Coviu Corporation (“we”, “our” and “us”) is committed to responsible privacy practices and to complying with privacy laws, to the extent they apply to us.
Coviu has entered into business associate agreements with its clients which are covered entities under the Health Information Portability and Accountability Act (“HIPAA”) and will protect the privacy and security of health information in accordance with those agreements.
2. What is personal, sensitive and health information?
3. What types of personal and health information do we collect?
The types of personal and health information we collect from you on behalf of our clients depend on the circumstances in which the information is collected, including the nature of the medical attention you require.
We may collect contact details including your name, address, email address, phone numbers and your date of birth / age. If you are the owner or a staff member of a practice that is using the Coviu service to provide consultation services to patients, we may also collect details in relation to your practice. We may also collect answers you provide to questions we ask and other information in relation to your dealings with us.
If you are a patient or otherwise participate in a video consultation, on behalf of our clients, we will collect as little information about you as necessary to provide the service. We may collect contact details and information about you that is health information, including your medical information (such as your medical history, medications, allergies, your family health history and potential risk factors), the healthcare practitioner(s) which you have video consultations with and their area of medical expertise, your Medicare number or other healthcare identifiers and other health information contained in any appointment records. We may collect this information via the answers you provide to questions we ask, your communications with your practitioner over our videoconferencing service, including in recordings of videoconferences, and any records that are uploaded to our system or created by your healthcare provider(s). We use this information solely on behalf of your healthcare provider and in accordance with our business associate agreement with the client, and if required by law, only with your consent..
Except as described in this section, we do not generally require you to disclose any sensitive information (e.g. details of race, religious belief, sexual orientation or membership of a trade union) to us. If you do provide us with sensitive information for any reason, you consent to us collecting that information and using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the relevant privacy laws.
In addition to the types of personal information identified above, we may collect personal information as otherwise permitted or required by law.
4. How do we collect your personal and health information?
We collect personal and health information in a number of ways. The most common ways we collect your personal and health information are:
- directly from you when you provide it to us or our agents or contractors;
- via our website or when you communicate with us online (including when you use our video consultation services, make appointments and through our social media pages);
- if you are a patient, from your healthcare provider (including any medical records uploaded or created on our system);
- from publicly available sources;
- from our related companies; and
- from third parties (for example, from referees if you apply for a position as an employee or contractor with us).
Your personal and health information may be held as electronic records (including in the form of text, video and audio recordings of your consultations and digital images such as x-rays).
5. For what purposes do we collect, use and disclose your personal and/or health information?
The purposes for which we use and disclose your personal and/or health information will depend on the circumstances in which we collect it. Whenever practical, we endeavor to inform you why we are collecting your personal and/or health information, how we intend to use that information and to whom we intend to disclose it at the time we collect your personal and/or health information.
We may use or disclose:
- your personal information for the purposes for which we collected it and you have consented to (and related purposes which would be reasonably expected by you);
- your health information for the purposes for which we collected it and you have consented to (and directly related purposes which would be reasonably expected by you); and
- as otherwise authorised or required by law.
In general we collect, use and disclose your personal and health information so that we can do business together and for purposes connected with our business operations.
Some of the specific purposes for which we collect, use and disclose personal and health information are:
- to respond to you if you have requested information (including via our websites or via an email or other correspondence you send to us);
- to provide goods or services to you (including online video consultation services and, if you are a patient, to remind you about your appointments);
- in the case of personal information other than health information,
- to administer rewards, surveys and related activities;
- to run competitions or other promotional activities or events, sponsored or managed by us or our business partners;
- if you are a patient, to enable your healthcare provider(s) to access your personal and health information and share that information with you;
- to enable you to use our apps and other applications;
- to improve our goods and services;
- for research purposes. In the case that research includes clinical research, we obtain your consent as required by any ethics board and/or law;
- to verify your identity, address and age or eligibility to participate in a marketing activity;
- to address any issues or complaints that we or you have regarding our relationship or service; and
- to contact you regarding the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.
6. Direct marketing
7. What happens if you don’t provide personal and/or health information?
Generally, you have no obligation to provide to us any personal information requested by us. However, if you choose to withhold requested personal and/or health information, we may not be able to do provide you with the products and services requested.
8. To whom do we disclose personal and/or health information?
This may include disclosing your personal information to the following types of third parties:
- our employees and related bodies corporate;
- our contractors and other third parties that provide goods and services to us (including website and data hosting providers, and other suppliers);
- our accountants, insurers, lawyers, auditors and other professional advisers and agents;
- your clinician’s practice and practice management system or electronic medical records system;
- payment system operators;
- customer support system operators;
- any third parties to whom you have directed or permitted us to disclose your personal information (e.g. referees);
- in the unlikely event that we or our assets may be acquired or considered for acquisition by a third party, that third party and its advisors;
- third parties that require the information for law enforcement or to prevent a serious threat to public safety; and
- otherwise as permitted or required by law.
