Privacy Policy

CT Operations Pty Ltd (ACN 606 091 258) trading as Oculo™ ("Oculo", "we", "us" and "our").

Oculo™ provides a software platform [located at http://www.connect.oculo.com.au and https://www.connect.oculo.co.nz (Platform) including all applications, tools, information, content, materials, data, products and services made available on the Platform from time to time (Services) to enable improved e-communication between health care providers including optometrists, ophthalmologists, general practitioners, specialists support providers and any and all other similar [accredited] eye health providers who access and use the Platform and any of the Services ('Health care Provider' or 'You"). The Platform seeks to enable improved digital communication between  Health care Providers and streamline the transfer and sharing of Health care Provider data and relevant patient ('Patient') information, including  clinical notes and images, eye care records, referral and medical appointment details and related Patient data and information and user generated content (Data).

Oculo's Privacy Policy has been created because we value You, our users, and Your patients, and we recognise their right to keep personal information private. This Policy explains our information practices for gathering and disseminating information collected through our website, including on the Platform and when providing our Services, and collected offline. By accessing our website and the Platform and using our Services, you acknowledge and agree to the uses (including disclosures) of information described in this Privacy Policy.

We are not responsible for the privacy practices of any third party websites that may be linked on our Platform.

Types of information we collect and hold

The types of information we collect about you will depend on how you use our website and whether you access the Platform and Services.

If you are an Health care Provider who wishes to register for the Platform [and create an Account with us], we will collect the personal information about you that you explicitly provide to us as part of the application process and through your use of the Platform (known as User Information), including your:

  • name and contact details

  • qualifications

  • practice details

  • usage details, including the way you interact with the Platform and your use of or interest in certain products and services

We will also collect and hold details of any support calls, enquiries and complaints made by you.

If you are simply browsing our website, and interacting with it in only the limited way of accessing webpages, we will not collect any personal information about you, and will only collect statistical information about the way you use our website (known as Usage Data). Usage Data is linked to the network address of your computer (known as an IP Address). While it is possible to determine the general geographic location of a computer from its IP Address, without further information, you will not be reasonably identifiable from it alone. Usage Data is not generally classified as personal information.

Personal information is information that identifies you or may reasonably identify you. If you are a Patient, we will NOT collect personal information (including eye health information) (known as Patient Information) directly from you, but will hold any information your Health care Provider submits to the Platform (i.e. as a registered user of the Platform) in the manner and for such purposes as the Health care Provider authorises our collection and use.

We may collect sensitive information from Health care Providers when collecting Patient Information, as defined in the Privacy Act 1988 (Cth) which includes your health information.

How Information is collected

There are different ways in which your information is collected, depending upon the category of that information.

We collect your User Information from a variety of sources including forms, website and Platform interactions, surveys, emails, telephone conversations, and in person. We usually collect User Information directly from you or your authorised representative.

We do NOT collect Patient Information directly from individual patients. Your Health care Provider upload and enter this information as part of their clinical care processes when accessing and using the Platform and our Services.

We collect Usage Data via ‘cookies’ or other similar technologies. Cookies are small pieces of data sent from a website and stored in a web browser, and which may assign an anonymous identifier to the user. Usage Data is gathered in the aggregate only and cannot be traced to an individual user, except to the extent that it is User Information.

How we use and disclose the Information we collect or hold

We use User Information for the purposes of providing the service on, maintaining and developing, the Platform. We may also use User Information in connection with or related to the purpose with which the information was obtained, and for the direct marketing of products and services we offer, including via e-newsletters, unless you opt-out of receiving direct marketing.

We do not use or disclose Patient Information other than as directed by Health care Providers making referrals and other clinical communications via the Platform. If Patient Information contains sensitive information we will not use that Patient Information for a secondary purpose, unless you would reasonably expect that the information would be used for that purpose and that purpose is directly related to the primary purpose of collection.

Your Health care Provider, in accordance with their privacy policy and professional obligations, is responsible for obtaining your consent to disclose Patient Information to the practitioner to whom you are being referred via the Platform and your consent for us, as an intermediary who facilitates the referral process by providing the Platform, to disclose your Patient Information to that other practitioner. Unless and until you revoke your consent from your Health care Provider to disclose your Patient Information via the Platform, you will be considered to have provided your consent to our use (including disclosure) of your Patient Information in this way.

We may de-identify Patient Information and use this in aggregate form for research purposes. We will ensure that all personal information is de-identified in such a way that it cannot be reassembled and does not contain any personal information.  De-identified Patient Information may be shared with third parties for research purposes.

We may de-identify and use Usage Data to compile statistical information about the use of our website, and may also use Usage Data  to make our advertising more relevant to you and to offer you other products that we believe may be of interest to you. We only record your IP Address to assist with the diagnosis of problems or support issues with our website or the Platform.

Parties with whom we may share Information

We facilitate the communication of Patient Information between certain Health care Providers who use the Platform during their patient referral and clinical care processes, but we will not otherwise disclose it to any third party except in accordance with this Privacy Policy.

