECT PERSONAL INFORMATION

We may collect personal information that you provide directly to us, including when you:

  • access or use our website;
  • licence, access or use any of our products and/or services;
  • supply us with products or services;
  • sign up to receive news and offers, promotions, or events from us;
  • enter surveys, competitions, promotions or request information or material from us;
  • communicate with us (e.g. telephone call, email, in person at trade shows or otherwise); , make an enquiry about us or our products or services,  or you provide us with feedback or suggestions; or
  • apply to work with us or are engaged by us.

In the case of patients of Healthcare Providers, we may collect personal information (including sensitive and health information as outlined above) about you from third parties, such as where:

  • your authorised representative assists you with using the Kailo Questionnaire; and
  • your Healthcare Provider uses our products and/or services and discloses your personal information through our platforms such as KailoFlow™ and KailoHub™, in the course of them providing their services to you. You should contact your Healthcare Providers directly if you have any questions about how they handle your personal information.

In limited circumstances, we may also collect personal information about you from third parties (such as mutual contacts or from your referees during the recruitment process if you apply for a job with us, our service providers or through promotional and marketing activities), other third parties where you have consented to this, and/or where the information is publicly available.

Whilst we will always maintain robust privacy practices, we are not responsible for the privacy practices of third parties, so you should review their relevant privacy policies to satisfy yourself as to how they protect and handle your personal information.

You are under no obligation to identify yourself to us or provide your personal information to us. You can also notify us that you wish to deal with us using a pseudonym. However, if you choose not to provide such information or if you use a pseudonym, we may not be able to respond to your request or provide you with certain products, services, information or the assistance you require.

By providing us with personal information you consent to us handling that information in accordance with this privacy policy.

HOW WE USE YOUR PERSONAL INFORMATION

We use and disclose your personal information for the purposes it was collected, including to manage our business and the following purposes:

  • to verify your identity
  • to provide our products and services to relevant Healthcare Providers;
    • if you are a patient of a Healthcare Provider:
    • to store and to provide to your Healthcare Providers the personal information and health information that you have provided through the Kailo Questionnaire;
    • to receive and store your personal information and health information via the KailoFlow™ and KailoHub™ products in the course of providing our products and/or services to your Healthcare Providers; and
    • to support your relevant Healthcare Providers in the provision of their services to you;
  • to enable the proper operation and functionality of our products and services;
  • to provide you with updates on our products and services that we think may be relevant to you, and to market our products and services to you, including contacting you electronically for this purpose (see “Direct Marketing Communications” below);
  • to develop, and improve our website, products, and services, including to create datasets to train artificial intelligence (AI) systems and to develop new technologies in connection with our products and/or services (where practicable, information will be de-identified in a manner that prevents re-identification when used for those purposes);
  • to bill you or the organisation you represent and to collect money that you or they owe us;
  • to contact you and respond to communications from you, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner;
    • to gain insights about you so that we can serve you better, understand your preferences and requirements, personalise your experience and/or enhance products and services that we offer or provide to you;
  • to consider you for a job with us (whether as an employee or contractor) or other relationships with us;
  • to comply with our legal obligations, and to protect and/or enforce our legal rights and interests, including defending any claim;
    • to prevent, detect and investigate suspicious, fraudulent, criminal or other activity that may cause you, us or others harm, including in relation to our products and services; and
  • for any other purpose authorised by you or applicable privacy laws, including the Act.

We may also rely on exemptions under applicable privacy laws to use and disclose your personal information in appropriate circumstances, such as the employee records exemption in the Act.

We may also use or disclose your personal information for our administrative, marketing (including direct marketing), planning, product or service development, quality control, survey and research purposes.

DIRECT MARKETING COMMUNICATIONS

We will only send you direct marketing communications (either through mail, SMS or email), including any news and offers, promotions, or events, where you have consented for us to do so.

You can unsubscribe from any marketing communications from us by following the opt-out instructions on any communications sent to you. You can also exercise this right at any time by contacting us using the details at the end of this privacy policy.

DISCLOSING YOUR PERSONAL INFORMATION

We may disclose your personal information to third parties in connection with the purposes described above (see the "How we use your personal information" section). This may include disclosing your personal information to the following types of third parties:

  • our contractors, and other companies within our corporate group;
  • any third party service providers who assist us in performing our functions and activities and support our website, corporate IT systems or our products and services, including our IT service providers, cloud service providers, data storage providers and telecommunications providers;
  • Healthcare Providers and their staff (through their use of our products and services);
  • third party marketing services providers;
  • our professional consultants and advisors (such as lawyers, accountants or auditors) and insurers to protect and/or enforce our legal rights and interests;
  • a person who can require us to supply your personal information (e.g. a regulatory authority) in order to comply with a legal or regulatory obligation, or in response to a non-mandatory request for information;
  • any other person as required or authorised by law (e.g. a law enforcement agency);
  • a new or prospective owner of our business or our assets in connection with any merger or sale of all or part of our business or assets, and advisors to that third party; and
  • any other person authorised by you.

We use third party service providers to provide us with web analytics services, such as Google.  You can read more about how Google uses your personal information at the following link: https://support.google.com/analytics/answer/7318509?hl=en

If we disclose your personal information to third parties we will use reasonable commercial efforts to ensure that those third parties only use your personal information as reasonably required for the purpose of disclosure and in a manner consistent with applicable laws, for example (where commercially practical) by including suitable privacy and confidentiality clauses in our agreement with a third party service provider to which we disclose your personal information.

