Welcome to RadCard-Cloud: Secure online access to Private Medical Information

This Privacy Policy applies to all information collected about you by iDataMap Corporation Pty Ltd (IDMC) through and in relation to the services it has collected or stored, and describes, amongst other things, the types of information collected about you when you interact with the services, how your information may be used, when your information may be disclosed, how you can control the use and disclosure of your information, and how your information is protected.

This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of your information, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (the Privacy Act). The Privacy Act governs the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

The Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.oaic.com.au.

This Privacy Policy covers information collected through the following websites and applications:

• Websites: iDataMap.com
• Applications: RadCard™ and WaveMed.

1. Categories of information we may collect and process
SUMMARY: We may Collect and Process: your personal details (e.g., your name); demographic data (e.g., your date of birth); your contact details (e.g., your address and email); records of your consents; purchase details; your medical records (e.g., imaging, history, reports) and data you provided for storage. We may also process information about you from your use of our services (e.g., using RadCard™, the internet service provider, etc.), including your interactions with nominated practitioners. “Personal Information” means information that is about any individual, or from which any individual is directly or indirectly identifiable. “Process”, “Processing” or “Processed” means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. We may process the following categories of Personal Information about you:

• Personal details: your name; username or login details; password;
• Demographic information: gender; date of birth; salutation and language preferences;
• Contact details: postal address; telephone and/or mobile number; email address;
• Consent records: records of any consents you may have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent);
• Location information: location data that describes the precise geographic location of your device (“Precise Location Data”);
• Purchase and payment details: records of purchases and prices; invoice records; payment records; billing address; payment method; cardholder or accountholder name; payment amount; and payment date.

We also collect other kinds of information from you, which we refer to as “Other Information” in this Policy, which may include but is not limited to:

• Information about your use of the Services, such as usage data and statistical information, which may be aggregated;
• Browsing history including the websites or other services you visited before and after interacting with the Services;
• Device identification (“ID”), which is a distinctive number associated with a smartphone or similar handheld device, but is different than a hardware serial number;
• Internet Protocol (“IP”) address, which is a unique string of numbers automatically assigned to your device whenever you access the Internet;
• Internet connection means, such as internet service provider (“ISP”), mobile operator, WiFi connection, service set identifier (“SSID”), International Mobile Subscriber Identity (“IMSI”) and International Mobile Equipment Identity (“IMEI”);
• Information collected through the use of eTags, Javascript, device ID tracking, anonymous identifiers and other technologies, including information collected using such methods and technologies about (i) your visits to, and interaction and engagement with, the Services, and (ii) your interaction with emails;
• Device type, settings and software used;
• Log files, which may include IP addresses and date/time stamps;
• Mobile analytics to understand the functionality of our mobile applications and software on your phone.

2. Sensitive Personal Information
SUMMARY: We do not seek to collect or otherwise Process your Sensitive Personal Information. Where we need to Process your Sensitive Personal Information for a legitimate purpose, we do so in accordance with applicable law. The Services are not intended for use by children. We do not collect or otherwise Process Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive (collectively, “Sensitive Personal Information”). Where it becomes necessary to Process Sensitive Personal Information, we would rely on one of the following legal bases:

• Compliance with applicable law: We may Process your Sensitive Personal Information where the Processing is required or permitted by applicable law;
• Detection and prevention of crime: We may Process your Sensitive Personal Information where the Processing is necessary for the detection or prevention of crime (including the prevention of fraud);
• Establishment, exercise or defence of legal rights: We may Process your Sensitive Personal Information where the Processing is necessary for the establishment, exercise or defence of legal rights; or
• Consent: We may Process your Sensitive Personal Information where we have, in accordance with applicable law, obtained your prior, express consent prior to Processing your Sensitive Personal Information.

Children: The Services are not intended for use by children without parental supervision, especially those under 15. No one under the age of 15 should provide any Personal Information without parental approval. Minors under the age of 18 are not permitted to make purchases. If, notwithstanding these prohibitions, your children disclose information about themselves and if it is discovered that we have collected Personal Information from someone under 15 without parental consent, we will delete that information immediately.

3. How we collect or create information
SUMMARY: We may collect or obtain User Information about you directly from you (e.g., where you contact us); in the course of our relationship with you (e.g., if you make a purchase); when you install, or use any of our Services; when you visit our Services; when you register to use any part of the Services; or when you interact with any third-party content or advertising on the Services. We may also create User Information about you, such as records of your interactions with us. iDataMap Corporation is not responsible for Personal Information you volunteer about yourself in public areas of the Services.
Collection of User Information: We may collect User Information about you from the following sources:

• Data you provide: We may obtain your personal information when you provide it to us across our services (e.g., where you sign up for emails, newsletters and webinars; register for site membership or create a profile or account on any part of the Services; information by SMS text message; contact us via email, telephone or by any other means; purchase a subscription, software license or product; or when you provide us with your business card, etc.).
• Relationship data: We may collect or obtain your Personal Information in the ordinary course of our relationship with you (e.g., if you purchase a service from us).
• Service data: We may collect or obtain your Personal Information when you visit, download, use or register to use any part of our Service.
• Creation of User Information. We may also create User Information about you, such as records of your interactions with us and details of your purchase history, for internal administrative purposes.

