We are committed to the privacy and security of our user’s personal information and data. We collect, use, disclose and store your data in accordance with data collection and privacy laws. We may review this policy from time to time, and any updates will be made visible here at https://peptalkr.com.au/privacy-policy/.
- ‘PepTalkr’, ‘we’, ‘us’ and ‘our’ refers to us – The PepTalkr software application and services, and the entity behind it – ABN 53 691 258 388
- ‘Services’ refers to any of the functionality and assistance provided as part of the PepTalkr application.
- ‘Practice’ refers to the health clinic you have authorised us to service.
- ‘Patient’ refers to any person who has visited your Practice and may have their Personal Information stored within your Practice.
- ‘Personal Information’ refers to any information that can identify an individual such as full name, date of birth, email address, telephone number, gender or other similar information.
- ‘Patient Information’ refers to any Personal Information and other information about Patients of your Practice such as treatment notes, appointment history, electronic medical records and other similar information.
- ‘User’, ‘you’ and ‘your’ refers to you – a customer of PepTalkr.
1. Personal data we collect and how we use it
We collect personal data in two ways, directly and indirectly.
1.1 Personal data we collect directly
We collect data directly from you when you use any of the forms on our website, input data into fields within our application, use chat or customer service features, email us directly, engage with us on social media or call us.
Data we collect includes things such as your full name, date of birth, phone number, email address, business information and things such as API Keys and DNS information.
All data we collect directly is used to provide our services to you and set up your PepTalkr account. Your data may be used to provide help, technical support or customer service and to tailor our products and marketing to you.
1.2 Personal data we collect indirectly
There are a few ways in which we collect data indirectly which is necessary for the provision of our services:
- From Cliniko’s API: PepTalkr connects to Cliniko’s API and retrieves data which includes thing such as patient names, genders, dates of birth, residential addresses, phone numbers, email addresses, treatment notes, appointment dates, appointment types, treating practitioners and other similar information. We use and process this information to provide the Services in accordance with your instructions.
- Personal data we process on your behalf: In order to send an email campaign or use certain features in your PepTalkr, you may upload a Mailing List that provides us with information about your Contacts, such as their names and email addresses. We use and process this information to provide the Services in accordance with your instructions.
- From your Patients: If a patient uses the PepTalkr digital patient intake forms we collect all data supplied by the patient including their personal information and pass it into Cliniko. We erase this data from the servers of our third-party data management provider immediately following successful delivery into Cliniko. Backups and logs of this data are anonymised within 35 days, and erased within 90 days. If the data fails to sync into Cliniko, we are notified and may access this data to provide technical support or repair the process which caused the failure to sync. The data will be erased by us as soon as the problem is resolved.
- From Tracking Technology & Cookies: as outlined in section 4.
- Transaction data: We store data relating to your Subscription, payment dates, renewal dates and more.
2. Sharing your data
We never share data with people or companies unrelated to the service we provide. Details of the circumstances surrounding how we share your Personal Information and Patient Information is detailed below:
2.1 to our contractors, service providers and other third parties who provide data processing services to us and with whom the sharing of your Personal Information is necessary to undertake the work e.g. to process billing, to analyse data, host data, to provide customer support and to deliver online and offline marketing communications about us.
2.2 to enforce our rights arising from any contracts entered between you and us and for billing and collection.
2.3 to a buyer or other successor in the event of a merger, sale or transfer of some or all of PepTalkr’s assets.
We take your data security very seriously, and act as custodians of your data. We take various measures to ensure the safety and security of your Personal Information and Patient Information.
3.1 Data erasure
Your data belongs to you. As such, we delete all traces of your Patient Information within 90 days of account cancellation. We may store some of your Personal Information for longer, unless you request erasure of this.
3.2 Data Encryption
All data sent between us and the platforms we interact with to provide our service to you is encrypted using HTTPS. However, we acknowledge that all Information transmitted via the internet is susceptible to a data breach. By using our Services, transmission of your Information is at your own risk.
3.3 Data Breaches
If there is a data breach and we find that your Personal Information and Patient Information is directly at risk, we will notify you within 7 days of discovering the risk to your data. We will make it clear what information is/was at risk, what action we have taken to rectify the issue.
4. Cookies & Tracking Technologies
We (and our partners and vendors) use various tracking technologies (such as cookies and similar technologies like pixels) to collect and store information when you use the Services. For example, cookies allow us to collect information such as your IP address, browser, email client type and other similar details. We use this information to measure the performance of our application and to provide analytics information and enhance the effectiveness of our Services. Specific tracking technologies we currently have in place include:
4.1 Google Analytics
Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.
We use a Facebook advertising pixel on our website. This allows user behaviour to be tracked after they have been redirected to our website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
4.3 Google Ads
We use Google Ads. Each Google Ads customer receives a different conversion cookie. information collected by the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive any information that personally identifies users.
5. Data Retention, Correction and Erasure
You can, at any time, request to access, correct or erase your Personal Information and Patient Information. Please email [email protected] for further information.