25 Nov 2021
1.1. At Innowell, we care about your data and we want you to be able to know and understand how we collect, use and disclose your personal information when you use and interact with our Platform, including our Innowell Individual and Care services, customised versions of our services created for our partners and our website located at www.innowell.org.
1.2. In this policy references to ‘we,’ ‘our’ or ‘us’ means Innowell Pty Ltd (ACN 617 239 166) and ‘you’ or ‘your’ means you.
2.1. The Privacy Act 1988 requires organisations that are bound by the Australian Privacy Principles (APPs) to have a privacy policy. This privacy policy sets out the way in which we collect and handle personal information.
2.2. We may amend or update this policy from time to time. If this happens, we will publish any updates on our website and notify you by email or by posting a notice of the changes in the platform. If you do not agree with the changes, you must cease accessing the platform. If you continue to access or use the platform after the changes come into effect, we will assume that you have agreed to them.
3.1. The Innowell Platform is cloud-based software for supporting mental health and wellbeing.
4.1. We collect the following categories of personal information:
4.2. The Innowell Platform is designed to provide services to you that are suitable for your individual needs. Because of this, the exact nature of the personal information that the Innowell Platform collects and handles will differ from person to person.
5.1. We collect personal information through the following ways:
6.1. The primary purpose for which we use your personal information is to provide you with access to, and use of, the Innowell Platform where you have a valid subscription.
6.2. We also use personal information for several other related purposes, including:
7.1. This part summarises how do we deal with the personal information we collect or receive in connection with your use of the Innowell Platform and participation in any healthcare research studies (each a Study and collectively, Studies). To participate in any Studies, you will be presented with a consent form (Informed Consent) for the Study. By using the Innowell Platform, you consent to the collection, use, and sharing of your personal information as described in this privacy policy and as outlined in the Informed Consent. We use the term Study Team to refer to all the entities that may have access to data collected from or about you through the Innowell Platform or as part of the Studies. For all Studies, the Informed Consent will include specific information about the Study Team. The Study Team is also obligated to protect your personal information.
7.2. Your personal information, if collected through the Innowell Platform, may be used for purposes described in the Informed Consent including:
8.1. We may also disclose your personal information for purposes permitted by the APPs. These include disclosure:
9.1. We take all reasonable steps to protect your personal information from misuse, interference and loss as well as from unauthorised access, modification and disclosure through the following measures:
9.2. Although we take appropriate measures to safeguard the security of your personal information, we cannot guarantee its security. To assist in preventing unauthorised use or disclosure of your personal information, you must keep confidential any sign-in information and passwords related to your subscription to the Innowell Platform.
9.3. In the event of any data breach, we will follow the specific requirements of the Privacy Act 1988 and the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth).
10.1. Some of your personal information that is collected by the Innowell Platform is entered directly by you and is always accessible to you when you log in to the Innowell Platform. If your contact details change, we ask that you update this information promptly.
10.2. You can access, view, manage and update your personal information details, research data sharing consent status, health domains and care options at any time. Simply sign-in to the Innowell Platform to view and update your information.
10.3. Otherwise, you may contact the Innowell Privacy Officer if you think that your personal information is inaccurate on the Innowell Platform.
11.1. We will only keep your personal information for as long as is necessary for the purposes of the Innowell Platform, or as required by law. When your personal information is no longer needed for the purpose for which it was collected and you have been inactive on the platform for more than 12 months, we will take reasonable steps to erase your personal information from our records by either permanently deleting or de-identifying your personal information.
11.2. To request for your personal data to be erased – please contact the Innowell Privacy Officer
12.1. If you have any queries or complaints about our privacy policy or Innowell’s privacy practices, please contact us at:
Call: +61 2 5500 9355
Email: [email protected]
Mail: Innowell Pty Ltd, Suite 215, 79-83 Longueville Road, Lane Cove NSW 2066, Australia
12.2. We will quickly acknowledge access or correction requests, or complaints, and use our best endeavours to respond fully within 30 days of receipt of your request.
12.3. If you think that we have failed to resolve a complaint satisfactorily or you still have a concern, or would like more information you can contact the Office of the Australian Information Commissioner in any of the following ways:
Online: https://www.oaic.gov.au/privacy/privacy-complaints
Call: 1300 363 992
Email: [email protected]
Fax: +61 2 9284 9666
Mail: Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001, Australia (or GPO Box 2999, Canberra ACT 2601, Australia)
Last updated: 25 November 2021
05 September 2022
This Canadian Privacy Addendum ("Addendum”) applies to the collection, use and disclosure by Innowell when it is engaged by certain Canadian organisations to provide access to the Innowell Platform in Canada. This Addendum is meant to supplement Innowell’s Privacy Policy. In the event of a conflict between the terms of this Addendum and Innowell’s Privacy Policy, the terms of this Addendum shall take precedence.
In addition to the general clauses below, there are provisions exclusive to certain provinces which will be set out under the relevant sub-heading. The provisions set out under each sub-heading will only be applicable to the relevant province.
We will only keep your personal information and health information for as long as is required under our contractual obligations with your health service provider or as required by law. When your personal information is no longer needed for the purpose for which it was collected, we will return it to your health service provider or permanently destroy it or render it non-identifying and, where applicable, as directed by your health service provider. Information provided to the Innowell Platform will be stored in client files which will be retained for a period that is necessary and required by law.
Whilst we take precautionary security measures as set out in our Privacy Policy, in the event of a data breach we will follow the applicable legislative requirements in Australia. In addition, we will assist your health service provider in complying with the applicable Privacy law requirements as may be required contractually. This may involve notifying you or the relevant Information Privacy Commissioner of your province.
If you think that we have failed to resolve a complaint satisfactorily or you still have a concern, you may contact your health service provider or the Information and Privacy Commissioner of your province.
If you:
you may contact your relevant health service provider below:
If your health service provider is located in Ontario, Canada then the following provisions under this sub-heading apply.
Your health service provider is required by law to maintain the confidentiality and privacy of individuals’ personal and health information in compliance with the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5 (“PIPEDA”) and the Personal Health Information Protection Act, 2004, S.O. 2004, c.3 (“PHIPA”).