Coviu Privacy Policy

 

1. Introduction

Coviu Corporation (“we”, “our” and “us”) is committed to responsible privacy practices and to complying with privacy laws, to the extent they apply to us.

This Privacy Policy sets out our policies on the management of personal information and sensitive information (which may include health information) including how we collect personal and sensitive information, the purposes for which we use this information, and to whom this information is disclosed. 

Coviu has entered into business associate agreements with its clients which are covered entities under the Health Information Portability and Accountability Act (“HIPAA”) and will protect the privacy and security of health information in accordance with those agreements. 

We may change or update our Privacy Policy from time to time. At any time, the latest version of our Privacy Policy is available from our website at www.coviu.com.

2. What is personal, sensitive and health information?

In this Privacy Policy, “personal information”, “sensitive information” and “health information” have the meanings set out in the Privacy Act. Essentially, personal information is information or an opinion about an individual who is reasonably identifiable. Sensitive information includes health information, which is information or an opinion about the health of, and the provision of health services to, an individual, and may include protected health information as defined by  HIPAA.

3. What types of personal and health information do we collect?

The types of personal and health information we collect from you on behalf of our clients depend on the circumstances in which the information is collected, including the nature of the medical attention you require.

We may collect contact details including your name, address, email address, phone numbers and your date of birth / age. If you are the owner or a staff member of a practice that is using the Coviu service to provide consultation services to patients, we may also collect details in relation to your practice. We may also collect answers you provide to questions we ask and other information in relation to your dealings with us.

If you are a patient or otherwise participate in a video consultation, on behalf of our clients, we will collect as little information about you as necessary to provide the service. We may collect contact details and information about you that is health information, including your medical information (such as your medical history, medications, allergies, your family health history and potential risk factors), the healthcare practitioner(s) which you have video consultations with and their area of medical expertise, your Medicare number or other healthcare identifiers and other health information contained in any appointment records. We may collect this information via the answers you provide to questions we ask, your communications with your practitioner over our videoconferencing service, including in recordings of videoconferences, and any records that are uploaded to our system or created by your healthcare provider(s). We use this information solely on behalf of your healthcare provider and in accordance with our business associate agreement with the client, and if required by law, only with your consent..

Except as described in this section, we do not generally require you to disclose any sensitive information (e.g. details of race, religious belief, sexual orientation or membership of a trade union) to us. If you do provide us with sensitive information for any reason, you consent to us collecting that information and using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the relevant privacy laws.

In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law.

4. How do we collect your personal and health information?

We collect personal and health information in a number of ways. The most common ways we collect your personal and health information are:

  • directly from you when you provide it to us or our agents or contractors;
  • via our website or when you communicate with us online (including when you use our video consultation services, make appointments and through our social media pages);
  • if you are a patient, from your healthcare provider (including any medical records uploaded or created on our system);
  • from publicly available sources;
  • from our related companies; and
  • from third parties (for example, from referees if you apply for a position as an employee or contractor with us).

Your personal and health information may be held as electronic records (including in the form of text, video and audio recordings of your consultations and digital images such as x-rays).

5. For what purposes do we collect, use and disclose your personal and/or health information?

The purposes for which we use and disclose your personal and/or health information will depend on the circumstances in which we collect it. Whenever practical, we endeavor to inform you why we are collecting your personal and/or health information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal and/or health information.

We may use or disclose:

  • your personal information for the purposes for which we collected it and you have consented to (and related purposes which would be reasonably expected by you);
  • your health information for the purposes for which we collected it and you have consented to (and directly related purposes which would be reasonably expected by you); and
  • as otherwise authorised or required by law.

In general we collect, use and disclose your personal and health information so that we can do business together and for purposes connected with our business operations.

Some of the specific purposes for which we collect, use and disclose personal and health information are:

  • to respond to you if you have requested information (including via our websites or via an email or other correspondence you send to us);
  • to provide goods or services to you (including online video consultation services and, if you are a patient, to remind you about your appointments);
  • in the case of personal information other than health information,
    • to administer rewards, surveys and related activities;
    • to run competitions or other promotional activities or events, sponsored or managed by us or our business partners;
  • if you are a patient, to enable your healthcare provider(s) to access your personal and health information and share that information with you;
  • to enable you to use our apps and other applications;
  • to improve our goods and services;
  • for research purposes. In the case that research includes clinical research, we obtain your consent as required by any ethics board and/or law;
  • to verify your identity, address and age or eligibility to participate in a marketing activity;
  • to address any issues or complaints that we or you have regarding our relationship or service; and
  • to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.

