1.2 SMG Health is committed to complying with relevant laws in Australia and NZ i.e the Privacy Act 1988 and the Australian Privacy Principles (APPs) (for Australia), the Privacy Act 1993 and the privacy Codes of Practice ( CoPs) (for New Zealand), collectively referred to as the Applicable Regulations, in relation to personal information it collects. This commitment is demonstrated in this Privacy Policy.

1.3 Personal information held by SMG Health will be treated in accordance with the Applicable Regulations.

1.4 This Policy also sets out the broad controls which SMG Health has adopted to govern the way it uses personal information, the circumstances in which it might disclose personal information to third parties, how persons can access their personal information held by SMG Health and what they can do if they are unhappy with SMG Health’s treatment of their personal information.

3.2 This Policy does not apply to acts and practices which relate directly to the employee records of SMG Health’s current and former employees. SMG Health has a separate employee Privacy Policy.

4.2 SMG Health may use this information for its own purposes and commercial gain.

(a) use of appropriate encryption, password, and other protections for information held electronically;
(b) only providing necessary personnel access to personal information;
(c) regularly providing staff training on privacy issues;
(d) implementing various procedures to assist employees in alerting customers to potential privacy issues before personal information is collected;
(e) regularly reviewing its privacy compliance; and
(f) appointing privacy officers within SMG Health organisations to monitor privacy compliance.

5.2 The personal information collected by SMG Health is stored in a variety of ways in order to most effectively provide products and services. Storage methods include:

(a) paper files;
(b) on public or private clouds administered by third parties;
(c) in servers used by other SMG Health entities;

5.3 In some cases personal information will be stored exclusively in the country of origin in order to comply with customer or other requirements.

5.4 SMG Health will take all reasonable steps to ensure that all personal information held by SMG Health is secure from any unauthorised access or disclosure. However, SMG Health does not guarantee that personal information cannot be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur. However appropriate anti-hacking software and other internal procedures mentioned in this document minimize such occurrences.

5.5 SMG Health will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed.

5.6 You may ask us to use a pseudonym or remain anonymous when providing personal information to us. However, by withholding personal information or using a pseudonym we may not be able to provide a service or part of a service to you, or you may not be able to optimally participate in our programs.

6.2 SMG Health may collect and hold personal information such as:

(a) contact, identification and demographic details (for example, names, street addresses, postal addresses, telephone numbers, email addresses, date and place of birth, next of kin details, emergency contact numbers, occupation, gender, language, nationality); and
(b) sensitive information which includes health information.

7.2 The sensitive information SMG Health may collect and hold about an individual may include:

(a) health and medical information;
(b) information regarding racial origins, ethnic origins, or other sensitive information relevant to health risk factors.

9.2 Personal information may also be used or disclosed by SMG Health for secondary purposes which are within the individual’s reasonable expectations and which are related to the primary purpose of collection.

9.3 SMG Health collects personal information to assist it in providing the client with their chosen product or service. The following are some reasons why SMG Health collects personal information for some of its products and services:

(a) Corporate wellness programs – to assist customers’ employees to implement healthy habits for sustainable behavioural change;
(b) Health assessments – to provide health screening assessments for individuals;
(c) Online wellness – to assist an individual in assessing their health risks and goals;
(d) Smoking cessation – for individuals to take responsibility for and overcome their addition to tobacco;
(e) Flu Vaccination – to reduce the risk in an individual contracting influenza;
(f) Weight management – to provide weight management solutions;
(g) Trouble-shooting reported problems, education and other support for SMG Health’s diagnostic and laboratory tests;
(h) Other health products and services – products and services designed to assist the individual with wellbeing solutions.

9.4 SMG Health holds personal information for the primary purpose for which it was collected.

9.5 SMG Health respects the individual’s privacy concerns when personal information is disclosed and will take reasonable steps to keep it strictly confidential.

9.6 SMG Health will disclose personal information to third parties if it is necessary to perform a service for which the primary purpose of the information was collected, or for a related secondary purpose, if the disclosure could be reasonably expected. For example, SMG Health may share personal information with suppliers and other parties to allow delivery of the product or service. Where such a disclosure is necessary, SMG Health will take reasonable steps to ensure the third party treats the personal information in accordance with the Applicable Regulations.

9.7 SMG Health may use personal information to send newsletters, to inform individuals about special offers or events, or for marketing purposes. Individuals can choose not to receive such communications.

9.8 SMG Health may also buy, sell, merge or restructure its business or assets and personal information may be transferred as part of that change.

9.9. Otherwise, SMG Health will only disclose personal information to third parties without the relevant individual’s consent if the disclosure is permitted by Applicable Regulations.

10.2 SMG Health uses cookies to:

(a) maximize the efficiency of a web site visit by delivering customised content and advertising;
(b) gauge the effectiveness of the site’s customised marketing materials; and
(c) investigate or take action regarding any unlawful activities.

10.3 SMG Health does not use cookies to collect personally identifiable information about a person. However, a person can choose to reject or block the cookies set by SMG Health by changing the browser settings. Please note that most browsers automatically accept cookies. To ensure cookies are not used, the user needs to actively delete or block the cookies.

Address: Level 7, 179 Queen St Melbourne VIC

Telephone number: 1300 657 644

Contact person: Privacy Officer

Email address: info@smghealth.com.au

11.2 SMG Health will generally grant a person access to their personal information as soon as possible. There may be certain circumstances where it is not possible to provide access, (for example providing access would have an unreasonable impact on the privacy of another person), and in such cases SMG Health will provide an explanation as to why it is not possible to provide access.

11.3 SMG Health may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.

12.2 This Policy is effective from July 8^th 2015