This statement defines our approach to the collection and use of your personal information, and outlines your options for interaction with us.
At Best Practice Software (Bp), we regard your privacy as important.
Bp has specific obligations under the Privacy Act 1988 (Cth), various State and Territory privacy and data protection legislation in Australia (to the extent applicable) and the Privacy Act 1993 (NZ) regulating the manner in which personal information is handled throughout its life cycle, from collection to use and disclosure, storage, accessibility and disposal (Privacy Obligations).
This Privacy Statement outlines the information collection and handling policies of Bp and our related bodies corporates, as that term is defined in the Corporations Act 2001 (Cth) (Affiliates), and describes the processes we implement in order to comply with our Privacy Obligations. By providing us with your personal information, you consent to us collecting, using, disclosing and otherwise handling that information in accordance with this Privacy Statement.
What is Personal Information?
Personal information is information or an opinion, in any form and whether true or not, about an identified (or reasonably identifiable) individual. Personal information might include an individual’s name, telephone number, postal or e-mail address.
Special provisions apply to the collection of personal information which is sensitive, including health information. Sensitive information is a type of personal information, and includes information or an opinion about an individual’s race, political opinion, religious beliefs, sexual orientation, criminal record, membership of a trade union or health information. Health information is a type of sensitive information and includes information or an opinion about the health or disability of an individual, an individual’s wishes about the future provision of health services to him or her and the health services provided to an individual. Bp does not solicit any health or sensitive information. Where health or sensitive information is disclosed to Bp, it will be dealt with in accordance with Bp’s obligations under its Privacy Obligations.
What Personal Information we collect and hold
Bp designs,develops, markets and supports medical and practice management software throughout Australasia. We collect and use personal information in order to provide our products and services to customers and to assist our customers’ use of our products and services to provide their medical services to their patients (Patients).
Personal information may include, but is not limited to:
- your contact details including your name, billing and delivery address, e-mail address, contact phone and fax numbers, date of birth, your signature, and your elected user name and password;
- where you or your organisation is a customer, your financial information, such as your bank account or credit card details (as required);
- where you or your organisation is a customer, we may also collect information about your financial situation, credit history or other types of credit related information about you when you apply for finance or credit arrangements including:
- credit information about you;
- credit eligibility information about you;
- CP derived information about you; and
- any other personal information you provide to us in relation to the Services.
How we collect and hold Personal Information
Generally, all personal information Bp collects is collected directly from you, with your consent or, where permitted by law from relevant third parties. Our policy is to collect only the personal information that we reasonably need for a particular purpose.
The circumstances in which we may collect personal information from you include when you:
- register on our online user forum or submit a contact form at http://www.bpsoftware.net;
- request to be contacted by us, or request an evaluation disk or quote;
- complete a feedback form or product enquiry;
- request support of or assistance with using our products;
- provide a response in an online survey;
- participate in a promotional offer or competition; and/or
- subscribe to our newsletter or mailing list.
The circumstances in which we may collect personal information from you when you are a Patient include when you require access to and use of our products or services, including access to and use of certain Bp’s software and mobile applications to communicate with your medical provider (such as arranging medical appointments).
We may collect this information either online, through our software and mobile applications, over the telephone, in person, or through a feedback form at a customer or corporate event. We may also collect personal information from publicly available sources, or where we are legally obliged to do so.
You may be anonymous or use a pseudonym when dealing with us, unless the use of your personal information is a legal requirement or it is impracticable for us to deal with you anonymously or under a pseudonym.
If you choose not to supply us with the personal information we request, we may be unable to provide you with our products or services.
How we use and disclose Personal Information
We use and disclose personal information where it is reasonably necessary for us to carry out our business functions and activities, for example, in order to provide you with our products and services.
Where you are a Patient, we use and disclose personal information where it is reasonably necessary to carry out our business functions and activities in assisting our customers to provide its medical services to you as the Patient. This may include, without limitation, access to and use of your personal information (including health information) in the course of providing technical support to our customers.
We also use and disclose personal information for related purposes that you would reasonably expect, including our administrative and accounting functions, providing you with information about other products and services offered by us, marketing and promotions, market research, newsletter communications, statistical collation and website traffic analysis. Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.
Where you or your organisation is a customer and a credit trading account is sought, we may also use personal information to carry out checks for credit-worthiness and for fraud and to insure your or your organisation’s account with a trade credit insurer to establish, administer and otherwise generally to manage a commercial credit trading account including billing and collecting payments.
