Privacy Policy

1 Introduction  

1.1 EBOS  Group  Australia  Pty  Ltd  ABN  38  125  401  247  and  its  subsidiaries  and  related  companies  (“EBOS”,  “we”,  “our”  and   “us”)  are  committed  to  responsible  privacy  practices  and to complying  with  the  Privacy  Principles  contained  in  the  Privacy   Act  1988  (Cth)  (“Privacy  Act”)  and  applicable  health  records  legislation  such  as  the  Health  Records  Act  2001  (Vic),  the   Health  Records  (Privacy  and  Access)  Act  1997  (ACT)  and  the  Health  Records  and  Information  Privacy  Act  2002  (NSW).

1.2 Where  applicable,  EBOS  will  handle  personal  information  relying  on  the  related  bodies  corporate  exemption  and  the   employee  records  exemption  in  the  Privacy  Act  and  any  other  applicable  exemptions  in  the  Privacy  Act  or  other   legislation.

1.3 This  Privacy  Policy  sets  out  our  policies  on  the  management  of  personal  information  including  how  we  collect  personal   information,  the  purposes  for  which  we  use  this  information,  and  to  whom  this  information  is  disclosed.  We  may  change   our  Privacy  Policy  from  time  to  time  at  our  discretion.  At  any  time,  the  latest  version  of  our  Privacy  Policy  is  available  from   our  website  at  www.eboshealthcare.com.au.

1.4 Where  it  is  practical  for  us  to  allow  you  to  do  so,  you  may  deal  with  us  anonymously  (for  example  when  enquiring   generally  about  our  products  and  services).  

2 What  is  personal  information?  

2.1 In  this  Privacy  Policy,  “personal  information”  has  the  meaning  set  out  in  the  Privacy  Act.  Essentially,  personal  information   is  information  or  an  opinion  about  an  individual  who  is  reasonably  identifiable.

2.2 A  reference  to  “personal  information”  in  this  policy  includes  “health  information”,  as  defined  in  the  Privacy  Act  and   applicable  health  records  legislation. Essentially,  health  information  is  information  or  an  opinion  relating  to  the  health  or   a  disability  of  an  individual  who  is  reasonably  identifiable.

3 What  types  of  personal  information  does  EBOS  collect?  

3.1 The  types  of  personal  information  EBOS  collects  from  you  depend  on  the  circumstances  in  which  the  information  is   collected.  

3.2 EBOS  may  collect  contact  details  including  your  name,  occupation,  address,  email  address,  phone  and  fax  numbers  and   your  date  of  birth.  We  may  collect  answers  you  provide  to  questions  we  ask  and  other  information  in  relation  to  your   dealings  with  EBOS.  If  you  purchase  products  or  services  from  us,  we  may  also  collect  certain  transactional  information   and  financial  details  to  process  the  transaction.      

3.3 If  you  are  an  individual  contractor  to  EBOS,  in  addition  to  the  information  referred  to  in  section  3.2  we  may  also  collect   information  relevant  to  your  engagement  with  EBOS  including  qualifications,  resume,  reference  information  from  your   nominated  referees,  tax  file  number,  bank  details,  feedback  from  supervisors  and  training  records.  

3.4 If  we  are  providing  you  with,  or  assisting  your  health  service  provider  or  treating  health  professional  (such  as  a  doctor,   pharmacist  or  hospital)  to  provide  you  with,  a  health  related  service  we  may  collect  your  health  information  and,  in  such   circumstances,  you  consent  to  us  collecting  that  information  and  to  us  using  and  disclosing  that  information  for  the   purpose  for  which  you  disclosed  it  to  us  and  as  permitted  by  the  Privacy  Act,  applicable  health  records  legislation  and   other  relevant  laws.    

3.5 When  you  use  our  websites,  we  may  collect  website  usage  information  such  as  the  IP  address  you  are  using,  the  name  of   your  Internet  service  provider,  your  browser  version,  the  web  site  that  referred  you  to  us  and  the  next  website  you  go  to,   the  pages  you  request,  the  date  and  time  of  those  requests  and  the  country  you  are  in.    

3.6 In  certain  circumstances  we  are  required  to  collect  government  identifiers  such  as  tax  file  numbers,  Medical  registrations,   product  Licences  and  permits, Medicare  numbers,  health  service  provider  numbers,  pension  numbers  and  Veteran’s   Affairs  numbers.    We  only  collect,  use  and  disclose  such  information  as  permitted  or  required  by  law.  

3.7 In  addition  to  the  types  of  personal  information  identified  above,  EBOS  may  collect  personal  information  as  otherwise   permitted  or  required  by  law.

