Our commitment to protecting your personal information
Everlight Radiology Limited ACN 120 630 784 (‘Everlight Radiology’, ‘us’ or ‘we’) is committed to protecting your personal privacy and complying with our obligations under relevant privacy legislation, as set out in the Privacy Act 1988 (Cth) and embodied in the Australian Privacy Principles under that legislation (and to the extent they apply, in the other jurisdictions in which we operate including the New Zealand Privacy Act 2020 and the New Zealand Health Information Privacy Code) and other relevant Australian State/Territory health privacy legislations.
3. Personal Information & Sensitive Information
A reference to “personal information” means any information or opinion about you from which your identity is apparent or can reasonably be ascertained, from the information or opinion regardless of whether the information or opinion is:
Personal information can also include sensitive information. “Sensitive information” means information or an opinion (that is also personal information) about matters such as your racial or ethnic origin, religion, political persuasion, membership of a trade or professional association or trade union, sexual orientation or practices, criminal records, or your health, genetic or biometric information. We only hold and collect sensitive information where it is necessary for the purpose for which it is being collected and with your consent unless the collection is required or authorised by law.
4. Application of this Policy
This Policy applies to personal information we receive or collect from or about you. This may occur when you:
visit or use the Everlight Radiology Website or any related software or applications (including any mobile applications);
request or use any of our services;
make an enquiry, request information or register your interest with Everlight Radiology;
become or remain a client of Everlight Radiology;
contact and interact with us or our personnel by any means, such as by email, phone, mail, online communications or in person;
apply for a job with us or express interest in employment or providing services to us or become or remain an employee or service provider with us;
make or receive a payment of any tax invoices we issue; or
provide your personal (including health) information to us in any other way.
When you provide Everlight Radiology with personal information, you consent to Everlight Radiology using, handling and processing your personal information for the purposes and in the ways outlined in this Policy or such other purposes as we may communicate to you from time to time.
You do not have to provide us with your personal information, but if you do not provide us with the personal information we need, we may not be able to provide our services or assistance to you, or on your behalf, or to process your application, enquiry or request, and you may not be able to enjoy the full benefits of our website or our services.
4.1 What kinds of information do we collect?
The types of personal information we collect will depend on what activities you are engaging in or the type of product, service or other activity used or requested by you.
We collect personal information that is necessary to manage our relationships with our clients, employees, service providers and other stakeholders and to assist us in providing our services and other functions and activities. The types of personal information commonly collected for these purposes include:
identification and contact information (e.g. name, age, date of birth, address, phone number, email address etc.);
Medicare provider numbers;
country of residence;
enquiry, information request or complaint details;
your IP address for your interaction with various parts of our Everlight Radiology Website. Your IP address is the identifier for your computer / site when you are using the internet;
educational qualifications, employment history and other employee data in connection with a job application or expression of interest; and
employee or contractor details to include in their personnel files.
In certain circumstances, we may also be required or permitted by law, court or tribunal order to collect certain personal information about you. Where required to do so, we will notify you in accordance with relevant privacy legislation when we collect your personal information and for what purpose.
We only collect sensitive information about you with your consent and if it is necessary for, or directly related to, our functions or activities, except where we are otherwise required or permitted by law to collect, use or disclose it.
4.2 Personal information about employees, contractors or job applicants
Everlight Radiology may also collect personal information from you if you apply for a job (or a position as a contractor) with and/or become employed by (or contract with) us. In these circumstances, you:
authorise us to collect any personal information (whether written or verbal) from any referee or previous employer specified in your application for employment or curriculum vitae for evaluation of your application for employment and to hold such information on your personal file for future evaluation of your employment by us;
acknowledge that your personal information is collected for the purpose of evaluating your application for employment by us and, if you accept employment with us, the assessment of your continued employment by us, and the administration, monitoring and management of your employment by us, and the processing of your remuneration and any PAYG tax obligations; and
acknowledge that a failure by you to provide the requested personal information will have a detrimental effect on our ability to give your employment application proper consideration.
You can request to access and/or correct your personal information in accordance with this Policy.
4.3 How we collect your Personal Information
We will collect personal information directly from you unless:
it is not reasonable or practicable to do so;
you consent to us collecting it from other sources; or
collection is otherwise permitted under relevant privacy legislation.
Everlight will be recording all incoming and outgoing calls for quality control purposes. When providing our services via telephone we collect personal data through recording all incoming and outgoing calls for record keeping and quality control purposes, including for the purposes of quality audits, service level monitoring and for medico-legal purposes. These recordings will be stored in accordance with Everlight’s records management and record retention policies and practice, and Everlight Information Handling and Protection Policy. The recordings will be stored in Amazon Web Services instances located in the United Kingdom.
