Privacy Policy

1. Introduction

At Kite, we recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information. We take your privacy seriously.

We respect your rights to privacy and have a legal obligation to abide by the provisions of the Privacy Act 1988 (Cth) (Privacy Act). The rules that an organisation must follow under the Privacy Act are known as the Australian Privacy Principles (APPs) and cover areas including the collection, use, disclosure, quality and security of personal information. We are also bound by any relevant health privacy principles under State legislation.

This policy outlines the types of information we collect, why we collect it and how you can manage, update and delete the information we hold.

Kite Therapy (Kite, we, us, our) is an online therapy service dedicated to supporting parents and caregivers with children under the age of 7.

At Kite, we collect a range of information, including personal information about you. Personal information includes information or an opinion about you (whether true or not), which identifies you or from which you are reasonably identifiable.

Please take a moment to read this Privacy Policy as it describes what happens to your personal information that is collected via our website at www.kitetherapy.com.au (Website) or as a result of you using our services.

2. How we collect your personal information

We will collect and hold your personal information in a lawful and fair manner, and not in an intrusive way. Where it is reasonably practical to do so, we will collect your personal information directly from you.

2.1 We collect your personal information directly from you when you:

2.1.1 visit the Website and sign up as a subscriber to our content;
2.1.2 make an inquiry or order in relation to goods or services through our Website;
2.3 attend an online consultation with one of our team through the Website;
2.1.4 contact us via telephone or facimile;
2.1.5 correspond with us, including when you complete our online quizzes or forms, contact us through our Website, in writing or via email;
2.1.6 upload your personal information on any mobile applications operated by Kite;
2.1.7 complete a customer satisfaction or market research survey; and/or
2.1.8 participate in any of our services.

2.2 We may also collect your personal information:

2.2.1 from our group companies in order to provide you with goods and services;
2.2.2 from publicly available sources and third parties, such as suppliers, recruitment agencies, contractors, our clients and business partners;
2.2.3 from government sources, such as Medicare, the My Health Record system, the electronic transfer of prescriptions service or any other government authority or database relevant to the provision of a service to you (Government sources) and
2.2.4 from any other people or entities involved in assisting us with providing our services to you.

If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding your information, how we will use and disclose it, and that you may contact us to gain access to and correct or update the information.

3. Types of personal information we collect

3.1 The types of personal information we collect include (but are not limited to): your name, postal address, email address, contact phone numbers, date of birth, driver’s licence details, NDIS details, billing and shipping information, device ID, IP address, statistics on page views, traffic, standard web log-in information, details of the services you make enquiries about, written consents related to the goods and services we facilitate and, if applicable, employment information.

3.2 We only collect health information about you with your consent, or otherwise in accordance with the Privacy Act. The types of health information we collect include (but are not limited to): your medical history, NDIS number, Individual Healthcare Identifier (IHI) number, height, weight, symptoms, future health goals, medical records, medical prescriptions, and other health information or sensitive information that you provide or that we (or our Partners) consider necessary to provide our (or their) services to you.

3.3 Where you do not wish to provide us with your personal information, we may not be able to provide you with the requested goods or services.

4. Our purposes for handling your personal information

We collect, hold, use and disclose personal information to:

4.1 offer and provide you with our goods and services (including to verify your identity, to maintain any of your health records that we hold, to contact you to make appointments or issue reminders, and to tell you about products that might better service your healthcare or lifestyle requirements);

4.2 facilitate and authorise payment and processing via third party gateways;

4.3 communicate with you about the provision of our goods and services, including but not limited to, sending communications to you about the services you have sought, reminders in connection with the services you have sought, as well as to follow-up a matter with you at the request of the Partner or to email you tax invoices;

4.4 communicate to you announcements and updates, security alerts, technical notices, support and administrative messages and to provide you with information upon your request;

4.5 send you marketing and promotional information about:
i. us and our goods and services; or
ii. our group companies and business partners and their goods and services,
that might be of interest to you, including information about promotional offers, contests, rewards and upcoming events. This information may be delivered to you via SMS, email and personalised website experiences, such as a dashboard of recommendations for health products and services which may benefit you;

4.6 facilitate third parties communicating with you about our goods or services that might be of interest to you;

4.7 improve your experience with our goods and services, or to improve our, or any of our group companies’ products and services, including through research and development;

4.8 comply with our legal and regulatory obligations (including reporting requirements under the Medicare Scheme, the pharmaceutical benefit scheme, or any other government scheme related to the provision of our goods or services to you), exercise and defend our legal rights, prevent criminal or other unlawful activity whether immediate or in the future and to review and resolve complaints or disputes;

4.9 in connection with a merger, acquisition, organisational restructure, financing, sale of assets, bankruptcy or insolvency event;

4.10 consider your application for employment (if applicable); and

4.11 otherwise to manage our business generally, including (but not limited to) notifying medical defence organisations, our insurers, quality assurance and data processing and handling).