6. Direct marketing

Direct marketing involves communicating directly with you for the purpose of promoting goods or services to you and to provide you with special offers. We may use the personal information you provide to directly market to you via a range of methods including mail, telephone, and if you opt-in, email or video. You can unsubscribe from our direct marketing, or change your contact preferences, by contacting us (see Section 14 of this Privacy Policy).

7. What happens if you don’t provide personal and/or health information?

Generally, you have no obligation to provide to us any personal information requested by us. However, if you choose to withhold requested personal and/or health information, we may not be able to do provide you with the products and services requested.

8. To whom do we disclose personal and/or health information?

We may disclose your personal and/or health information to third parties for the purposes described in Section 5 of this Privacy Policy.

This may include disclosing your personal information to the following types of third parties:

  • our employees and related bodies corporate;
  • our contractors and other third parties that provide goods and services to us (including website and data hosting providers, and other suppliers);
  • our accountants, insurers, lawyers, auditors and other professional advisers and agents;
  • your clinician’s practice and practice management system or electronic medical records system;
  • payment system operators;
  • customer support system operators;
  • any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
  • in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;
  • third parties that require the information for law enforcement or to prevent a serious threat to public safety; and
  • otherwise as permitted or required by law.

Where we disclose your personal and/or health information to third parties, we will use reasonable efforts to ensure that such third parties only use this information as reasonably required for the purpose we disclosed it to them and in a manner consistent with privacy laws and/or under HIPAA, as applicable.

If you post information to public parts of our websites or to our social media pages, you acknowledge that such information (including your personal information) may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.

9. Does personal and/or health information leave Australia?

Except as described in this section, we do not generally disclose your personal and/or health information outside of the country you reside.

We will take reasonable steps to ensure that our electronic storage service provider (and any such overseas recipients which we may use) do not breach privacy laws in relation to such information.

10. How do we protect personal and/or health information?

We will take reasonable steps to keep any personal and/or health information we hold about you secure, including via encryption methods. However, except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability (including in negligence) for the consequences of any unauthorised access to, disclosure of, misuse of or loss or corruption of your personal information. Nothing in this Privacy Policy restricts, excludes or modifies or purports to restrict, exclude or modify any statutory consumer rights under any applicable law including the Competition and Consumer Act 2010 (Cth).

Please notify us immediately if you become aware of any breach of security.

11. Accuracy of the personal and/or health information we hold

We try to maintain your personal and/or health information as accurately as reasonably possible. We rely on the accuracy of personal and/or health information as provided to us both directly (from you) and indirectly.

We encourage you to contact us if the personal and/or health information we hold about you is incorrect or to notify us of a change in your personal and/or health information. Our contact details are set out in Section 21 of this Privacy Policy.

12. Links, cookies and use of our websites and applications

Our website may contain links to other sites. This Privacy Policy applies to our website and the Coviu Web service and not any linked sites which are not operated or controlled by us. We encourage you to read the privacy policies of each website that collects your personal information.

We may use “cookies” and similar technology on our websites and in other technology applications. The use of such technologies is an industry standard, and helps to monitor the effectiveness of advertising and how visitors use our websites/applications. We may use such technologies to generate statistics, measure your activity, improve the usefulness of our websites/applications and to enhance the “customer” experience.

If you prefer not to receive cookies you can adjust your Internet browser to refuse cookies or to warn you when cookies are being used. However, our websites may not function properly or optimally if cookies have been turned off.

13. Remarketing

We also use 3rd party vendor remarketing tracking cookies, including the Google AdWords tracking cookie. This means we will continue to show ads to you across the internet, specifically on the Google Content Network (GCN). As always we respect your privacy and are not collecting any identifiable information through the use of Google’s or any other 3rd party remarketing system.

The third-party vendors, including Google, whose services we use – will place cookies on web browsers in order to serve ads based on past visits to our website. – Third party vendors, including Google, use cookies to serve ads based on a user’s prior visits to your website. This allows us to make special offers and continue to market our services to those who have shown interest in our service.

