Privacy Policy

1. Overview

Kantoko Pty Ltd (Kantoko, we, us, our) considers your privacy to be important. This Privacy Policy (Policy) sets out how we:

(a) collect, hold, use and disclose information about individuals who deal or interact with us; and

(b) assist the users of our software to maintain patient confidentiality.

We treat all personal information collected by us in accordance with this Policy and applicable privacy laws in the jurisdictions in which we operate or in which our users are located including, but not limited to, the Australian Privacy Act 1988 (Cth) (Privacy Act) (the Privacy Act together with other applicable privacy laws, Privacy Laws).

If there is any inconsistency between applicable Privacy Laws and this Policy, the applicable Privacy Laws will prevail to the extent of the inconsistency.

By creating an account with us, filling out a contact form or otherwise engaging with us or providing information to us, you consent to us collecting, processing, and using your personal information in accordance with this Policy.

2. Patient Confidentiality

Kantoko offers an online platform which facilitates the connection of its users (Platform Users) to licensed Health Practitioners (each a Health Practitioner) (the Platform). We facilitate confidential consultations between Health Practitioners and Platform Users.

Platform Users and Health Practitioners may utilise the Platform to record, store, access and communicate personal information.

Health Practitioners are solely responsible for:

(a) the collection, use and disclosure of any patient data, which may include your personal data; and

(b) obtaining patient permission to release or disclose patient data, which may include your personal data, to us.

We recommend that you check the privacy and security policies and procedures of any third party to whom you provide personal information.

If you provide any information to us, which may include personal data, you warrant and represent that you are entitled to do so.

We accept no liability or responsibility whatsoever in relation to the collection, use and disclosure of information by any other party, including patient data collected, used and disclosed by Health Practitioners.

Where Kantoko manages information on behalf of Health Practitioners or Platform Users, we do so in accordance with Privacy Laws and the contractual arrangements we have with those parties.

We do not directly collect personal information of healthcare patients unless otherwise disclosed. Any queries from patients or other third parties regarding personal data recorded or stored using our Platform will be referred to the relevant Health Practitioner.

3. Personal Information Collected by Us

Personal information is information or an opinion of an individual whose identity is apparent or can be reasonably ascertained. As part of our business, we may collect personal information from you.

We collect a variety of personal information that is reasonably necessary for the purposes of conducting and improving our business and our products and services. This information may be collected in a number of ways, including:

(a) through our website https://www.kantoko.com.au and its subdomains (our Site), our Platform and various third party social media and messaging sites, pages, groups and forums, and other services relating to our Site (collectively with our Site, our Services);

(b) through our Platform, including from Health Practitioners who utilise our Platform to provide goods and services to you;

(c) through marketing research, including surveys and polls;

(d) from competitions and other user participation events;

(e) through any of our other business activities or events; and

(f) through a person seeking employment with us and/or by otherwise having some form of contact with a person, such as by personal contact, mail, telephone, email, video teleconferencing, Internet or other forms of telecommunication.

Personal information collected by us may include:

(a) your name;

(g) your title;

(h) your contact details (including street address, postal address, email address, phone number and fax number);

(i) location information;

(j) transactional information (including your method of payment);

(k) Medicare information;

(l) usernames and passwords that you use to access our Services;

(m) your reasons for using our Services or any of our products and services;

(n) your preferences and opinions relating to our Services or any of our products and services;

(o) any other information that you choose to send to us; and

(p) usage data and logs, which may include information such as your Internet Protocol (IP) address, browser type, browser version, device type, make and model clickstream/heatmap data, the pages of our Services that you visit, the features and functions of our Services you use, activities or actions you do while using our Services, the time and date of your visit to our Services, the time spent on any pages of our Services, and other log related information relating to your use of our Services.

Except as outlined in this Policy, we endeavour to only collect personal information about you from you, where it is reasonable and practical to do so. Sensitive information will only be used and disclosed for the purpose for which it was collected by us or for a directly related secondary purpose.