5. Disclosure of personal information

5.1 We disclose personal information in accordance with the Privacy Act.

Specifically, we disclose personal information for the purposes outlined in this Privacy Policy to:

5.1.1 our employees, contractors and group companies;
5.1.2 Government Sources, where we are providing you with a health service;
5.1.3 Cloud service providers; and
5.1.4 payment system operators (such as Shopify or Stripe);
5.1.5 to third parties, such as our service providers, IT support providers, our professional advisors and our marketing and social media partners; and
5.1.6 should a Partner form the professional opinion that you are at risk of imminent harm and where consistent with their professional and ethical obligations to do so, contact emergency services to request a welfare check or assistance.

We will not use or disclose your personal information for any other purpose unless you have consented to that use or disclosure or where we are required or authorised by law.

6. Protection of personal information

6.1 We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, as records on third party servers, which may be located overseas.

6.2 We maintain appropriate physical, procedural and technical security for our offices and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information. This also applies to disposal of the personal information.

6.3 We further protect personal information by restricting access to your personal information to only those who need access to the personal information to do their job. Physical, electronic and managerial procedures have been employed to safeguard the security and integrity of your personal information.

6.4 We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.

7. Direct marketing

7.1 Like most businesses, marketing is important to our ongoing success. We believe we have a unique range of products and services that we provide to customers at a high standard. Therefore we like to stay in touch with our customers and let them know about new opportunities.

7.2 From time to time, we may use or disclose to our third-party service providers your personal information to provide you with marketing materials that may be of interest to you, including marketing materials in relation to offers, specials, other products and services that we, our group companies, or affiliated business partners provide.

7.3 Except to the extent that our collection, use or disclosure is subject to clause 4.1(a), we will not collect, use or disclose your sensitive information for the purpose of direct marketing without your consent. You may opt out of receiving marketing communications from us at any time by following the opt out instructions provided in such marketing communications or by contacting our Privacy Officer. Where you receive marketing communications from us through multiple channels (eg, SMS and email), you will need to opt out from each of those channels by following the instructions provided in such marketing communications or by contacting our Privacy Officer.

7.4 Receiving marketing communications is not a condition of any purchase or service with us. However, you are solely responsible for all charges related to SMS/text/email messages you send, including charges from your wireless or internet provider. If your contact details change, you may need to subscribe with your new contact details to ensure you can still receive marketing communications.

8. Cookies

A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time. We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing the Website. This information will help to better adapt the Website to suit personal requirements. While cookies allow a computer to be identified, they do not permit any reference to a specific individual. For information on cookie settings of your internet browser, please refer to your browser’s manual.

9. Accessing and correcting your personal information

9.1 You may contact our Privacy Officer to request access to the personal information that we hold about you and/or to make corrections to that information, at any time. We may require you to verify your identity and specify what information you require. On the rare occasion when we refuse access, we will provide you with a written notice stating our reasons for refusing access. We may seek to recover from you reasonable costs incurred for providing you with access to any of the personal information about you held by us.

9.2 We are not obliged to correct any of your personal information if we do not agree that it requires correction and may refuse to do so. If we refuse a correction request, we will provide you with a written notice stating our reasons for refusal.

9.3 We will respond to all requests for access to, or correction of, your personal information within a reasonable time.

10. Overseas transfers of personal information

10.1 From time to time we may engage an overseas service provider to provide services to us, such as cloud-based storage solutions. By providing us with your personal information, you consent to your personal information being handled and stored overseas, including being stored on servers located in USA, Asia or Europe.

10.2 You acknowledge that Australian Privacy Principle 8.1 will not apply to such disclosures. For the avoidance of doubt, in the event that an overseas service provider breaches the APPs, that entity will not be bound by, and you will not be able seek redress under, the Privacy Act.

11. Resolving personal information concerns

If you have any questions, concerns or complaints about this Privacy Policy, or how we handle your personal information, please direct your enquiries to:

The Privacy Officer
Kite Therapy
Email: hello@kitetherapy.com.au

Your experience with Kite Therapy is important to us. We endeavour to respond to any complaint within a reasonable period.

If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:

Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001
Telephone: 1300 363 992 Email: enquiries@oaic.gov.au

12. Changes

We reserve the right to change the terms of this Privacy Policy from time to time, without notice. An up-to-date copy of our Privacy Policy is available on our Website and we encourage you to check our website periodically to make sure you are aware of our current Privacy Policy.

The last update to this document was October 2023.