Lucky Health Pty Ltd (ACN 613 773 149) (‘Lucky Health’, ‘we’, ‘us’, or ‘our’) is an Australian technology company specialising in the provision of an innovative mobile application designed to assist end users to manage and adhere to their treatment plans in a positive, effective and rewarding way (Perx App) and other health and wellbeing services made available through the Perx App and other online platforms and websites provided by Lucky Health (collectively the Services). We have services agreements with a number of organisations including insurers, pharmaceutical companies and medical providers (Commercial Partners) pursuant to which we make the App available for use by people like you. We also have arrangements with a number of business partners for the provision of rewards (such as discounted goods or services)to users based on reported adherence through the Perx App (Rewards Partners).
We will need to collect certain personal information about you in order to grant you access to the Perx App and to provide our Services to you. We may collect the following types of personal information relating to you:
With your consent, we may also collect certain health information about you including but not limited to:
Where possible we will collect personal information directly from you, however in certain circumstances it may be necessary to collect information about you from third parties. If we receive information about you from someone else, we will take reasonable steps to make you aware of the facts and circumstances of that collection.
We may collect your personal information in a number of ways including:
You may choose to deal with us on an anonymous basis or using a pseudonym. However, you acknowledge that if you do not provide us with the information we request, or if the information you provide to us is not accurate, our ability to provide the Perx App or the Services, or to otherwise fulfil the purpose for which you have provided your information may be severely limited.
We may collect, hold, use and/or disclose your personal information for the following purposes:
We may use your personal information to send you direct marketing communications and information about our services and products, and other related services and products if we have your permission or a legitimate interest in doing so. The Commercial Partner who authorised your access to the Perx App (if any) may also use your personal information for direct marketing purposes. In addition, our Rewards Partners may send you direct marketing communications and information but only where you have accepted a reward from them through the Perx App. We will not disclose any of your personal information to a third party for the purpose of direct marketing unless they are one of our Commercial Partners or Rewards Partners.
Direct marketing communications may take the form of emails, SMS, mail or other forms of communication, sent in accordance with the Spam Act 2003 and the Privacy Act. If you do not want to receive marketing material directly from us, you may opt-out by contacting us using the details set out in the Contact Us section below or, where the marketing material is sent via email, by following the ‘unsubscribe’ instructions that appear at the bottom of all marketing emails we send to you. If you wish to opt out of receiving marketing communications from our Commercial Partners or Rewards Partners you should contact them directly, or follow the ‘unsubscribe’ instructions that appear in the marketing communications sent by them (if any).
You acknowledge that we may receive remuneration from our Commercial Partners or Rewards Partners for communicating with you about their products or services, or for providing you with promotional items from them.
The information we collect from you will be kept strictly confidential and secure at all times. Where it is necessary to disclose your personal information to third parties this will be done in a manner that is consistent with the APPs and only for a purpose consistent with the purpose for which the information was originally collected from you.
Importantly, we will not give, sell, rent, loan or otherwise disclose any personal information (including health information) to any third party, unless:
We may use your personal and medical information in de-identified form (de-identification being a process by which a collection of data or information is altered to remove or obscure personal identifiers and personal information) to assist us in running our business. We may also provide de-identified information in aggregated form to third parties for research, marketing and other purposes.
This information may include (but is not limited to):
We may disclose personal information and health information outside of Australia but only to third party service providers that are engaged by us to act on our behalf and assist with our business functions and delivery of the Services and the Perx App. If we transfer your information to third parties outside Australia, we will take steps to ensure that your privacy rights continue to be protected to ensure that these third parties are either covered by data privacy laws substantially similar to those in Australia or the relevant third party adheres to data privacy standards substantially similar to the APPs.
While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.
We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our website may not work as intended for you if you do so.
We employ a variety of security technologies and measures designed to protect your information from unauthorised access, use, or disclosure. For example, we use data encryption (at rest and in transit), firewalls and other security devices for our computer systems and cloud-based services. All of your personal information is stored on secure servers located in Australia which are protected by locked cages, 24/7 onsite security and surveillance and biometric access controls and all web-hosting is SSL-encrypted.
In addition, we have procedures that limit the access our employees and contractors have to your personal information. Only those people with a genuine need to know will have access to such information. We educate our employees about the importance of confidentiality and privacy through standard operating procedures and internal policies on data privacy and corporate integrity.
Your information is kept while we need it to provide the Services to you and where applicable, for as long as we are required to keep it to comply with relevant statutory requirements. Where we determine that it is no longer necessary to hold your personal information we will securely destroy, delete or permanently de-identify that information to the extent it is possible to do so.
If we become aware of unauthorised access to or disclosure of your personal information, we will take appropriate steps to rectify the data breach and notify you as soon as practicable and provide you with a description of the breach, the type of information involved and any recommended actions you can take to protect yourself.
You can access the personal and health information we hold about you by contacting us at email@example.com. We will need to verify your identity before allowing you to access your personal information.
We may refuse to allow you to access your personal information where:
If we cannot provide you with access to your information, we will advise you of the reasons in writing.
If you think that any personal or health information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal or health information, you can contact us at firstname.lastname@example.org. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time.
If you think that we have failed to resolve the complaint satisfactorily, you may refer the matter to the Officer of the Australian Information Commissioner:
Mail: GPO Box 5218, Sydney, NSW 2001
Phone: 1300 363 992
Perx Support Team
For more information on your privacy you can visit www.oaic.gov.au