Customer data (including personal information) is generally stored in the country in which the customer is located (with the exception of customers located in New Zealand, whose data will be stored in Australia). We may disclose personal information to entities or parties that are located overseas in some circumstances. The entities to whom we disclose your personal information may be located in Australia or other countries, including Canada and the United States. We also use cloud services as part of our corporate IT systems that may be hosted in data centres outside of Australia. You consent to us transferring your personal information from the country in which you are located to such countries for the purposes outlined in this privacy policy. If your personal information is sent to a recipient in a country with data protection laws which are at least substantially similar to the Act, and where there are mechanisms available to you to enforce protection of your personal information under that overseas law, we will not be liable for a breach of the Act if your personal information is mishandled in that jurisdiction. Where we transfer your personal information to a recipient in a country that does not have laws that provide the same level of privacy protection as Australia, we will take commercially reasonable steps to secure a contractual commitment from the recipient to handle your information in accordance with the Act.

STORING AND PROTECTING YOUR PERSONAL INFORMATION

Patient health information will generally be stored on your Health Providers’ systems on their premises or in infrastructure that is controlled by them, or through cloud-based infrastructure used by them. Patients should refer to the relevant privacy policies of their Healthcare Providers for further information. 

For other personal information, we store your personal information in paper-based files and/or using electronic record keeping methods in secure databases.  Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived, securely stored, or securely destroyed).  We do combine or link personal information we hold about you with other personal information about you from third party sources in order to perform the functions referred to above.

We take reasonable steps to protect and safeguard the personal information we hold from misuse, interference, loss and unauthorised access, modification or disclosure.

We maintain physical security over paper and electronic data stores, such as through locks and security systems at our premises.  We also maintain computer and network security - for example, we use firewalls (security measures for the internet), encryption, backup security measures, and other security systems such as user identifiers and passwords to control access to our computer systems.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

Generally, we will retain your personal information for the period necessary for the purposes for which your personal information was collected (as outlined in this privacy policy) unless a longer retention period is required by law or if it is reasonably necessary for us to comply with our legal obligations, resolve a dispute or maintain security.

When personal information is no longer required, we will take reasonable steps to destroy or delete the personal information from our systems or de-identify the personal information.

ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION

Subject to certain grounds for refusal set out in the Act, you have the right to access your personal information that we hold in a manner that is reasonable and practicable and to request a correction to your personal information.

When you exercise these rights, we may need evidence to confirm that you are the individual to whom the personal information relates, or a person who is authorised to make a request on their behalf. In respect of a request for correction, if we are satisfied that the information is incorrect, we will take reasonable steps to make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you believe the personal information is incorrect and have requested the correction. If you want to exercise either of the above rights, you can contact us by email at compliance@kailomedical.com. Your email should provide evidence of who you are and set out the details of your request (e.g. the personal information, and/or the correction, that you are requesting). We will respond to your request within a reasonable period. We may charge you our reasonable costs of providing you with copies of your personal information in limited circumstances, but we will let you know if that is the case.

If you are a patient seeking access to or correction of your personal information, you should contact your Healthcare Providers.

INTERNET USE AND EXTERNAL LINKS

While we take reasonable steps to maintain the security of our website and systems, providing information over the internet is not without risk due to the fact that the internet is inherently insecure. Accordingly, we cannot guarantee the security of transmission of personal information that is disclosed to us online.  You transmit your personal information to us online at your own risk and you are encouraged to exercise care in sending personal information via the internet.  Please notify us immediately if you know or reasonably suspect that your personal information has been subject to any data breach, breach of security or other unauthorised activity

If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information. We are not responsible for any content on these other sites, or for how the owners of that site collect, use and protect personal information that you may provide to them. We suggest you review that site’s privacy policy before you provide any personal information.

COOKIES AND ANALYTICS

We use cookies (a small data file with an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of our website and to optimise or personalise certain features of our website for you. While cookies do not normally contain personal information, if you have provided us with personal information as part of using our website then the cookies we use may be associated with that personal information to enable us to increase the personalisation of our website for you. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.

We also use the following technologies to collect technical information and general analytics:

  • log files, which track actions occurring on our website; and
  • web beacons, tags, and pixels, which are electronic files used to record information about how you browse our website.

You may disable cookies or instruct your browser to stop accepting them and other tracking technologies by changing the settings on your browser, although this may mean that you cannot use all of the features of our website.

Technical information and general analytics are used for the purpose of gauging visitor traffic, trends and delivering personalised content to you while you are using our website, and to improve our website and our products and services.

CONTACT US

If you have any questions about this privacy policy, or if you would like to request access to, or correction of, your personal information, or to make a complaint you can contact us via the following details:

Privacy Officer

Level 3, 108 Power Street

Hawthorn VIC 3122

Email: compliance@kailomedical.com

Phone: 1300 052 456

We are committed to resolving any complaints reasonably and to ensuring that we are doing the right thing by our customers. We will make all reasonable inquiries and your complaint will be assessed with the aim of resolving any issue in a timely and efficient manner.

If you have raised a complaint with us and you are unsatisfied with the outcome or have further concerns about the way we handle your personal information, under the Act, you may complain to the Information Commissioner at the Office of the Australian Information Commissioner, whose contact details are set out below:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone:   1300 363 992
Online:   www.oaic.gov.au
Email:     enquiries@oaic.gov.au

Version no:  2025.1
Last update: 12 June 2025

 

It’s 2x as fast - you don’t have to dictate or worry about accuracy

Talk to a member of the Kailo team today