4 How  do  we  collect  your  personal  information?  

4.1 EBOS  collects  personal  information  in  a  number  of  ways.  The  most  common  ways  we  collect  your  personal  information   are:

  • directly  from  you  when  you  provide  it  to  us  or  our  agents  or  contractors;
  • when  you  open  an  Account  with  us
  • via  our  website  or  when  you  deal  with  us  online  (including  through  our  online  ordering  website   www.ebosonline.com.au  or  our  social  media  pages);
  • if  you  are  an  individual  contractor  to  EBOS,  from  your  employer  or  recruitment  agency;
  • from  publicly  available  sources;
  • from  credit  reporting  agencies;
  • from  our  related  companies;  and
  • from  third  parties  (for  example,  from  your  health  service  provider  or  treating  health  professional  (such  as  a  doctor,   pharmacist  or  hospital)  in  connection  with  providing  a  health-­‐related  service  to  you;  from  referees  if  you  apply  for  a   position  as  an  employee  or  contractor  with  us).  

5 For  what  purposes  do  we  collect,  use  and  disclose  your  personal  information?  

5.1 The  purposes  for  which  we  use  and  disclose  your  personal  information  will  depend  on  the  circumstances  in  which  we   collect  it. Whenever  practical  we  endeavour  to  inform  you  why  we  are  collecting  your  personal  information,  how  we   intend  to  use  that  information  and  to  whom  we  intend  to  disclose  it  at  the  time  we  collect  your  personal  information.  

5.2 We  may  use  or  disclose  your  personal  information:

  • for  the  purposes  for  which  we  collected  it  (and  certain  secondary  purposes  where  permitted  by  law);
  • for  other  purposes  to  which  you  have  consented;  and
  • as  otherwise  authorised  or  required  by  law.  

5.3 In  general  we  collect,  use  and  disclose  your  personal  information  so  that  we  can  do  business  together  and  for  purposes   connected  with  our  business  operations.      

5.4 Unless  otherwise  required  or  permitted  by  law,  we  will  only  collect  health  information  about  you  with  your  consent  and   we  will  only  use  that  information  for  the  primary  purpose  for  which  it  was  collected.  In  some  circumstances,  we  may   collect  your  health  information  through  third  parties  (e.g.  from  health  care  professionals,  such  as  pharmacists,  who  are   treating  you).  We  will  only  do  this  if  you  have  consented  or  where  otherwise  permitted  or  required  by  law.  

5.5 Some  of  the  specific  purposes  for  which  we  collect,  use  and  disclose  personal  information  are: 

  • to  respond  to  you  if  you  have  requested  information  (including  via  our  websites  or  via  an  email  or  other   correspondence  you  send  to  us);
  • to  provide  goods  or  services  to  you,  to  assist  a  health  professional  or  service  provider  to  provide  you  with  certain   services  (e.g.  health  services)  or  to  receive  goods  or  services  from  you;
  • to  administer  and  manage  services,  including  charging,  billing  and  collecting  debts;  
  • to  inform  you  of  our  regular  deals  and  promotions
  • to  enable  you  to  participate  in  any  loyalty  programs  that  we  conduct;
  • to  improve  our  products  and  services  and  keep  you  up  to  date  on  such  improvements;
  • to  understand  our  customer  base  and  help  tailor  our  products  and  services;
  • to  allow  performance  reporting  and  benchmarking  of  your  business,  if  applicable;
  • to  contact  you  (directly  or  through  our  service  providers)  to  obtain  your  feedback,  to  find  out  your  level  of   satisfaction  with  our  products  and  services  and  for  other  market  research  activities;
  • to  verify  your  identity;
  • to  address  any  issues  or  complaints  that  we  or  you  have  regarding  our  relationship;  and
  • to  contact  you  regarding  the  above,  including  via  electronic  messaging  such  as  SMS  and  email,  by  mail,  by  phone,  by   fax  or  in  any  other  lawful  manner.  

5.6 We  may  also  use  and  disclose  your  personal  information  for  the  purpose  of  direct  marketing  to  you  where:

  • you  have  consented  to  us  doing  so;  or
  • if  you  are  our  Customer  (have  a  current  Account  with  us)
  • it  is  otherwise  permitted  by  law.  

5.7 Direct  marketing  involves  communicating  directly  with  you  for  the  purpose  of  promoting  goods  or  services  to  you  and  to   provide  you  with  special  offers.    Direct  marketing  can  be  delivered  by  a  range  of  methods  including  mail,  fax,  telephone,   email  or  SMS.    You  can  unsubscribe  from  our  direct  marketing,  or  change  your  contact  preferences,  by  contacting  us  (see   section  14  of  this  Privacy  Policy).     EBOS_Privacy_Policy.docx   page  2  

6 What  happens  if  you  don't  provide  personal  information?  

6.1 Generally,  you  have  no  obligation  to  provide  any  personal  information  requested  by  us.  However,  if  you  choose  to   withhold  requested  personal  information,  we  may  not  be  able  to  provide  you  with  products  and  services  that  depend  on   the  collection  of  that  information.    

