3. What kinds of personal information do we collect and hold?
The type of personal information we collect depends on the circumstances of its collection and the nature of your dealings with us.
If you are a Platform User or Patient, this information may include:
(a) your name, address, and contact details including email address and telephone number;
(b) date of procedure;
(c) whether a return patient;
(d) whether consent provided for the procedure, data collection and follow up contact;
(e) referring clinician; andinformation contained in any communications between you and us.
If you are an individual acting on behalf of a Platform User, we may collect your name and work contact details, such as your work email address, phone number and physical address.
If you are a prospective employee or independent contractor applying to work with Mobius, we may collect the following information:
(a) your name, address and contact details;
(b) business registration details, such as your Australian Business Number;
(c) your employment details and qualifications; and
(d) information you provide to us as part of the recruitment process.
For general users, we may collect information when you use our website. This may include information:
(a) provided in communications we have with you; and
(b) about your access and use of our platform, including browser session data, device and network information, statistics on page views, acquisition sources, search queries, browsing behaviour and information gathered through internet cookies.
If you choose not to provide information as requested, it may not be practicable for us to service your needs. For example, it will not be possible for you to create an account if you want to remain anonymous or use a pseudonym. We sometimes receive unsolicited personal information. In circumstances where we receive unsolicited personal information we will usually destroy or de-identify the information as soon as practicable if it is lawful and reasonable to do so unless the unsolicited personal information is reasonably necessary for, or directly related to, our functions or activities.
4. Why do we collect your personal information?
We collect your personal information primarily to provide you with our services and enable your use of our platform. Some ways we use your personal information are:
(a) for the purpose for which the personal information was originally collected, including tracking Patients post procedure to assist Platform Users to identify and action any follow up care and support;
(b) to identify and interact with you;
(c) to perform administrative and operational functions;
(d) to comply with any legal requirements, including any purpose authorised or required by an Australian law, court or tribunal; and
(e) for any other purpose for which you give your consent.
In relation to the personal information of contractors or prospective staff members seeking employment at Mobius, we collect personal information for purposes including to:
(a) enable us to carry out our recruitment functions;
(b) correspond with you;
(c) fulfil the terms of any contractual relationship; and
(d) ensure that you can perform your duties.
5. How do we collect your information?
You give it to us
We collect personal information directly from you when you:
(a) use our services;
(b) set up an account with us;
(c) interact or share personal information with us via our platforms, text messages and social media; and
(d) communicate with us
We collect it
We may also collect your personal information from third parties including:
(a) Platform Users;
(b) service providers;
(c) referrals who may have referred you to us; and
(d) organisations with whom we have an agreement to share information with.
We will generally obtain consent from the owner of personal information to collect their personal information. Consent will usually be provided in writing; however, sometimes it may be provided orally or may be implied through a person’s conduct. We endeavour to only ask for your personal information if it is reasonably necessary for the activities that you are seeking to be involved in.
6. Disclosing your personal information
We may disclose your personal information to the following third parties:
(a) to our business or commercial partners, including the owners of any app or platform for which you have subscribed through us or in connection with us;
(b) to our professional advisers, dealers and agents;
(c) third parties and contractors who provide services to us, including customer enquiries and support services, IT service providers, data storage, web-hosting and server providers, marketing and advertising organisations, payment processing service providers;
(d) third parties to collect and process data, such as Google Analytics;
(e) and organisations with whom we have an agreement to share information with.
We may also disclose your personal information if we are required, authorised or permitted by law.We may send or transfer information to third parties that are located overseas. These third parties are located in the United States of America although this list may change from time to time. Disclosure is made to the extent that it is necessary to perform our functions or activities.
7. Using your personal information for direct marketing
Platform Users
From time to time, and in support of our future development and growth, we may use personal information collected from Platform Users to contact you to promote and market our products and services.
You can opt-out from being contacted for direct marketing purposes by contacting us at zachary@mobius.xyz or by using the unsubscribe facility included in each direct marketing communication we send.
Once we receive a request to opt out from receiving marketing information, we will stop sending such information within a reasonable amount of time.
Patient
For the avoidance of doubt, personal information collected from a Patient will not be used for any direct marketing or promotion of our product and services to a Patient.
8. Security
We take all reasonable steps to protect personal information under our control from misuse, interference and loss and from unauthorised access, modification or disclosure.
We hold your personal information electronically in secure databases operated by our third-party service providers.
We protect the personal information we hold through enterprise level security including encryption at rest and in transmission, ISO27001 compliant database, 2FA, Soc-2 compliance and TLS security on all emails.
While we take reasonable steps to ensure your personal information is protected from loss, misuse and unauthorised access, modification or disclosure, security measures over the internet can never be guaranteed.
9. Accessing or correcting your personal information
If you would like to access your personal information, please contact us using the details below.
In certain circumstances, we may not be able to give you access to your personal information in which case we will write to you to explain why we cannot comply with your request.
We try to ensure any personal information we hold about you is accurate, up-to-date, complete and relevant.
If you believe the personal information we hold about you should be updated, please contact us using the details below and we will take reasonable steps to ensure it is corrected if appropriate.
10. Destroying or de-identifying personal information
We destroy or de-identify personal information when we no longer need it, unless we are otherwise required or authorised by law to retain the information.
11. Making a complaint
If you believe your privacy has been breached or you have a complaint about our handling of your personal information, please contact us using the details below.
We take privacy complaints seriously.
If you make a complaint, we aim to respond within 5 business days to acknowledge your complaint.
We will try to resolve your complaint within 30 days. When this is not reasonably possible, we will contact you within that time to let you know how long we will take to resolve your complaint.
We will investigate your complaint and write to you to explain our decision as soon as practicable.If you are not satisfied with our decision, you can refer your complaint to the Office of the Australian Information Commissioner by phone on 1300 363 992 or online at www.oaic.gov.au.
12. Changes
We may, from time to time, amend this Policy. Any changes to this Policy will be effective immediately upon the posting of the revised Policy on our website. By continuing to use the services following any changes, you will be deemed to have agreed to such changes.
13. Contact us
All questions or queries about this Policy and complaints should be directed to:
Privacy Officer
Email: zachary@mobius.xyz
This Policy was last updated in April 2021.
