Privacy Policy

1. What information do we collect?

The kind of Personal Information that we collect from you will depend on how you use the website. The Personal Information which we collect and hold about you may include:

Full Name;
Gender;
Date of Birth;
Email Address;
Telephone or Mobile Number;
Mailing / Delivery / Billing Address;
Payment details, such as your credit or debit card information;
Information provided to us via customer surveys, testimonials, feedback, or complaints;
the location from which you have come to our website and the pages you have visited;
Technical data, which may include your Internet Protocol (IP) address, the types of devices you are using to access the Website, device attributes, browser type, language and operating system; and/or
Any information that you willingly provide to us which relates to your preferences, choices and experience with products or services similar to the products and services we provide via the Website,

For Employees:

Occupational and employment details including employment status and any previous work experience; and Information from or in connection with your resume or job application if you apply for a position with us.

2. Types of information

The Privacy Act 1998 (Cth) (Privacy Act) defines types of information, including Personal Information.

Personal Information means information or an opinion about an identified individual or an individual who is reasonably identifiable:

(a) whether the information or opinion is true or not; and

(b) whether the information or opinion is recorded in a material form or not.

If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “Personal Information” and will not be subject to this privacy policy.

3. How we collect your Personal Information

(a) We may collect Personal Information from you whenever you input such information into the Website, related app or provide it to Us in any other way.

(b) We may also collect cookies from your computer which enable us to tell when you use the Website and also to help customise your Website experience. As a general rule, however, it is not possible to identify you personally from our use of cookies.

(c) If you access our website or social media sites, we may collect additional personal information about you including but not limited to your name, IP address, device type, activity on our website and domain name.

(d) Where reasonable and practicable we collect your Personal Information from you only. However, sometimes we may be given information from a third party, in cases like this we will take steps to make you aware of the information that was provided by a third party.

4. Purpose of collection

(a) We collect Personal Information to provide you with the best service experience possible on the Website and keep in touch with you about our products and developments in our business.

(b) We customarily only disclose Personal Information to our service providers who assist us in operating the Website. Your Personal Information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties.

(c) By using our Website, you consent to the receipt of direct marketing material. We will only use your Personal Information for this purpose if we have collected such information direct from you, and if it is material of a type which you would reasonably expect to receive from use. We do not use sensitive Personal Information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature, such as an unsubscribe button link.

(d) By providing your survey responses, testimonials, feedback, or complaints, you grant to us a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate into the Website any general suggestions, enhancement requests, testimonials, recommendations or other feedback provided by you.

5. Security, Access and correction

(a) We store your Personal Information in a way that reasonably protects it from unauthorised access, misuse, modification or disclosure. When we no longer require your Personal Information for the purpose for which we obtained in, we will take reasonable steps to destroy and anonymise or de-identify it. Most of the Personal Information that is stored in our client files and records will be kept for a maximum of 7 years to fulfil our record keeping obligations.

(b) The Australian Privacy Principles:

(i) permit you to obtain access to the Personal Information we hold about you in certain circumstances (Australian Privacy Principle 12); and

(ii) allow you to correct inaccurate Personal Information subject to certain exceptions (Australian Privacy Principle 13).

(c) Where you would like to obtain such access, please contact us in writing on the contact details set out at the bottom of this privacy policy.

(d) Our Website is hosted on secure infrastructure that is actively monitored and maintained with up- to-date security patches. Our hosting provider routinely performs security audits, vulnerability assessments, and penetration testing to detect and address potential threats.

(e) Your account information is protected with strong password encryption. We encourage users to choose strong, unique passwords and offer two-factor authentication (2FA) for added protection. All transactions on our website are processed through PCI-DSS compliant payment gateways. We do not store your credit card details on our servers. Our third-party payment providers use advanced fraud detection systems to protect your data and prevent unauthorised transactions.

(f) We use industry standard TLS (Transport Layer Security) encryption to ensure that all data transmitted between your browser and our servers remains private and secure. Personal information, including payment details, is encrypted both in transit and at rest. We do not sell or rent your personal information to third parties

(g) These security measures described in this Clause 5 are regularly assessed and evaluated to determine their effectiveness and are subject to technical progress and further development. We may update and modify these security measures from time to time, provided that such updates and modifications do not materially decrease the overall security of your personal information. We do not warrant that these security measures will prevent any unauthorised access to or unauthorised alteration, disclosure, or destruction of the data. We disclaim all liability in relation to any unauthorised access, alteration, disclosure, or destruction of data that is outside our reasonable control.

6. We do not sell, trade, or rent your personal information. Your data is only shared with:

Trusted service providers essential to business operations
Authorities if legally required
Third parties in the event of a business acquisition or restructure
Our affiliated entities and related companies

7. Third Parties

The Website contains links to other websites. You should review the privacy policy of the other websites as we are not responsible for the privacy practices of third-party linked websites. We may collect Personal Information about you from third-party sources from time-to-time, such as publicly available materials or information and data from our marketing partners. This information is used to better supplement our services to ensure we can personalise and improve our offerings to you, whilst also giving us a method to validate any personal information we hold.

8. Overseas transfer

Your Personal Information may be transferred to recipients located in various jurisdictions. These jurisdictions have data protection laws which protect Personal Information in a way which is at least substantially similar to the Australian Privacy Principles, and there will be mechanisms available to you to enforce protection of your Personal Information under that overseas law. In the circumstances, we do not require the overseas recipients to comply with the Australian Privacy Principles and we will not be liable for a breach of the Australian Privacy Principles if your Personal Information is mishandled.

9. Sale of Business

If we, or any of our group companies, merge with, or is acquired by, another business, sells all or a portion of its assets, or undergoes reorganisation, financing or change of control, your Personal Information may be disclosed to our advisers and any prospective purchaser’s adviser and may be among the assets transferred/sold to an acquirer. However, your Personal Information will remain subject to this Policy.

10. Your Rights and Choices

You may have additional rights in respect of the handling and management of your Personal Information , including the ability to request to:

Access, correct, or delete your Personal Information;
Object to or restrict how we process your data;
Withdraw consent for marketing communications at any time;
Request data portability; or
Lodge a complaint with your local data protection authority.

We comply with relevant data breach notification obligations under the laws of New South Wales, Australia. If a notifiable breach occurs, we will promptly inform affected individuals and the appropriate regulatory authorities.

To understand your rights or exercise any of these rights, please contact us at support@hlthplus.com.au.

11. Complaint procedure

If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us as on the contact details set out at the bottom of this policy. All complaints will be considered by management and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.

12. How to contact us about privacy

If you have any queries including suspect a security issue or unauthorised activity on your account, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, please contact our support team immediately at support@hlthplus.com.au. For information about privacy generally, or if your concerns are not resolved to your satisfaction, you can contact the Office of the Australian Information Commissioner (“OAIC”) by visiting www.oaic.gov.au, sending an email to enquiries@oaic.gov.au, telephoning 1300 363 992 or writing to the OAIC at GPO Box 5218, Sydney NSW 2001.

13. Updates to this policy

We may revise this policy as needed to reflect legal or operational changes. Any updates will be posted to this page, with the effective date revised accordingly.

14. Governing Law

This policy is subject to the laws of New South Wales, Australia. You submit to the exclusive jurisdiction of the courts of New South Wales, Australia. This applies regardless of your location when accessing our Website, our products or our website content.