7 To  whom  do  we  disclose  personal  information?  

7.1 We  may  disclose  your  personal  information  to  third  parties  in  connection  with  the  purposes  described  in  section  5  of  this   Privacy  Policy.  

7.2 This  may  include  disclosing  your  personal  information  to  the  following  types  of  third  parties:

  • our  related  companies;
  • health  service  providers  or  treating  health  professionals  (such  as  your  doctor,  pharmacist  or  hospital),  in  connection   with  providing  health-­‐related  goods  or  services  to  you  or  as  otherwise  required  or  authorised  by  law;
  • our  contractors  and  other  third  parties  that  provide  goods  and  services  to  us  (including  suppliers,  marketing   agencies,  data  analysis  specialists,  data  processing  organisations,  billing  and  debt  recovery  providers,  website  and   data  hosting  providers,  loyalty  program  administrators  and  other  IT  suppliers);
  • our  accountants,  insurers,  lawyers,  auditors  and  other  professional  advisers;
  • government  and  regulatory  authorities,  courts,  tribunals  and  other  bodies  as  required  or  authorised  by  law;
  • in  an  emergency,  to  medical  and  health  service  providers;
  • any  third  parties  to  whom  you  have  directed  or  permitted  us  to  disclose  your  personal  information  (e.g.  referees);
  • in  the  event  that  we  or  our  assets  may  be  acquired  or  considered  for  acquisition  by  a  third  party,  that  third  party   and  its  advisors;
  • carefully  selected  third  parties  with  whom  we  have  data  sharing  arrangements;
  • third  parties  that  require  the  information  for  law  enforcement  or  to  prevent  a  serious  threat  to  public  safety;  and
  • otherwise  as  permitted  or  required  by  law.  

7.3 Where  we  disclose  your  personal  information  to  third  parties  we  will  use  reasonable  commercial  efforts  to  ensure  that   such  third  parties  only  use  your  personal  information  as  reasonably  required  for  the  purpose  we  disclosed  it  to  them  and   in  a  manner  consistent  with  the  Privacy  Principles  under  the  Privacy  Act  and  relevant  health  records  legislation,  e.g.  by   (where  commercially  practical)  including  suitable  privacy  and  confidentiality  clauses  in  our  agreement  with  a  third  party   service  provider  to  which  we  disclose  your  personal  information.    

7.4 If  you  post  information  to  public  parts  of  our  websites  or  to  our  social  media  pages,  you  acknowledge  that  such   information  (including  your  personal  information)  may  be  available  to  be  viewed  by  the  public.    You  should  use  discretion   in  deciding  what  information  you  upload  to  such  sites.    

8 Disclosure  of  information  outside  the  State/Territory  of  collection    

8.1 Some  of  the  third  parties  to  whom  we  disclose  personal  information  may  be  located  outside  the  state  or  territory  in   which  the  information  was  collected  or  outside  Australia.    The  state/territories  and  countries  in  which  such  third  parties   are  located  will  depend  on  the  circumstances.    For  example,  we  may  disclose  personal  information  to  our  related   companies  overseas  and  to  our  overseas  service  providers.    

8.2 In  the  ordinary  course  of  business  we  commonly  disclose  personal  information  to  parties  for  example,  offshore  data   centres  located  in  New  Zealand.      

8.3 Except  in  some  cases  where  we  may  rely  on  an  exception  under  the  Privacy  Act  or  other  law,  we  will  take  reasonable   steps  to  ensure  that  such  overseas  recipients  do  not  breach  the  Privacy  Principles  in  the  Privacy  Act  in  relation  to  such   information  

8.4 In  respect  of  health  information  covered  by  health  records  legislation,  unless  otherwise  required  or  permitted  by  law,  we   will  only  disclose  your  health  information  to  a  third  party  outside  the  state/territory  of  collection  if  we  reasonably  believe   that  the  recipient  of  the  information  is  subject  to  a  law,  binding  scheme  or  contract  which  upholds  principles  for  fair   handling  of  the  information  that  are  substantially  similar  to  those  in  the  applicable  health  records  legislation.  

9 How  do  we  protect  personal  information?  

9.1 EBOS  will  take  reasonable  steps  to  keep  any  personal  information  we  hold  about  you  secure.  Please  notify  us  immediately   if  you  become  aware  of  any  breach  of  security.  

