Innowell Privacy Policy

25 Nov 2021

1. Overview

1.1. At Innowell, we care about your data and we want you to be able to know and understand how we collect, use and disclose your personal information when you use and interact with our Platform, including our Innowell Individual and Care services, customised versions of our services created for our partners and our website located at www.innowell.org.

1.2. In this policy references to ‘we,’ ‘our’ or ‘us’ means Innowell Pty Ltd (ACN 617 239 166) and ‘you’ or ‘your’ means you.

2. About this policy

2.1. The Privacy Act 1988 requires organisations that are bound by the Australian Privacy Principles (APPs) to have a privacy policy. This privacy policy sets out the way in which we collect and handle personal information.

2.2. We may amend or update this policy from time to time. If this happens, we will publish any updates on our website and notify you by email or by posting a notice of the changes in the platform. If you do not agree with the changes, you must cease accessing the platform. If you continue to access or use the platform after the changes come into effect, we will assume that you have agreed to them.

3. About the Innowell Platform

3.1. The Innowell Platform is cloud-based software for supporting mental health and wellbeing.

4. Personal information we collect about you

4.1. We collect the following categories of personal information:

  • (a). Identity information: This information includes information about your identity (such as full name and email address), your demographics (such as date of birth, gender and socio-economic information) and your contact details (such as street/mailing address, telephone numbers, email address and social media handles).
  • (b). Health information: This information is sensitive personal information relating to your health which may include physical health information, sleep-wake cycle, psychological states and medical history whether inputted by yourself or via your clinical service delivery provider.
  • (c). Technical information: This information includes browsing and usage information, in particular via the use of cookies. Acceptance of these cookies is required in order to use the Innowell Platform (please see Innowell Cookie Policy). We may also collect technical data associated with your device (such as IP addresses, access provider, hardware configuration, software configuration, country of origin), or associated with the Innowell Platform (such as log and history of all data exchanges, log and history of connections).
  • (d). Behavioural information: This information relates to behavioural data, including but not limited to, data on location and your usage of the Innowell Platform.

4.2. The Innowell Platform is designed to provide services to you that are suitable for your individual needs. Because of this, the exact nature of the personal information that the Innowell Platform collects and handles will differ from person to person.

5. How we collect your data

5.1. We collect personal information through the following ways:

  • (a). Information shared by you: The main way we collect personal information about you is when you provide it to us;
  • (b). Information shared by your Administrative User: If you’ve been assigned a subscription to the Innowell Platform by an organisation, your Administrative User may provide us with personal information about you.
  • (c). Information shared by your service providers and support persons: If your subscription allows for interoperability between the Innowell Platform and clinical service delivery to you, we may collect personal information about you from your clinician, support persons or our partner when they use or interact with you through the Innowell Platform;
  • (d). Information shared by common third parties: If your subscription allows for interoperability between the Innowell Platform and applications provided by third parties which both you and we have a separate commercial relationship, we may collect personal information from those third parties.

6. How we use personal information

6.1. The primary purpose for which we use your personal information is to provide you with access to, and use of, the Innowell Platform where you have a valid subscription.

6.2. We also use personal information for several other related purposes, including:

  • (a). quality assurance;
  • (b). monitoring and assessing the operation of the platform; and
  • (c). providing technology and help desk support.

7. Research projects

7.1. This part summarises how do we deal with the personal information we collect or receive in connection with your use of the Innowell Platform and participation in any healthcare research studies (each a Study and collectively, Studies). To participate in any Studies, you will be presented with a consent form (Informed Consent) for the Study. By using the Innowell Platform, you consent to the collection, use, and sharing of your personal information as described in this privacy policy and as outlined in the Informed Consent. We use the term Study Team to refer to all the entities that may have access to data collected from or about you through the Innowell Platform or as part of the Studies. For all Studies, the Informed Consent will include specific information about the Study Team. The Study Team is also obligated to protect your personal information.

