About this Policy
Spot Check Clinic Pty Ltd as trustee for the Spot Check Trust, ABN: 53 791 423 734 (“us”, “we”, or “our”) recognises the importance of your privacy and respects your right to control how your personal information is collected and used.
Our Services can only be used when you have reached the age of eighteen (18) years. When we identify personal information of children younger than eighteen (18) years old, we delete that data.
The purpose for which we collect Personal Information is to provide you with the best service experience possible on the Site and for our internal business purposes that form part of normal business practices. Some provision of Personal Information is optional. However, if you do not provide us with certain types of Personal Information, you may be unable to enjoy the full functionality of the Site.
As part of Our Services, you can provide further information regarding your skin type and risk profile. We also collect the pictures you take of your skin lesions. When you use Our Services and submit a picture of your skin lesion for analysis by our service, we store the pictures and collect the information relating to your assessment. We do this to be able to assist you with your health. We will ask for your explicit consent to allow us to store this type of information before you use such service. Without your consent, we cannot provide you with Our Services.
To provide Our Services to you, we may collect Personal Information, such as your contact details. This might include your name, email address and contact phone number, your business or company name. We may also collect some financial information about you such as your payment and billing information, which we use to bill you for Our Services and to process your payments. This might include your credit card details. We may also collect details of conversations we have had with you or any other information relevant to us. As part of your health assessment, we may send you follow-up emails regarding the advice we provide to you and to assist you by reminding you to seek medical attention when necessary.
We may also collect Sensitive Information about you such as medical reports, referrals, medication, health history and other important health information where you consent and such information is reasonably necessary to provide Our Services to you.
We automatically collect information through our Site and Our Services that is often not personally identifiable, such as the website from which you came to our Site, your IP address, browser type and other information relating to the device through which you access the Site. We may combine this information with the Personal Information we have collected about you.
Use and disclosure
Personal Information collected by us will generally only be used and disclosed for the purpose it was collected.
We use your Personal Information to assist you in the best possible way. When you consent, your Personal Information may be used or disclosed for the following reasons:
- To supply you with our core service: to screen for, detect, diagnose and manage skin cancers and other skin lesions, and to assess and management skin health and conditions.
- To manage our business and to improve Our Services continuously.
- For our customer service to help you.
- To send you email notifications or SMS messages relating to the results of the analysis of the data you have sent us. This includes emails in which we provide you with information and ask you to provide us with information about possible follow-up actions.
- In order to fulfil the contract you enter into with us when you use Our Services, we have to process some essential information. When you wish to use one of Our Services, we may need to process your email address, pictures of skin lesions, risk assessment and payment information.
- To third-parties or contractors who are integral to the provision of Our Services.
We may, from time to time, use Personal Information for other purposes where it would be reasonably expected by you or if permitted by the Privacy Act, including to effect or enforce a transaction, procuring legal, accounting and auditor’s advice and advice from other consultants. We may also disclose your Personal Information in circumstances where we are compelled by other Australian laws or a court of law to do so.
We may also (for reward) use and share aggregate or non-personally identifying information about clients for market analysis, marketing or other purposes.
In the event that we sell our business, or engage in a transfer, mergers, restructure or change of control or other similar transactions, customer information (containing Personal Information) is generally one of the business assets that forms part of the transaction. Your Personal Information may be subject to such transfer. In the unlikely event of insolvency, Personal Information may be transferred to a trustee or debtor in possession and then to a subsequent purchaser.
We may provide Sensitive Information to other medical service providers, such as your general practitioner or specialist medical practitioners. We will only supply this information with your consent, or in circumstances where it is required for the delivery of health services, such as referral to another health service provider, billing and liaising with government offices regarding Medicare entitlements and payments, where it is necessary to prevent or lessen a serious threat to a patient’s life, health or safety, or other reason permitted by law.
Access and accuracy
You can access and/or correct Personal Information we hold about you at any time by contacting us. We encourage you to contact us to keep your Personal Information up to date.
We will respond to your request for Personal Information within a reasonable time. We reserve the right to charge an administration fee to cover the costs of responding to your request, for example, where Personal Information is archived or held in storage.
If required by law or where the Personal Information may relate to existing or anticipated legal proceedings, we may deny your request for access to your Personal Information. We will respond to your request, setting out the reasons for our refusal in writing.
In most cases, you will automatically have access to any clinical photographs we take and copies of pathology results via the DermEngine/MoleScope service we use. You may download and share this information as you wish. We accept no responsibility for the consequences of your actions should you choose to share this information, alter your own records, or allow access by third-parties.
Storage and security
We will take reasonable steps to protect your Personal Information from misuse, loss, unauthorised access and modification or disclosure. We use commercially reasonable physical, technical and administrative measures to protect Personal Information that we hold, including, where appropriate, password protection, encryption and SSL to protect our Site.