9.2 However,  except  to  the  extent  liability  cannot  be  excluded  due  to  the  operation  of  statute,  we  exclude  all  liability   (including  in  negligence)  for  the  consequences  of  any  unauthorised  access  to,  disclosure  of,  misuse  of  or  loss  or   corruption  of  your  personal  information.    Nothing  in  this  Privacy  Policy  restricts,  excludes  or  modifies  or  purports  to EBOS_Privacy_Policy.docx   page  3   restrict,  exclude  or  modify  any  statutory  consumer  rights  under  any  applicable  law  including  the  Competition  and   Consumer  Act  2010  (Cth).      

10 Accuracy  of  the  personal  information  we  hold  

10.1 We  try  to  maintain  your  personal  information  as  accurately  as  reasonably  possible.  We  rely  on  the  accuracy  of  personal   information  as  provided  to  us  both  directly  (from  you)  and  indirectly.    

10.2 You  may  contact  us  if  the  personal  information  we  hold  about  you  is  incorrect  or  to  notify  us  of  a  change  in  your  personal   information.  Our  contact  details  are  set  out  in  section  14  of  this  Privacy  Policy.  

11 Links,  cookies  and  use  of  EBOS  websites  and  applications  

11.1 EBOS  websites  may  contain  links  to  other  sites.  This  Privacy  Policy  applies  to  our  websites  and  not  any  linked  sites  which   are  not  operated  or  controlled  by  EBOS.  We  encourage  you  to  read  the  privacy  policy  of  each  website  that  collects  your   personal  information.  

11.2 EBOS  uses  “cookies”  and  similar  technology  on  its  websites  and  in  other  technology  applications.  The  use  of  such   technologies  is  an  industry  standard,  and  helps  us  monitor  the  effectiveness  of  our  advertising  and  how  visitors  use  our   websites/applications.    We  use  such  technologies  to  generate  statistics,  measure  your  activity,  improve  the  usefulness  of   our  websites/applications  and  to  enhance  the  “customer”  experience.    

11.3 If  you  prefer  not  to  receive  cookies  you  can  adjust  your  Internet  browser  to  refuse  cookies  or  to  warn  you  when  cookies   are  being  used.  However,  our  websites  may  not  function  properly  or  optimally  if  cookies  have  been  turned  off.    

12 How  can  you  access  and  correct  personal  information  we  hold  about  you?  

12.1 You  may  seek  access  to  personal  information  which  EBOS  holds  about  you  by  contacting  us  as  described  in  section  14  of   this  Privacy  Policy.    We  will  provide  access  to  that  information  in  accordance  with  the  Privacy  Act  and  health  records   legislation,  subject  to  certain  exemptions  which  may  apply.    We  may  require  that  the  person  requesting  access  provide   suitable  identification  and  where  permitted  by  law  we  may  charge  an  administration  fee  for  granting  access  to  your   personal  information.  

12.2 If  you  become  aware  that  any  personal  information  we  hold  about  you  is  incorrect  or  if  you  wish  to  update  your   information,  please  contact  us  (see  section  14  of  this  Privacy  Policy).  

13 Queries,  comments  and  complaints  about  our  handling  of  personal  information  

13.1 If  you  have  any  questions,  comments  or  complaints  about  our  collection,  use  or  disclosure  of  personal  information,  or  if   you  believe  that  we  have  not  complied  with  this  Privacy  Policy,  the  Privacy  Act  or  applicable  health  records  legislation,   please  contact  us  (see  section  14  of  this  Privacy  Policy).      

13.2 When  contacting  us  please  provide  as  much  detail  as  possible  in  relation  to  your  question,  comment  or  complaint.  

13.3 EBOS  will  take  any  privacy  complaint  seriously  and  any  complaint  will  be  assessed  by  an  appropriate  person  with  the  aim   of  resolving  any  issue  in  a  timely  and  efficient  manner.    We  request  that  you  cooperate  with  us  during  this  process  and   provide  us  with  any  relevant  information  that  we  may  need.      

13.4 If  you  are  not  satisfied  with  the  outcome  of  our  assessment  of  your  complaint,  you  may  wish  to  contact  the  Office  of  the   Australian  Information  Commissioner  (click  here  for  information)  or  other  relevant  regulators.    

14 How  can  you  contact  us?  

14.1 Please  address  all  privacy  complaints  and  requests  to  update  or  access  information  to:  

Attention:  Privacy  Officer  
EBOS  Healthcare  
Unit  2,  109  Vanessa  Street   Kingsgrove,  
NSW    2208  

OR  

Free  fax  1800  810  257    

OR  

Email  This email address is being protected from spambots. You need JavaScript enabled to view it.  

Any  requests  to  access,  update  or  correct  your  health  information  should  be  made  in  writing.   To  unsubscribe  from  our  direct  marketing,  you  can  visit  our  website  www.eboshealthcare.com.au  or  email   This email address is being protected from spambots. You need JavaScript enabled to view it. and  set  out  the  contact  details  that  you  no  longer  want  used  for  direct  marketing.