7.2. Your personal information, if collected through the Innowell Platform, may be used for purposes described in the Informed Consent including:

  • (a). to enroll you in the Study;
  • (b). determining your eligibility for participation in the Study;
  • (c). to conduct and support the Study;
  • (d). to develop health-related products and improvement activities;
  • (e). for other research studies, if permitted in the Informed Consent;
  • (f). to issue research findings and related reports, which will not identify you; and
  • (g). to contact you with surveys or other messages related to the Study.

8. How we disclose your personal information

8.1. We may also disclose your personal information for purposes permitted by the APPs. These include disclosure:

  • (a). to our Study Team partners for research purposes with your consent;
  • (b. to our business partners who are providing us with professional services as part of operating the Innowell Platform but only to the extent required for them to provide their services to us.
  • (c). where necessary, for health and safety purposes where it is unreasonable or impractical for us to obtain your express consent;
  • (d). where we are legally obligated to.

9. How we keep your personal information secure

9.1. We take all reasonable steps to protect your personal information from misuse, interference and loss as well as from unauthorised access, modification and disclosure through the following measures:

  • (a). We only store your personal information on computer systems located in Australia.
  • (b). We ensure that access to these systems is highly restricted and controlled.
  • (c). We implement organisational, physical, technical and administrative security measures.
  • (d). We use encryption to protect your data while it is at rest in the Innowell Platform;
  • (e). We use encryption to protect data communications between the Innowell Platform services and the computer systems;
  • (f). We limit access to your personal information only to staff who have a need to access your perform information to perform a specific task or function.
  • (g). Innowell employees must abide by this privacy policy and are kept up-to-date on security practices.

9.2. Although we take appropriate measures to safeguard the security of your personal information, we cannot guarantee its security. To assist in preventing unauthorised use or disclosure of your personal information, you must keep confidential any sign-in information and passwords related to your subscription to the Innowell Platform.

9.3. In the event of any data breach, we will follow the specific requirements of the Privacy Act 1988 and the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth).

10. How you can access and correct your personal information

10.1. Some of your personal information that is collected by the Innowell Platform is entered directly by you and is always accessible to you when you log in to the Innowell Platform. If your contact details change, we ask that you update this information promptly.

10.2. You can access, view, manage and update your personal information details, research data sharing consent status, health domains and care options at any time. Simply sign-in to the Innowell Platform to view and update your information.

10.3. Otherwise, you may contact the Innowell Privacy Officer if you think that your personal information is inaccurate on the Innowell Platform.

11. How and when is your personal information erased

11.1. We will only keep your personal information for as long as is necessary for the purposes of the Innowell Platform, or as required by law. When your personal information is no longer needed for the purpose for which it was collected and you have been inactive on the platform for more than 12 months, we will take reasonable steps to erase your personal information from our records by either permanently deleting or de-identifying your personal information.

11.2. To request for your personal data to be erased – please contact the Innowell Privacy Officer

12. Contact details

12.1. If you have any queries or complaints about our privacy policy or Innowell’s privacy practices, please contact us at:

Innowell Privacy Officer

Call: +61 2 5500 9355
Email: [email protected]
Mail: Innowell Pty Ltd, Suite 215, 79-83 Longueville Road, Lane Cove NSW 2066, Australia

12.2. We will quickly acknowledge access or correction requests, or complaints, and use our best endeavours to respond fully within 30 days of receipt of your request.

12.3. If you think that we have failed to resolve a complaint satisfactorily or you still have a concern, or would like more information you can contact the Office of the Australian Information Commissioner in any of the following ways:

Office of the Australian Information Commissioner

Online: https://www.oaic.gov.au/privacy/privacy-complaints
Call: 1300 363 992
Email: [email protected]
Fax: +61 2 9284 9666
Mail: Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001, Australia (or GPO Box 2999, Canberra ACT 2601, Australia)

Last updated: 25 November 2021