Where we disclose your personal and/or health information to third parties, we will use reasonable efforts to ensure that such third parties only use this information as reasonably required for the purpose we disclosed it to them and in a manner consistent with privacy laws and/or under HIPAA, as applicable.
If you post information to public parts of our websites or to our social media pages, you acknowledge that such information (including your personal information) may be available to be viewed by the public. You should use discretion in deciding what information you upload to such sites.
9. Does personal and/or health information leave Australia?
Except as described in this section, we do not generally disclose your personal and/or health information outside of the country you reside.
We will take reasonable steps to ensure that our electronic storage service provider (and any such overseas recipients which we may use) do not breach privacy laws in relation to such information.
10. How do we protect personal and/or health information?
Please notify us immediately if you become aware of any breach of security.
11. Accuracy of the personal and/or health information we hold
We try to maintain your personal and/or health information as accurately as reasonably possible. We rely on the accuracy of personal and/or health information as provided to us both directly (from you) and indirectly.
12. Links, cookies and use of our websites and applications
We may use “cookies” and similar technology on our websites and in other technology applications. The use of such technologies is an industry standard, and helps to monitor the effectiveness of advertising and how visitors use our websites/applications. We may use such technologies to generate statistics, measure your activity, improve the usefulness of our websites/applications and to enhance the “customer” experience.
We also use 3rd party vendor remarketing tracking cookies, including the Google AdWords tracking cookie. This means we will continue to show ads to you across the internet, specifically on the Google Content Network (GCN). As always we respect your privacy and are not collecting any identifiable information through the use of Google’s or any other 3rd party remarketing system.
15. Links to Third Party sites
16. How can you access and correct personal and/or health information we hold about you?
17. Your California Privacy Rights
We collect the categories of personally identifiable information from our website visitors and other individuals when they visit or use our website at www.coviu.com and all related websites and applications (collectively, our “Websites”) as described in Section 3 above. We may share personally identifiable information collected via our Websites with the categories of third parties that are described in Section 8 above.
California residents additionally have the right to request information regarding third parties to whom Coviu has disclosed certain categories of personal information during the preceding year for those third parties’ direct marketing purposes under California’s “Shine the Light” Law. Personal information under this California law means any information that identified, described, or was able to be associated with an individual at the time of disclosure. We do not disclose this type of personal information to third parties for their own purposes, and we permit you to opt-out of any disclosures of non-identifiable personal information. However, if you are a California resident and would like to inquire further, please contact us using the information provided below. You must include your full name, email address and postal address in your email or mail request so that we can verify your California residence and respond.
Currently, we do not monitor or take any action with respect to signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer's online activities over time and across third-party websites or online services (e.g., browser do not track signals.
18. Your Nevada Privacy Rights
Nevada residents have the right to request to opt out of any “sale” of their personal information under Nevada SB 220. While we do not sell any of your personal information, Nevada law allows you to request to opt out of the future sale of your personal information. If you are a Nevada resident and would like to make such a request, please contact us using the information below. You must include your full name, email address and postal address in your email or mail request so that we can verify your Nevada residence and respond. In the event we sell your personal information after the receipt of your request, we will make reasonable efforts to comply with such request.
19. Use by children
Our Website is not directed toward individuals under the age of 13 (“Children”). We do not knowingly collect personal information from Children, and no personal information should be submitted to our Website by Children. If we learn we have collected or received personal information from a Child, we will delete that personal information as permitted by law. You must be old enough to consent to the processing of your personal information in your country, and you must be at least 18 years of age to use our Services. If you believe we may have any collected personal information from a child under the age of 13 without parental consent, please submit a written request via the email to firstname.lastname@example.org.
20. Queries, comments and complaints about our handling of personal information
When contacting us please provide as much detail as possible in relation to your question, comment or complaint.
We will take any privacy complaint seriously and any complaint will be assessed with the aim of resolving any issue in a timely and efficient manner. We request that you cooperate with us during this process and provide us with any relevant information that we may need.
If you are not satisfied with the outcome of our assessment of your complaint, you may wish to contact the Office of the Australian Information Commissioner.
21. How can you contact us?
Please address all privacy complaints to:
If in Australia or elsewhere (other than the United States)
Attention: Coviu Pty Ltd
Level 1/1024 Ann Street
Fortitude Valley QLD 4006
If in the United States
Attention: Coviu Corporation
3401 Market Street
Philadelphia, PA 19104
If you wish to seek access to or correct or update any personal information we hold about you, or to unsubscribe from our direct marketing you can also contact us using the contact details listed above.
Effective Date: October 5, 2021