4.4 Purposes of collecting and using your Personal Information
We collect your personal information so that we can manage our relationships with our clients, employees, service providers and other stakeholders, provide our services to you and our clients, and to perform our other functions and activities. We may use your personal information in the following ways:
communicating with you, including by email, mail, phone, online or in person;
responding to your requests or queries;
operating and improving Everlight Radiology’s Website, content, offers and services;
sending you news and information about Everlight Radiology and our products, services or promotional communications, including newsletters, surveys and information about security updates, or information that is related to you as a customer or service provider of Everlight Radiology;
occasionally sending you marketing, advertising or promotional material about our products and services (or the products and services of our partners) that we think may be of interest to you;
providing you with more effective customer service;
enabling us to conduct customer research;
to compile data and conduct analysis of Everlight Radiology member/user statistics;
performing research and analysis aimed at improving our products, services and technologies;
establishing, maintaining and administering your account and customising the service we provide to you;
verifying your identity, profiles and products, checking your credentials;
monitoring and reporting as permitted or required under any applicable laws, including under applicable privacy legislations;
to communicate with regulators or government departments in respect of Everlight Radiology’s functions and activities;
to assess a job applicant or to allow us to carry out any monitoring activities which may be required or permitted of us under applicable law as an employer;
ensuring our internal business operations are running smoothly, which may include fulfilling legal requirements and conducting confidential systems maintenance and testing;
quality assurance and training purposes;
any other uses identified at the time of collecting your personal information;
using personal information as otherwise required or permitted by any law, (including, where applicable, the Privacy Act 1988 (Cth) and the Spam Act 2003 (Cth), and the New Zealand Privacy Act 2020 and the Unsolicited Electronic Messages Act 2007) or for purposes of monitoring, meeting or reporting on our obligations under the Privacy Act and other applicable privacy legislation.
5. Disclosure of your Personal Information
Any personal information provided to us may be disclosed, if appropriate, to other entities in order to facilitate the purpose for which the information was collected. Such entities generally include:
third-party service providers for the purpose of enabling them to provide a service such as (but not limited to) payroll, superannuation administration, IT service providers, data storage/processing, IT security, web-hosting and server providers; debt collectors, maintenance or problem-solving providers; security services; credentialing service providers; professional advisory (including legal, accounting, financial and business consulting); mailing house and delivery services; HR Service providers; and banking, payment and insurance providers;
any applicable or relevant regulator or third party for the purpose of legislative or contractual compliance and/or reporting;
any related entities of Everlight Radiology; or
other entities if you have given your express consent.
We may also disclose your personal information to third parties in the following circumstances:
where we are under a legal or regulatory obligation to do so (for example, to a court or tribunal in response to a legal request, to a subpoena or to the Australian Taxation Office), or for purposes of monitoring, meeting or reporting on our obligations under applicable privacy legislation, or to protect the rights and interests, property, or safety of Everlight Radiology, our employees and contractors, our clients, members and users, or others;
if all, or substantially all, of the assets of Everlight Radiology are merged with or acquired by another party, in which case your personal information may form part of the transferred or merged assets.
Where possible, we will inform you, at or before the time of collecting your personal information about other types of organisations to whom we may, with your consent, disclose your personal information. Prior to such disclosures, Everlight Radiology will take all reasonable steps to satisfy ourselves that:
the organisation has a commitment to protecting your personal information; and
where necessary, you have consented to such disclosure.
5.1 Direct Marketing
From time to time we may use your personal information to contact you about, among other things:
particular Everlight Radiology products and services being offered to Everlight Radiology members / users which we believe may be of interest to you;
changes to our organisation or our services; or
your use of Everlight Radiology’s Website or services.
We will generally only do this with your prior consent (where practical or required by law) and we will always give you the opportunity to opt out of receiving such communications at any time. Direct Marketing from Everlight generally takes the form of emails or telephone calls.
Every directly addressed marketing communication sent or made by Everlight Radiology will include a means by which you may unsubscribe (or ‘opt out’) of receiving further marketing communications. You may also instruct us at any time to remove any previous consent you provided to receive marketing communications from us. Requests should be directed to us via the contact details provided in the 'Contacting us' section of this policy.
If you request not to receive direct marketing or market research information, please note that we will still contact you to provide you with relevant information in respect of your ongoing health care. For example, we will continue to send you relevant statements, invoices, reminders, notices, etc.
