1. Introduction
1.1 WHEN is committed to protecting the privacy and rights of individuals when it comes to their personal information. We appreciate that you are trusting us with your personal information when you use WHEN Fertility and we take this responsibility seriously.
1.2 At WHEN Fertility we:
a. create and link customers to information about various aspects of fertility, including egg count;
b. provide sample collection kits; and
c. provide:
i. services to connect our clients and Australian registered health providers such as pathology providers (Partner Providers)
ii. services to connect our clients and our Australian registered health practitioners, including medical practitioners and nurses (Practitioner Providers) (collectively, Providers)
1.3 We have a legal obligation to abide by the provisions of the Privacy Act 1988 (Cth) (Privacy Act), which include the Australian Privacy Principles (APPs). We are also bound by any relevant health privacy principles under State legislation.
1.4 Please take a moment to read this policy, as it outlines the types of information we collect, why we collect it and how you can manage, update and delete the information we hold.
2.1 In this privacy policy:
personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
a. whether the information or opinion is true or not; and
b. whether the information or opinion is recorded in a material form or not.
sensitive information means personal information that is information or an opinion about an individual's racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, or criminal record. Sensitive information also includes health information, genetic information, biometric information, and biometric templates.
WHEN Fertility, we, us, our means WHEN Fertility Pty Ltd (ACN: 654 291 442)
you and your means each and every individual whose personal information we may handle from time to time.
3.1 We will collect and hold your personal information in a lawful and fair manner, and only when it is reasonably necessary for one or more of our functions or activities.
3.2 Where it is reasonably practical to do so, we will collect your personal information directly from you.
3.3 We collect your personal information directly from you when you:
a. visit our Website;
b. sign up for our marketing communications;
c. make an inquiry through our Website;
d. attend one of our promotional events;
e. complete an order in relation to goods or services;
f. attend an appointment with one of our Providers;
g. contact us via telephone;
h. correspond with us, including through our Website, in writing or via email;
i. interact with us on social media platforms;
j. provide your personal information through any of our mobile applications; and/or
k. fill out a customer satisfaction or market research survey.
3.4 We may also collect your personal information:
a. from our group companies in order to provide you with goods and services;
b. from our Providers when they provide goods and services to you;
c. from publicly available sources;
d. from third parties (for example, suppliers, recruitment agencies, contractors, and business partners);
e. from government sources, government authorities or databases relevant to the provision of a service to you (Government Sources); and
f. from any other people or entities involved in assisting us with providing our services to you.
3.5 In circumstances where we collect your personal information from a third party, we will, where appropriate, ask the third party to inform you that we have collected and are holding your information, how we will use and disclose it, and how you may contact us to access, correct and/or update your information.
4.1 The types of personal information we collect include (but are not limited to):
a. Identify information, including your name, gender, date of birth;
b. Contact information, including postal address, email address, contact phone numbers;
c. Financial information, including billing and shipping information;
d. Transaction-specific information, including details of the goods and services you make enquiries about, details of the goods and services you purchase from us, written consents related to the goods and services we provide.
4.2 We only collect sensitive information about you with your consent, or otherwise in accordance with the Privacy Act. The types of sensitive information we collect include (but are not limited to): your medical history, lifestyle history, demographic information, height, weight, family status, family planning intentions, medical records, medical prescriptions, laboratory results, and laboratory results commentary. We will only collect sensitive information when it is necessary to provide our goods and services to you.
4.3 You may choose to withhold your personal information, however if you choose to, we may not be able to provide you with the requested goods or services.
5.1 We collect, hold, use and disclose personal information to:
a. offer and provide you with our goods and services;
b. facilitate and authorise payment and processing via third party gateways;
c. communicate with you about the provision of our goods and services;
d. provide you with announcements and updates, support and administrative messages and to provide you with information upon your request;
e. send you marketing and promotional information about us and our goods and services; and our group companies and business partners that provide goods and services of interest;
f. facilitate third parties communicating with you about our goods or services that might be of interest to you;
g. improve your experience with our goods and services, or to improve our, or any of our group companies’ products and services, including through research and development;
h. responding to your issues, complaints, or enquiries;
i. disclosure to law enforcement bodies and regulatory authorities in connection with investigations and compliance with law; and
j. as otherwise required or authorised by law.
6.1 We will only disclose personal information when it is in accordance with the Privacy Act and the APPs.
6.2 Specifically, we will disclose your personal information to:
a. Partner Providers;
b. Practitioner Providers;
c. our contractors and group companies;
d. Government Sources where required by law;
e. cloud service providers;
f. payment system operators;
g. to our service providers; and
h. emergency services to request assistance in circumstances where a Practitioner Provider forms the professional opinion that you are at risk of imminent harm, and that Practitioner Provider has a professional and ethical obligation to do so.