We are not responsible for the storage and security of your Personal Information that is held by third-party service providers including but not limited to DermEngine/MoleScope, FirstCheck, MedicalDirector, Automed, MediRecords, Microsoft, Apple, Google or Snapforms. These third-parties have their own privacy policies and you should read and satisfy yourself that about their privacy obligations with respect to the storage and security of your Personal Information.
Despite taking appropriate measures to protect Personal Information collected, used and stored by us, no data security measures we implement can guarantee 100% security of your Personal Information at all times. We cannot guarantee the security of any Personal Information transmitted to us via the internet and such transmission is at your risk. This is an inherent risk you assume when you use our services.
If we no longer require the use of your Personal Information, we will take reasonable steps to destroy or permanently de-identify it when we are legally permitted to do so.
Personal Information may be stored electronically through third-party data centres, which may be located overseas, or in physical storage at our premises or third-party secure storage facilities. Wherever possible, we use third parties who provide high standards of data security and storage in compliance with Australian Privacy legislation. However, we are not responsible for the storage and security practices of third parties, or data breaches affecting third party providers we use.
Electronic transmission of medical information
In some cases, we may wish to send Sensitive Information about you to you by email or text message. Examples are:
- requested copies of your medical records;
- pathology results for you to have a written copy for your records;
- requested SMS notification of your results;
- email notification about upcoming or missed appointments; and
- correspondence, pathology results and/or photographs of your skin to third parties such as specialists or hospital clinics if we refer you to them.
Because we cannot guarantee the security of unencrypted email or text messages, we will always obtain your permission before sending any Sensitive Information about you by electronic means.
Data breach notification scheme
If we have reason to suspect a data breach has occurred, we will undertake an assessment in accordance with the Notifiable Data Breach Scheme. If we determine there has been an eligible data breach, we will notify you as soon as reasonably practicable.
If the breach relates to the My Health Records Act, we may disclose your Personal Information to the My Health Records System Operator under section 73A of that Act.
An identifier is a unique number assigned to an individual to identify them. Identifiers include Medicare Numbers and Tax File Numbers. We will not adopt an identifier given to you by a government agency as our identifier of you, unless permitted by law.
Anonymous health care
You may request to remain anonymous when you seek services from us. While we endeavour to comply with any request to use our services anonymously or using an alias, there may be circumstances in which it is unlawful or unpracticable to do so. While this will not affect the quality of the medical care you receive, it may, however, result in an:
- inability to claim Medicare or private health insurance rebates for services we provide;
- inability to claim Medicare or private health insurance rebates for pathology or other investigation services we request on your behalf, or services provided by specialists to whom we refer you;
- inability to prescribe medications subsidised by the Pharmaceutical Benefits Scheme; and
- incomplete or inconsistent medical records if you use different names/identifiers when attending or interacting with us. This may result in sub-optimal management of any medical conditions.
Under Australian Privacy Legislation, you do not have the right to anonymity if:
- you are diagnosed with a medical condition (such as melanoma and certain other cancers) that must be recorded and notified to a government department or agency under a public health law;
- you wish to claim a healthcare benefit from Medicare or a private health insurer or purchase prescribed medications subsidised by the Pharmaceutical Benefits Scheme; or
- you wish to gain access to the Personal Information and/or medical records we hold for you.
Your health care will always remain our priority and we are unable to provide services in circumstances where treating you anonymously may compromise your treatment or health outcomes.
We have a legal obligation under the Public Health Act to report certain medical conditions. If, during the course of providing Our Services, we diagnose a prescribed medical condition, we must make a report, including your identity, to the Health Department.
Employment applications and resumés collected by us are safely and securely stored and only used for the purposes for which they were collected.
Cookies, web beacons and analytics
We may send you direct marketing emails and information about products and services that we consider may be of interest to you. These communications will only be sent via email and in accordance with applicable marketing laws, such as the Spam Act 2004 (Cth), and only if you consent to receive marketing emails from us. If, at any time, you would like to stop receiving these promotional emails, you may follow the opt-out instructions contained in any such email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails or promotions from us, we still may send you emails about medical recalls, appointment reminders, pathology results, educational information, your account or any services you have requested or received from us, or for other customer service purposes. We do not provide your Personal Information to other organisations for the purposes of direct marketing.
Consent to international transfer
We may transfer your Personal Information to organisations in other countries. Recipients may include our related entities or employees, external service providers such as administration providers or information technology providers such as cloud storage and data processing. We only transfer information where we reasonably believe that the recipient is legally or contractually bound to principles that are substantially similar to the Australian Privacy Principles.
Changes to this Policy
Complaints and enquiries
Spot Check Clinic
200 Queen Street
Melbourne Vic 3000
or via our website contact form at https://spotcheck.clinic/contact.
If you are not satisfied with our response, you are entitled to contact the Office of the Australian Information Commissioner by calling 1300 363 992 or writing to the Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 1042.