Where any person (including a Health Practitioner) provides personally identifiable information relating to another party to us, they warrant that they have permission to do so.

4. Use of Personal Information

Generally, we use personal information for providing, evaluating, improving, personalising and developing our business, our Services, our other products and services, and to protect our users. More specifically, we use personal information for:

(a) providing and delivering our Services, including connecting Platform Users with a Health Practitioner;

(b) facilitating and authorising payment and processing via third party gateways, including Medicare processing;

(c) providing support to you (including technical support) in relation to the use of our Services and our other products and services;

(d) improving our Services, and other products and services, and user satisfaction including without limitation for Artificial Intelligence training purposes;

(e) promoting and delivering our Services and our other products to organisations and individuals;

(f) internal research and statistical purposes (including market segmentation and customer value analysis) and internal business operations (including fulfilling any legal requirements); and

(g) enabling us to forward to you other information or material which we believe may be of interest to you, or which you have indicated you may be interested in receiving.

We automatically gather information to monitor the use of our Services and our other products and services.

5. Disclosure of Personal Information

5.1 Disclosure generally

We do not disclose your personal information to any third party, other than those requiring this information to assist us or those that are directly related to the purposes for which the information was collected, including:

(a) to external service providers, so that they can provide products and services in connection with the operation and improvement of our business including, without limitation, our professional advisors, consultants, administrators and data entry service providers;

(b) to our affiliates, including but not limited to other organisations and businesses within our group of organisations, employees and contractors;

(c) to provide services to, or respond to or fulfill requests from, you;

(d) as permitted under the Privacy Laws or any other applicable law;

(e) if you would reasonably expect that your personal information would be passed to the person to whom the personal information is disclosed;

(f) any relevant authority or enforcement body where we reasonably believe that disclosure is required to bring legal action against a third party;

(g) complying with legal and regulatory obligations (including any reporting requirements under the Medicare Scheme or any other government scheme in relation to the goods and services we provide);

(h) entities that we propose to merge with or be acquired by; and

(i) with your consent.

5.2 Third party social media services

We may operate one of more forums, groups, chat rooms, or other services and facilities which are hosted on third party social media services and websites, such as Facebook, Instagram and Twitter.

Your use of, and participation in, such services and facilities is subject always to the terms of service, acceptable use policies, privacy policies, and other terms and conditions adopted by those third party social media services and websites.

Any information which you disclose on any third party social media services and websites is at your own risk and expense. We accept no liability or responsibility whatsoever in relation to the use, non-use or misuse of such third party social media services and websites by you or any other person.

6. Protecting Personal Information

In addition to supporting customers to maintain patient privacy, we take reasonable steps to protect all personal information which we hold from misuse, interference, loss, unauthorised access, modification or disclosure.

The precautionary steps we take to protect personal information may include:

(a) adopting measures to protect our computer systems and networks for storing, processing and transmitting personal information;

(b) adoption of procedural and personnel measures for limiting access to personal information by our staff;

(c) ensuring that access to our Platform is restricted to authorised users;

(d) regularly reviewing our information collection, storage and processing practices; and

(e) secured encrypted servers, password protection for electronic files, multifactor authentication procedures, securing paper files in locked cabinets and physical access restrictions.

We also take steps to ensure that the personal information we collect is accurate, up-to-date and complete. These steps may include maintaining and updating personal information when it is apparent that updating is required, or we are otherwise advised by you that your personal information has changed.

Notwithstanding that we use our best endeavours to protect all personal information, we cannot completely guarantee the security of your personal information.

7. Cookies

Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer's or mobile device’s storage drive.

Like many sites, we use cookies and other similar technologies to collect information and remember your preferences. You can instruct your browser to refuse all cookies, or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some features of our Services or our other products and services.

8. Web Beacons

Web beacons (also known as clear gifs, pixel tags or web bugs) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of users or to access cookies.

Unlike cookies which are stored on the user’s computer or mobile device storage drive, web beacons are embedded invisibly on web pages (or in e-mail). Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages and to understand usage patterns.