Personal Information collected about you is used for the purpose of providing you with our products and services. This includes, without limitation:
- verify your identity;
- provide and administer you with the products or services you have requested, or respond to your queries and contact you when necessary;
- send invoices or statements, and collect payments from you;
- notify you about existing or new products, versions, updates, services or promotions we, our related companies, or selected partner companies may offer from time to time;
- if we are providing you with credit, to assess your credit worthiness, ongoing management and control of your credit arrangement debt recovery purposes;
- provide our customers and potential customers with an up to date, useful and personalised website and services; conduct research for our own internal purposes; and/or
- as otherwise permitted by law (such as to comply with obligations under our Privacy Obligations).
We may also use the personal information we collect in order to communicate with you including notifying you of the availability of important regular data and program version updates for your recommended download and installation, and notifying you of other product, service and company news which we believe is relevant to you, your organisation and your user experience. Based on your request to us, we may also use this information to verify your contact details for participation and engagement in our online forum community, and to advise you of information we believe you should know through our regular customer newsletters.
If at any time you no longer wish to be notified about new products, services or promotions, please let us know by contacting one of our Privacy Officers, whose contact details are set out below.
If we do not collect your personal information, or if you do not consent to our use and disclosure of your personal information, then we may not be able to answer your enquiry or provide you or your organisation with the products or services you have requested us to provide.
We may use a third-party independent contractor to conduct services which we are unable to, such as internet traffic measurement, website hosting, drug data information, and patient information materials. Use of such services may involve coding being placed on web pages on the Bp website to enable the collection and analysis of site visitor numbers, length of visit and pages visited. The contractor may collect and collate aggregate and non-personal information which is then provided to us to assist us to provide a product or service you’ve requested, and to provide you with a better user experience. Sometimes the information we collect may include de-identified demographic information such as age, gender, location, occupation, or interests, which is not personal information. We may use such information for our own internal business purposes or to improve our products and services. We may also disclose such de-identified information to third parties including consultants, suppliers, partners, customers or potential customers. If you do not wish for us to collect or use de-identified data from you in this way, please contact one of our Privacy Officers, whose contact details are set out below.
Our disclosure of your Personal Information
We may disclose your personal information to:
- our Affiliates;
- parties that you authorise us to disclose your personal information; and
- our partners, suppliers, contractors and consultants, assisting us in the provision of the products and services to you, such as call centre, billing, credit collection, drug data information, patient information materials, help desk and support services providers, subject to them being required to protect your personal information in the same manner that we commit to your privacy protection under this Privacy Statement.
We may also disclose personal information to selected third party companies with whom we have a relationship or with whom we are conducting a joint promotion or service offering. Such partner companies may need your personal information to fulfil a service, promotion or offer conducted by us in conjunction with the partner company. We will not disclose your personal information to partner companies for them to use for other purposes or to market their products or services to you directly, and we will endeavour to ensure that partner companies adhere to the obligations contained within the Privacy Act.
Where you are a Patient, we may also disclose your personal information to your medical provider in the course of providing Services to them as our customer.
We will not otherwise disclose personal information to third parties without your consent, except to:
- government, law enforcement and regulatory bodies where this is necessary for us to comply with our legal obligations;
- in response to a court order or a subpoena;
- parties to whom we sell all or part of our business; and
- otherwise comply with our legal obligations.
We do not sell, rent or trade personal information to or with third parties.
We make all reasonable efforts to keep personal information which we collect and hold secure, however, we cannot, and we do not, guarantee the security of transmission of all such information over the internet.
Disclosure to credit reporting bodies
Veda Advantage Ltd – (www.veda.com.au);
illion Australia Pty Ltd – (www.illion.com.au);
Experian – (www.experian.com.au)
If you fail to make a payment obligation to us, as and when due, or commit a serious credit infringement, we may disclose details of such events to CRBs. A CRB may use such information (and other personal data provided to them by us) in reports given to other credit providers to help assess your creditworthiness. You may have certain rights to request that CRBs do not use credit reporting information about you if you believe on reasonable grounds you have been or are likely to be a victim of fraud.
Cookies and Web Logs
Cookies are a small text file that our websites may place on your computer, and collect information such as your Internet Protocol address, your computer’s operating system, browser type and traffic patterns, and your user name or email address. You may adjust your Internet browser to disable cookies, or inform you when one is being used. If you choose to disable cookies, you may be unable to access certain areas of our website.
