Last updated: 29 December 2018
Curae’s commitment to maintaining your privacy
Curae Technology Pty Ltd is strongly committed to protecting the privacy of all individuals with whom it interacts or through who use its products and/or services. Curae collects personal information in order to conduct its business and to meet its legislative obligations. Organisationally it is bound by legislation in the management of matters relating to the privacy of personal information.
Curae is committed to treating the personal information we collect in accordance with the Australian Privacy Principles (APP) in the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (Reform Act). The APP provide a privacy protection framework that supports the rights and obligations of collecting, holding, using, accessing and correcting personal information.
We take the privacy and security of your information very seriously and we are committed to ensuring that we collect, use, disclose and store your information in accordance with applicable data protection and privacy laws.
Any reference to “Curae”, “we”, “us” and “our” refers to Curae Technology Pty Ltd and each of its related bodies corporate.
“Cookie Information” is information automatically collected about Website visitors by Cookies, as described further below. Cookie Information does not identify you personally, but could be combined with your device’s IP address to target communications to you based on what’s in such Cookie Information.
“GDPR” means the EU General Data Protection Regulation.
“Personal Information” is information that identifies or can be used to identify an individual, directly or indirectly, such as first and last name, date of birth, email address, physical address, telephone number, gender or other demographic information. In relation to Wearer’s, this information includes Wearer’s Information.”
“User” or “you” is a reference to a customer of Curae, a visitor to the Website or any other person whose information is held by Curae.
“Wearer” means the individual registered to wear the Curae S3 Personal Alarm Device.
“Wearer Information” means details of the Wearer’s nominated carer and/or healthcare practitioner, medication details, data generated through the Wearer’s use of the Curae S3 Personal Alarm Device (such as location data, physical activity such as falls, speed of movement, etc), alerts issued by the Curae S3 Personal Alarm Device and the general performance of the Curae S3 Personal Alarm Device.
“Website” means www.cuare.com.au and any other websites operated by Curae.
Personal Information we collect and how we collect It
You provide us with Personal Information when corresponding with us, buying our products, using our Websites, registering to use our products, or through a Wearer’s use of the Curae S3 Personal Alarm Device. This may include:
- when you transact with us online, over the phone or in person;
- when you visit and/or register to use one of our Websites or when you participate in discussion boards or other social media functions on our Websites; or
- when you contact us to request information or support in relation to Curae or our products (including about our brands, product quality, visiting our sites or employment opportunities).
If you buy a Curae S3 Personal Alarm Device, accessories or other products from us online, for example, we will require you to provide us with your name, address, phone number and credit card number so we can process and deliver your order to you.
Curae will also collect contact information for a Wearers list of carers to enable the use of the Curae S3 personal Alarm Device.
Curae also collects Wearer Information about the Wearer through a Wearer’s use of the Curae S3 Personal Alarm Device. The information collected in this way is described in the definition of Wearer Information above.
Cookies and collection of Cookie Information
- technical information such as your computer’s IP address, hardware type, browser type, device identifier and screen type/resolution;
- any search terms entered on our Website;
- general location data based on your device or IP address;
- any technical errors or exceptions; and
- information about your visit such as the products you viewed or searched for, the length of your visit, page load speed, and the pages that you visited.
Types of Cookies we use:
Strictly necessary: these Cookies are essential in order to enable us to provide you with the core features of our Website (such as online purchasing, shopping carts, fraud prevention, and system administration). Curae does not require your consent for Cookies that are strictly necessary.
Analytics and Performance related: these Cookies collect anonymous information on how people use our Websites. For example, we use Google Analytics to help us understand how Users arrive at our Websites, browse or use our Websites. The data stored by these Cookies never shows Personal Information from which your individual identity can be established.
Functionality related: these Cookies remember things such as whether you are a new visitor to our Website, the country you visited our Website from, language preferences and search parameters. The information these Cookies collect may be anonymised and they cannot track your browsing activity on other sites.
Targeting or advertising related: these Cookies collect information about your browsing habits, both on our Website and other websites, in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. These technologies are usually placed by third party advertising networks. They remember the sites you visit and that information is shared with other parties such as advertisers.
Social Media related: these technologies allow you to share content from our Websites on social media such as Facebook and Twitter. These technologies are not within our control. Please refer to the respective privacy policies of the social media providers for how their technologies work.
How Curae uses my information
Curae uses your Personal Information and Cookie Information as required to conduct our business and pursue our legitimate business interests, by:
- fulfilling a contract we may have with you, such as where you make a purchase from us;
- if you are a Wearer, managing, monitoring and improving a Wearer’s use of the Curae S3 Personal Alarm Device
- administering and keeping our Websites secure;
- sending you relevant direct marketing, where we do not need your consent;
- allowing you to participate in interactive features of our Websites;
- responding to any comments or complaints you send us;
- in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation); and
- making suggestions and recommendations to you and other Users about products that may interest you or them.