5.2 Links to Third Party Websites
We accept no responsibility or liability whatsoever for the content, actions or policies of third-party sites. The inclusion of links to third party sites on our site in no way constitutes an endorsement of the third-party sites' content, actions or policies: you access them at your own risk.
5.3 Updating or correcting your Personal Information
We will take reasonable steps to ensure the personal information (including sensitive (health) information) we collect is accurate, up to date, complete, relevant and not misleading. We will also take reasonable steps to ensure that when we use or disclose your personal information it is accurate, up to date, complete, relevant and not misleading, having regard to the purpose of the use or disclosure. However, you should advise us of any changes to your personal information by maintaining and updating your profile or information with us.
During the course of our relationship with you, we will from time to time ask you to confirm whether your personal information is correct or has changed.
You may also inform us of any changes to your personal information (such as your name or address) or correct any inaccuracy or errors in the information we hold by contacting us via the contact details in the ‘Contacting us’ section of this policy so that we can update your file accordingly. However, where there are grounds to refuse to correct the information as requested, we will provide you with reasons for not complying with your request where we are able to do so in accordance with applicable laws.
5.4 Accessing your Personal Information
You may request access to any of the personal information we hold about you at any time by contacting us via the contact details provided in the ‘Contacting Us’ section of this Policy.
While we do not generally charge you for requests to access your personal information, you should be aware that there may be reasonable charges (which will be notified to you when you make a request) for our time and cost associated with complying with your request to access your personal information in the following circumstances:
Where the Health Information Privacy Code 2020 applies and you request access to your health information, there may be reasonable charges (which will be notified to you when you make a request) for:
making available the same, or substantially the same, health information we have already made available to you in the last 12 months; or
providing you with a copy of an x-ray, a video recording, an MRI scan photograph, a PET scan photograph or a CT scan photograph.
Your request to access to your personal information may be denied on certain grounds including, for example:
If we deny your access or correction request, we will advise you of the reasons for doing so as soon as practicable, (except if it is unreasonable to do so) and we will inform you of the mechanisms available to complain about the refusal (see Complaints section below).
5.5 Dealing with us anonymously or by pseudonym
In order for us to effectively do business with you or make our Website, services and associated content available to you, it will not, in most circumstances, be practical for us to deal with you without you providing relevant personal information to us. However, where it is lawful and practicable to do so, you may deal with us anonymously or by using a pseudonym. Such a situation might include where you make general enquiries about current or potential Everlight Radiology Services or promotional offers or the content on our Website.
6. Storage & Security
We store personal information in both electronic and hard copy form and we will keep your personal data for no longer than is necessary for the purpose(s) it was provided for and to meet our legal obligations. Further details of the periods for which we retain data are available on request.
When the information is no longer needed for any purpose for which it was collected, or for which it may lawfully be used or disclosed, it will be destroyed or permanently de-identified.
We will also take reasonable steps to protect any personal information, including by implementing security procedures for access to our business premises and within our offices, as well as IT security procedures including encryption, password protection, firewalls, storing personal information on servers that utilise security software and systems, and site monitoring.
Although we aim to create a safe, secure environment by trying to limit access to the Website to legitimate users, we cannot guarantee that unauthorised parties will not gain access. To the extent permitted by law, we will not have any liability arising from any unauthorised access to your personal information.
Please contact us immediately if you become aware of any unauthorised use of your account by anyone else or any other breach of security (see the contact details section in this policy).
7. Contacting us
Please contact us via the contact details provided below if you want to:
obtain further information about the way we manage your personal information;
access your personal information held by us;
correct or update your personal information held by us; or
unsubscribe from any Everlight Radiology mailing list or have any questions or complaints regarding unsolicited electronic communications which you may have received or are concerned about.
We will endeavour to:
provide an initial response to your query or complaint within 5 business days; and
resolve your query or complaint within 21 business days.
If you are still not satisfied, you can contact the Australian Privacy Commissioner (see http://www.oaic.gov.au/about/contact.html or call 1300 363 992) or New Zealand Privacy Commissioner (see https://www.privacy.org.nz/about-us/contact/).
Contact us at:
Website - https://www.everlightradiology.com/en-au/contact-us
Write to us at:
The Privacy Officer Everlight Radiology L11, 70 Phillip Street
Sydney NSW 2000
Need more information about privacy?
For more general information regarding privacy in Australia, visit the website of the Office of the Australian Information Commissioner. If you are in New Zealand you can visit the website of the Office of the New Zealand Privacy Commissioner.
9. Validity of Policy
This Policy will be reviewed at a minimum of once every 12 months.