We share User Information with external service providers directly involved with online transactions (e.g. for billing purposes), or otherwise with your consent. These external providers may also collect personal information directly from you, such as payment information for billing purposes, and for further details about how each external provider handles User Information, we recommend that you visit their respective websites to read their respective privacy policies.

If required by or authorised under a law or a court or tribunal order, for example, in response to a court order, subpoena, or law enforcement agency’s request, we may disclose any information we collect or hold without your consent only to the extent necessary and in accordance with such requirements or authorisations.

Information Transferred or Stored Overseas

All Patient Information on the Platform is stored in Australia, however, some User Information or Usage Data we collect, or an external service provider collects (e.g. for billing purposes), may be stored on servers located overseas and/or managed by third parties likely to be located in jurisdictions with a similar standard of data protection to Australia such as the USA or Japan. Where Oculo transfers data overseas to jurisdictions that do not have a similar standard of data protection to Australia, Oculo ensures that the use and disclosure of personal information transferred is dealt with in accordance with this Privacy Policy and the relevant privacy principles set out under applicable privacy laws. All third parties are required to meet Oculo’s standards of data protection.  

By continuing to use our web site and/or the Platform, you consent to User Information and Usage Data being provided to, and used by, other providers located overseas.

How do we hold and protect your information?

We hold the information we collect including User Information and Patient Information in physical and electronic format. Oculo uses its best endeavours to protect the unauthorised use or disclosure of the information it collects or holds, including User Information and Patient Information. This includes using security safeguards as is reasonable in the circumstances, including industry standard techniques such as firewalls, encryption, intrusion detection and site monitoring. While we strive to protect your information, no data transmission over the Internet can be guaranteed to be 100% secure, and we cannot guarantee the security of any information you send to us or receive from us, especially via e-mail, which uses third party providers. Such information cannot be protected by Oculo until it reaches us. Once we receive your transmission, we make our best effort to ensure its security on our servers.

Your say

Access and Correction of Personal Information

You may request access to and correction of any personal information we collect or hold about you by writing to us at info@oculo.com.au. We will use our best endeavours to respond to your request within 30 days of receiving it. There are some circumstances in which we are not required to give you access to your personal information. Oculo may not accommodate a request to change or delete personal information if it believes doing so would violate any law or legal requirement, or cause the information to be incorrect.  In those circumstances, if requested by you, Oculo shall take such steps as are reasonable, to attach a statement provided by you to the information of the correct sought.

There is no charge for requesting access to your personal information but we may require you to meet our reasonable costs in providing you with access such as photocopying costs.

You should use all reasonable efforts to keep Patient Information up to date, accurate and relevant. Oculo takes reasonable steps to ensure that any personal information we hold is up-to-date, accurate, relevant, not misleading and complete.  Oculo will not keep personal information for longer than required for the purposes for which the information may be lawfully used.

Feedback and Opting Out

If you have any questions or comments about Oculo in relation to privacy issues, or consider there may have been a breach of the Australian and/or New Zealand Privacy Principles in the way we handle your personal information, please contact us and we will use our best endeavours to respond to you within 30 days. If you have any concerns about your Patient Information being transferred via the Platform, please contact your Health care Provider.

If you are still unsatisfied with the way we have handled your personal information, you may contact the Office of the Australian Information Commissioner (www.oaic.gov.au) or the New Zealand Office of the Privacy Commissioner (www.privacy.org.nz) for further guidance.

If you no longer wish us to use your User Information, Usage Data or IP Address for certain purposes, you can do any or all of the following:

  • opt out of receiving online communications from us by clicking the ‘unsubscribe’ link at the bottom of the newsletter, advertisement or other communication (as applicable); or

  • delete existing cookies from your web browser and/or disable cookies on your computer and/or other devices (as appropriate). Depending on the particular browser you are using (e.g. Google Chrome, Safari, Internet Explorer, Mozilla Firefox), this can usually be done on your computer by accessing your ‘Browsing History’ through the ‘Settings’ or ‘Options’ menu (or equivalent) in your web browser, or if you are using a different device, then in the ‘Settings’ for that device. If you do not disable cookies in your web browser, and you subsequently visit our website, fresh cookies are likely to be placed and you may need to repeat the process of deleting existing cookies.

If you do opt out of receiving direct marketing materials from us, we will no longer use your information for those purposes, however we may use your information for the limited purpose of contacting you directly in relation to your use of any Platform.

If you disable cookies in your web browser, delete existing cookies, or take other steps to ‘opt out’, the website or Platform may not work properly and your experience with those sites will be less personalised and may be less enjoyable. Deleting existing cookies from your web browser may also cause it to lose recorded information for other web sites, such as previously used usernames and passwords.

Your withdrawal of consent for us to use your User Information for certain purposes may mean that we can no longer provide the Platform to you.

Privacy & Site Changes

From time to time, Oculo may review and update its Privacy Policy. Revised versions will be updated on the website.

Published 22 October 2018