Other than as set out above, we will not use your information to carry out electronic marketing unless we have your consent. If you receive electronic communications from us, we will always provide you with an opportunity to unsubscribe from receiving further information from us by clicking on the unsubscribe link provided in the communication.
If information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, it is no longer considered Personal Information and Curae may use or disclose such information for any purpose.
Disclosure of information
At times, we may disclose your Personal Information and Cookie Information to third parties for the following purposes:
Suppliers and agents: Curae may employ other businesses, certain services and individuals to perform functions on our behalf. Examples include payment servers, wireless carriers, system analysis providers, storing data and data storage providers and providing support to our operations. They may have access to some personally identifiable information needed to perform their functions;
Company reorganization: to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
Where necessary or appropriate:
(a) under applicable law, including laws outside your country of residence;
(b) to comply with legal process;
(c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence;
(d) to enforce our terms and conditions;
(e) to protect our operations or those of any of our affiliates;
(f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
Wearer Information is specifically disclosed to Curae’s health monitoring services partners, Rechenbeg and Navigil. Monitoring is disclosed on our Website, in order that such partners can provide health monitoring services in relation to your Curae S3 Personal Alarm Device. Rechenberg and Navigil are recognized provider of health monitoring services and are subject to strict data control obligations to Curae in relation to such information.
Wearer Information is disclosed to the Wearer’s carer, and/or healthcare professional, or relevant emergency services (where necessary) as described in the Curae S3 Personal Alarm Device Product Information. Otherwise, Wearer Information will only be disclosed to other third parties, without the Wearer’s consent, in very limited circumstances (such as where Curae is required by law or in the event of a threat to a Wearer’s life or health).
Curae will not otherwise disclose your Personal Information to a third party unless we have your consent.
Storage and Security of Personal Information
Curae takes all reasonable steps to ensure the security of our system and to protect your information from misuse, interference and loss as well as unauthorised access, modification or disclosure.
Your information is stored on high-security servers located in Australia and Finland and is protected in accordance with Australian and EU GDPR legislation and regulations. We carefully select our data storage partners based primarily on their level of security, reliability and experience in the storage and treatment of data, including Personal Information.
In the event of a data breach, Curae is committed to complying in all respects with the requirements of all relevant privacy laws, including, where required, the provisions of the Australian Privacy Law and the European GDPR.
The transmission of information via the internet is not completely secure. Though Curae does encrypt all information it transmits via the internet, Curae cannot guarantee the security of Personal Information transmitted; and any transmission is at your own risk.
International Data Transfers
Curae may transfer your Personal Information and Cookie Information to countries other than the one in which you live. Personal Information and Cookie Information collected by Curae is stored in servers located in Australia.
If Curae transfers Personal Information or Cookie Information originating from the European Union to Australia or other countries not deemed adequate under European Union data protection laws, Curae ensures such transfer is compliant with the European Union Model Clauses set out in the GDPR, also known as Standard Contractual Clauses, to meet the adequacy and security requirements of the European Union.
Curae also ensures that any third party it uses to store or process information (generally referred to as “data controllers” under the GDPR) is compliant with GDPR and requires evidence of compliance with the Standard Contractual Clauses from each data processor it uses.
Your rights in relation to your information
You have the right to:
- ask us for a copy of the Personal Information we hold about you;
- ask us to correct, delete or restrict processing of your Personal Information;
- ask us to transmit your data to another party;
- object to the processing of your Personal Information in certain circumstances (in particular, where we don’t have to process the information to meet a contractual or other legal requirement, or where we are using the information for direct marketing or profiling).
These rights may be limited if, for example, fulfilling your request would reveal Personal Information about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.
To exercise any of these rights, you can get in touch with us using the details set out below.
Where we collect information from customers or for marketing purposes, we process the information and Curae will retain the Personal Information collected from you until you ask us to stop / delete such information. and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to either send you direct marketing or to process your information indefinitely, so that we can respect your request in future.
If you ask us to delete your Personal Information at any time, be aware that Curae cannot guarantee that it will be able to delete such information from back-ups or caches of our databases due to the complexity of such a process, however we will ensure that we do not actively access such data.
Identifying the Data Controller
If you are a resident of the European Union, the law differentiates between the “controller” and “processor” of information.
In general, for customers and other Users based in the European Union, Curae Technologies Pty Ltd, is the data controller of Personal Information.
Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business.
Further information on privacy
Further general information about your privacy rights and privacy law from the Office of the Australian Information Commissioner can be obtained by:
- calling their Privacy Hotline on 1300 363 992
- visiting their web site at www.oaic.gov.au
- writing to: The Australian Information Commissioner, GPO Box 5218, Sydney NSW 2000