6.3 We will not use or disclose your personal information for any other purpose unless you have consented to that use or disclosure or where we are required or authorised by law.
7.1 We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
7.2 To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
7.3 We will hold personal information electronically on our intranet system and in cloud storage. We may also hold your personal information on third party servers which may be located overseas, including servers located in the USA, Europe and Asia. We maintain appropriate security for our offices and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information.
7.4 We restrict access to your personal information to only those who need access to the personal information to do their job. Physical, electronic and managerial procedures have been employed to safeguard the security and integrity of your personal information.
7.5 We will destroy or de-identify personal information once it is no longer needed for a valid purpose, and we are not required to keep it by law.
8.1 We will only engage in direct marketing in accordance with the requirements of the Privacy Act and other applicable laws, including where:
a. you have consented to receive direct marketing materials; or
b. we are otherwise permitted by law to send you direct marketing materials.
8.2 From time to time, we may use or disclose your personal information to our third-party service providers to provide you with marketing materials that may be of interest to you, including marketing materials in relation to offers, specials, other products and services that we, our group companies, or affiliated business partners provide.
8.3 Except to the extent that our collection, use or disclosure is subject to clause 5.1(a) and 5.1(c), we will not collect, use or disclose your sensitive information for the purpose of direct marketing without your consent.
8.4 You may unsubscribe from our marketing communications at any time. If you would like to unsubscribe, you can do so by following the instructions provided in the relevant marketing communications or by contacting our Privacy Officer. If you are receiving marketing communications from us through more than one channel (eg email and SMS), you will need to unsubscribe from each channel individually by following the instructions provided along with the communication or by contacting our Privacy Officer at hello@whenfertility.com.au
8.5 Receiving marketing communications is not a condition of any purchase or service with us. If your contact details change, you may need to subscribe with your new contact details to ensure you can still receive marketing communications.
9.1 We may automatically collect certain information about your use of our services through cookies and other tracking technologies. Cookies enable us to compile aggregate statistics concerning use of our services, analyse trends, enhance the security of our services, deliver content and advertisements (where permitted under applicable law), and otherwise administer and improve our services. You can set your browser not to accept cookies, to remove cookies, or to notify you when you are sent a cookie, giving you the opportunity to decide whether or not to accept it. However, please note that if you disable the use of cookies on your computer, some functionality of our Website will not work.
10.1 We will take such steps as are reasonable in the circumstances to ensure that the Personal Information which we collect remains accurate, up to date and complete. You can request access to your Personal Information or advise us of any required correction to your Personal Information by sending a request by logging in to your account or by contacting our Privacy Officer. Upon request for access to Personal Information, we will provide you with details of any of your Personal Information that we hold, subject to appropriate identity verification and except in the limited circumstances permitted by law (for example if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality). When making an access or correction request, please provide as much detail as possible to assist us. There is no charge for requesting access to your Personal Information but we may require you to meet our reasonable costs in actually providing you with access.
10.2 If you make a request for access or correction of your Personal Information we will:
a. take reasonable steps, consistent with our obligations under the Privacy Act, to provide access to that information and consider if the Personal Information requires correction; and
b. respond to all requests for access and/or correction within a reasonable time.
11.1 From time to time we may engage an overseas service provider to provide services to us, such as cloud-based storage solutions. By providing us with your personal information, you consent to your personal information being handled and stored overseas, including being stored on servers located in the USA, Europe or Asia.
11.2 You hereby acknowledge and agree that Australian Privacy Principal 8.1 does not apply to such disclosures. For the avoidance of doubt, in the event than an overseas service provider breaches the APPs, that entity will not be bound by, and you will have no right to seek redress under, the Privacy Act.
12.1 If you have any questions, concerns or complaints about this Privacy Policy, or how we handle your personal information, including if you wish to withdraw consent to the collection of your personal information, please direct your enquiries to:
The Privacy Officer
WHEN Fertility Pty Ltd
165 Riley Street
Darlinghurst NSW 2010
Email: hello@whenfertility.com.au
12.2 Your experience with WHEN Fertility is important to us. We endeavour to respond to any complaint within a reasonable period.
12.3 If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:
Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001
Telephone: 1300 363 992
or via their website https://www.oaic.gov.au/
13.1 With a view to improving our service to you and ensuring compliance with the Australian Privacy Principles, we may revise this Privacy Policy from time to time. It is your responsibility to remain aware of the content of the then applicable policy. You may not be directly notified of such a change so please ensure that you regularly check this Privacy Policy so you are fully aware of any changes or updates.
Policy Number: WF005.v3