Like many sites, we use web beacons to collect information which is done in accordance with this Policy.

9. Overseas Disclosure

9.1 Overseas IT service providers

We may disclose personal information to outsourced information technology service providers, including cloud computing providers and data storage providers, and other third party service providers who are not in Australia or may transfer or store your personal information outside Australia.

We will take reasonable steps to ensure such overseas recipients do not breach the Australian Privacy Principles contained in the Privacy Act (APPs), or are subject to laws or a scheme substantially similar to the APPs.

Overseas recipients are not bound by the APPs and subclause 8.1 of the APPs does not apply to the disclosure of your personal information to an overseas recipient. If an overseas recipient handles your information in breach of the APPs, you will not be able to seek redress under the Privacy Act.

9.2 Disclosure for analytics

We may use Google Analytics and other third party analytics software to track your usage of our Services, including web analysis services which may utilise the data collected to track and examine the use of our Services and to prepare reports on its activities.

9.3 Consent to overseas disclosure

Other than as contemplated in this Policy, we will only disclose your personal information to an overseas recipient if:

(a) you consent to the transfer; or

(b) the disclosure of the information is required, authorised or permitted by or under an Australian law, other applicable law or a court/tribunal order.

10. Third Parties

Our Services may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site which you visit.

We confirm that we have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third party sites, products or services whatsoever.

You should be aware that your ability to opt-out of a third party tool or platform will depend on the conditions governing your agreement with that third party.

11. Competitions

Generally, all competitions run by us are hosted on our servers and are conducted, with respect to the collection and use of personal information, in accordance with this Policy.

Competitions run by third parties, such as competitions run by our affiliates, commercial partners,  or sponsors, will be hosted on their own servers and the collection of personal information will be subject to the privacy policies of the relevant third parties. We strongly recommend that, before signing up to any third party competition, you carefully review the privacy policy of the relevant third party.

12. Direct Marketing

We may use your personal information to notify you of services that we are able to offer you from time to time. You can opt our of receiving any marketing communications from us by following the opt out instructions in those communications.

13. Accessing and Managing Your Personal Information

Right to Access

You have a right, at all times, to obtain from confirmation from us as to whether or not your personal information is being processed by us, where such processing is occurring, and for what purpose.

We will provide you with access to your personal information held by us, unless:

(a) giving access would be unlawful; or

(b) denying access is required under any applicable law.

If you wish to access your personal information, please contact us at support@kantoko.com.au.

Amendment of Personal Information

You can contact us to update or correct your personal information at support@kantoko.com.au.

Depending upon the personal information you seek to access, you may be asked:

(a) to put your request in writing with evidence to verify your identity; and/or

(c) to provide further details to assist us in responding to your request in a timely manner.

We will respond to a request for access to personal information within a reasonable period after the request is made (or such other period required by law).

If we elect not to correct your information, we will within a reasonable time (or such other period required by law) notify you of the reason for our refusal, the mechanisms available for you to complain about our refusal and such other matters required by the applicable Privacy Laws.

14. Complaints

We strive to ensure our compliance with this Policy and to regularly review our practices under it.

If at any time you have a complaint against us regarding our Policy, including a breach of the Privacy Laws, we invite you to contact us at support@kantoko.com.au. All complaints made will be dealt with in confidence. We endeavour to respond within 30 days of receipt of a complaint with a resolution or proposed resolution of the issue raised.

Please note that you may also make a complaint to the Office of the Australian Information Commissioner (OAIC) about the handling of your personal information. Information on making a privacy complaint can be found on the OAIC Website.

15. Variations

We reserve the right to vary this Policy from time to time without further notice to you. Any variations made will be updated on our Services. We will not reduce your rights under this Policy without using our best endeavours to first provide you with notice. It is your responsibility to check our Policy every now and again to ensure that you are aware of any changes made to it.

16. Further Information

For any further information about this Policy please contact us at support@kantoko.com.au.