14. Opt-out

You may opt out of Google’s use of cookies by visiting the Ads Preferences Manager. Also, you can opt out of other third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page.

 

15. Links to Third Party sites

Coviu's website may contain links to third party websites that are not operated or controlled by us. Please note that Coviu is not responsible for the privacy or security practices of those third party web sites and those sites are not covered by this Privacy Policy.

 

16. How can you access and correct personal and/or health information we hold about you?

You may seek access to personal and/or health information which we hold about you by contacting us as described in Section 21 of this Privacy Policy. We will provide access to that information in accordance with the relevant privacy laws, subject to certain exemptions which may apply. We may require that the person requesting access provide suitable identification and where permitted by law we may charge an administration fee for granting access to your personal and/or health information.

If you become aware that any personal and/or health information we hold about you is incorrect or if you wish to update your information, please contact us (see Section 21 of this Privacy Policy).  If you are a patient, please contact your health care provider if you believe any of your protected health information is incorrect.

 

17. Your California Privacy Rights

We collect the categories of personally identifiable information from our website visitors and other individuals when they visit or use our website at www.coviu.com and all related websites and applications (collectively, our “Websites”) as described in Section 3 above.  We may share personally identifiable information collected via our Websites with the categories of third parties that are described in Section 8 above.

California residents additionally have the right to request information regarding third parties to whom Coviu has disclosed certain categories of personal information during the preceding year for those third parties’ direct marketing purposes under California’s “Shine the Light” Law. Personal information under this California law means any information that identified, described, or was able to be associated with an individual at the time of disclosure. We do not disclose this type of personal information to third parties for their own purposes, and we permit you to opt-out of any disclosures of non-identifiable personal information. However, if you are a California resident and would like to inquire further, please contact us using the information provided below. You must include your full name, email address and postal address in your email or mail request so that we can verify your California residence and respond.

 

Currently, we do not monitor or take any action with respect to signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer's online activities over time and across third-party websites or online services (e.g., browser do not track signals.

18.  Your Nevada Privacy Rights

Nevada residents have the right to request to opt out of any “sale” of their personal information under Nevada SB 220. While we do not sell any of your personal information, Nevada law allows you to request to opt out of the future sale of your personal information. If you are a Nevada resident and would like to make such a request, please contact us using the information below. You must include your full name, email address and postal address in your email or mail request so that we can verify your Nevada residence and respond. In the event we sell your personal information after the receipt of your request, we will make reasonable efforts to comply with such request.

19.  Use by children

Our Website is not directed toward individuals under the age of 13 (“Children”). We do not knowingly collect personal information from Children, and no personal information should be submitted to our Website by Children. If we learn we have collected or received personal information from a Child, we will delete that personal information as permitted by law. You must be old enough to consent to the processing of your personal information in your country, and you must be at least 18 years of age to subscribe to our Services. If you believe we may have any collected personal information from a child under the age of 13 without parental consent, please submit a written request via the email to security@coviu.com.

20. Queries, comments and complaints about our handling of personal information

If you have any questions, comments or complaints about our collection, use or disclosure of personal information, or if you believe that we have not complied with this Privacy Policy or relevant privacy laws, please contact us (see Section 21 of this Privacy Policy).

When contacting us please provide as much detail as possible in relation to your question, comment or complaint.

We will take any privacy complaint seriously and any complaint will be assessed with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner.

21. How can you contact us?

Please address all privacy complaints to:

If in Australia or elsewhere (other than the United States)

Attention: Coviu Pty Ltd
Level 1/1024 Ann Street
Fortitude Valley QLD 4006

OR

security@coviu.com

 

If in the United States

Attention: Coviu Corporation
3401 Market Street
Suite 200/201
Philadelphia, PA 19104

OR

security@coviu.com

If you wish to seek access to or correct or update any personal information we hold about you, or to unsubscribe from our direct marketing you can also contact us using the contact details listed above.

Effective Date: October 5, 2021

Last Updated: September 22, 2023

Are you a provider or a patient?

PROVIDER Patient

Have Questions? Contact Us

Telehealth for Enterprise

For organisations with 25+ Providers

TALK TO US

People-2-final

As a patient, you do not need to sign up to a Coviu account. Your healthcare provider will use their account and send you a link to join at the time of your consultation.

Learn how to join a Coviu Call

Chat to your provider about using Coviu