4. Purposes for Which We May Process Your Information
SUMMARY: We may Process User Information for the following purposes: providing the Services to you; communicating with you; connecting you to nominated practitioners and healthcare providers; observing purchase activity; managing our IT systems; financial management; ensuring the security of our systems; conducting investigations where necessary; compliance with applicable law; and improving our Service. The purposes for which we may Process User Information, subject to applicable law, include:

• Provision of the Services to You: providing the Services to you from iDataMap Corporation or its partners including (i) posting of your personal testimonial alongside other endorsements, (ii) display of your personal reviews of products or services, (iii) management of your account, and (iv) customer support and relationship management.
• Offering and Improving the Services: operating and managing the Services for you; providing personalised content (e.g., updates) to you; communicating and interacting with you via the Services; identifying issues with the Services and planning.
• Communications: communicating with you via any means (including via email, telephone, text message, social media, post or in person) regarding updates and other information in which you may be interested, subject to ensuring that such communications are provided to you in compliance with applicable law; maintaining and updating your contact information where appropriate; and obtaining your prior, opt-in consent where required; improvements to or creating new Services; and notifying you of changes to any of our Services.
• IT Administration: administration of iDatamap Corporation’s information technology systems; network and device administration; network and device security; implementing data security and information systems policies; compliance audits in relation to internal policies; identification and mitigation of fraudulent activity; and compliance with legal requirements.
• Security: electronic security measures (including monitoring of login records and access details) to help mitigate the risk of and provide the ability to identify and rectify a security incident.
• Financial Management: general business and financial management purposes, including: economic, financial and administrative management; planning and reporting; sales; accounting; finance; corporate audit; and compliance with legal requirements.
• Legal Proceedings: establishing, exercising and defending legal rights.
• Legal Compliance: Subject to applicable law, we reserve the right to release information concerning any user of Services when we have grounds to believe that the user is in violation of our Terms of Use or other published guidelines or has engaged in (or we have grounds to believe is engaging in) any illegal activity, and to release information in response to court and governmental orders, other requests from government entities, civil subpoenas, discovery requests and otherwise as required by law or regulatory obligations. We also may release information about users when we believe in good faith that such release is in the interest of protecting the rights, property, safety or security of iDataMap Corporation, any of our users or the public, or to respond to an emergency.

5. Access to your personal information
SUMMARY: You may access the Personal Information we hold about you and to update and/or correct it.

If you wish to access your Personal Information, please contact us in writing at the address at the bottom of this page. iDataMap will not charge any fees for your access request, but may charge an administrative fee for providing you with a copy of your Personal Information. In order to protect your Personal Information we may require identification from you before releasing the requested information.

6. Lawful Basis for Processing Personal Information
SUMMARY: We may Process your User Information where: you have given your consent; the Processing is necessary for a contract between you and us; the Processing is required by applicable law; the Processing is necessary to protect the vital interests of any individual; or where we have a valid legitimate interest in the Processing. In Processing your User Information in connection with the purposes set out in this Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

• Consent: We may Process your User Information where we have obtained your prior, express consent to the Processing (this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way.
• Contractual necessity: We may Process your User Information where the Processing is necessary in connection with any contract that you may enter into with us;
• Compliance with applicable law: We may Process your User Information where the Processing is required by applicable law;
• Vital interests: We may Process your User Information where the Processing is necessary to protect the vital interests of any individual.

7. What Information We Disclose to Third Parties
SUMMARY: We may disclose your User Information to legal and regulatory authorities; our external advisors; parties who Process User Information on our behalf (“Processors”); any party as necessary in connection with legal proceedings; any party as necessary for investigating, detecting or preventing criminal offences; and any purchaser of our business.

• Legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
• Any relevant third-party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganisation, dissolution or liquidation).

Your personal information will not be disclosed to overseas recipients.

8. Data Security
SUMMARY: We implement appropriate technical and organisational security measures to protect your User Information. Please ensure that any Personal Information that you send to us is sent securely. We have implemented appropriate technical and organisational security measures designed to protect your User Information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of Processing, in accordance with applicable law. However, we cannot guarantee there will not be a breach, and we are not responsible for any breach of security or for the actions of any third parties.

Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement reasonable measures to protect your information, we cannot guarantee the security of your data transmitted to us using the internet. Any such transmission is at your own risk and you are responsible for ensuring that any Personal Information that you send to us are sent securely.

9. Data Accuracy
SUMMARY: We take every reasonable step to ensure that your User Information is kept accurate and up-to-date and are erased or rectified if we become aware of inaccuracies. We take every reasonable step to ensure that your User Information that we process is accurate and, where necessary, kept up to date, and any of your User Information that we Process that you inform us is inaccurate (having regard to the purpose for which they are Processed) is erased or rectified.


Privacy Policy Complaints and Enquiries:

If you have any queries or complaints about our Privacy Policy please contact us at:

Privacy
iDataMap Corporation Pty Ltd
Suite 14, 73 South St., and Calley Drive
Leeming WA 6149
AUSTRALIA
support@idatamap.com

Or

Office of the Australian information Commissioner
www.oaic.com.au
+61 2 9284 9749

June 2024