How we hold and store Personal Information
We take reasonable steps to ensure the personal information held by us is secured from such risks as loss or unauthorised access, destruction, use, modification or disclosure.
Our ICT systems are password protected and comply with our security standards, and if personal information is held on paper files, it is stored in locked files on secure premises. We only permit personal information to be accessed by authorised personnel, and our employees, agents and contractors are required to comply with our privacy policies and respect the confidentiality of any personal information held by us. In this instance, any agent or contractor who has access to personal information we hold is required to protect this information in a manner that is consistent with our policy by, for example, not using the information for any purpose other than to carry out the service they are performing for us. We endeavour to develop and implement appropriate measures to safeguard the personal information we hold against unauthorised use or disclosure.
You should be aware that, when using our products and services, no data transmission over the Internet can be guaranteed as completely secure. We do not warrant the security of any information you transmit to us over the internet and you do so at your own risk.
Access to and correction of Personal Information
We take reasonable steps to make sure that the personal information we collect, use and disclose is accurate, complete and up-to-date.
You may in some instances be able to access the information we hold about you. If you would like to access your personal information, please contact one of our Privacy Officers, who will explain how we will handle your access request, and whether there will be any associated fee. We will assume (unless you tell us otherwise) that your request for access relates to our current records about you.
A fee will not apply to making a request for access or update your personal information. A fee may apply and be charged for providing the information to you. The fee covers the cost to us in collating, copying and providing certain information to you. We will only charge this fee where it is lawful for us to do so.
In some circumstances, we may not permit access to your personal information, or may refuse to correct your personal information, including, but not limited to, where:
- giving access would have an unreasonable impact on the privacy of others;
- the information relates to existing or anticipated legal proceedings and the information would not be discoverable in those proceedings;
- giving access would be unlawful;
- denying access is otherwise required or authorised by law; or
- the request for access is frivolous or vexatious.
If we refuse to provide you with access to or correct your personal information, we will provide you with reasons for this decision in writing. In some circumstances where we correct a record, we may still require the retention of the original record.
Overseas disclosure of Personal Information
Bp may disclose your personal information between its Affiliates in Australia and New Zealand (where required), however does not routinely disclose personal information to other overseas recipients. You consent to such overseas disclosure between Bp and its Affiliates and acknowledge APP 8.1 will not apply to such disclosure.
If it is necessary for Bp to disclose personal information outside Australia or New Zealand (whichever applies) in order to provide you with our products or services, we will request your specific consent or will, before disclosing personal information overseas, take reasonable steps to ensure that the overseas recipient do not breach the Privacy Obligations.
Destruction and De-identification
Bp will continue to store and hold your personal information indefinitely, until such time as we no longer need it for any purpose for which the information may be used or disclosed under this Privacy Statement or for any other lawful purpose under applicable privacy or data protection laws or (if earlier, and subject to the next paragraph) a reasonable time after you ask us to delete it.
We use secure methods to destroy or to permanently de-identify personal information within a reasonable time after the end of the period mentioned in the previous paragraph (unless we are required to retain by any applicable privacy or data protection laws) or if we determine that the personal information received is required to be destroyed or permanently de-identified in accordance with any applicable privacy or data protection laws.
Complaints and Concerns
If you have any questions or comments about this Privacy Statement, or if you wish to complain about how we have handled personal information about you, please contact one of our Privacy Officers as follows:
Best Practice Software Pty Ltd
PO Box 1911
Bundaberg Queensland 4670, Australia
Telephone: 1300 40 1111
Best Practice Software New Zealand Limited
PO Box 1459
Hamilton 3240, New Zealand
Telephone: 0800 40 1111
We ask that any complaint should be made in writing to us in the initial instance. We will then respond to your complaint in writing and in accordance with any timeframes required by law. We may request you to provide further information about your complaint to duly assess your complaint. If for any reason you do not wish to complain to us initially or if we are unable to resolve your complaint to your satisfaction, a complaint may also be made to the Office of the Australian Information Commissioner (http://www.oaic.gov.au), or telephone 1300 363 992 or the Office of the Privacy Commissioner, New Zealand (http://www.privacy.org.nz), or telephone 0800 803 909.
Changes to this Privacy Statement
This Privacy Statement may change from time to time and you should check regularly for updates.
This Privacy Statement was last updated on 25th January 2019.