CareMonitor Privacy Policy

In this Privacy Policy, 'us' 'we' or 'our' means Caremonitor Pty Ltd (ABN 50 616 417 728). We are committed to respecting your privacy. Our Privacy Policy sets out how we collect, use, store and disclose your personal information.

We are bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth), and we also take into account applicable privacy and data protection laws in other jurisdictions in which we operate, including the New Zealand Privacy Act 2020 and, where relevant, the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We collect, use and disclose personal information as described in this Privacy Policy and in accordance with applicable privacy and data protection laws. Depending on the circumstances, our processing may be based on consent, contractual necessity, legitimate interests, legal obligations, or other lawful grounds permitted by applicable law. We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy. 

Our Role

CareMonitor provides technology services to healthcare organisations. In many cases, healthcare organisations determine the purposes for which patient information is collected and used, while CareMonitor provides and supports the technology platform used to deliver services. Depending on the circumstances, CareMonitor may process personal information on behalf of healthcare organisations and may also collect and use personal information for its own business operations, such as website enquiries, events, customer support and professional communications.

What is Personal Information

Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include financial information, including payment and billing information where required in connection with the provision of our services. We may also collect sensitive information, including health information, where required to support healthcare services delivered through the CareMonitor platform.

Who We Collect Personal Information From

CareMonitor collects personal information from the following groups of individuals:

  • Health Care Professionals: who may be medical practitioners, allied health practitioners, managers and administrative staff of GP Practices, employees of government health bodies, and other members of the health services community; 

  • Patients; and 

  • Other Individuals: who are not users of the CareMonitor system but who interact with CareMonitor in the course of our business. 

This includes business contact details of individuals we engage with in a professional capacity, including employees of healthcare providers, government organisations and industry partners.

We may collect personal information from individuals in connection with more than one of the above categories, depending on how you interact with us, and our products and services. We have provided specific guidance as to how we collect, use, and disclose personal information for each of these categories. General terms that apply to all categories are set out at the bottom of this policy. We recommend you review this policy in full to understand how and why your personal information may be collected, used, and disclosed. 

Health Care Professionals

CareMonitor SaaS is used by Health Care Professionals to manage the healthcare of patients via the CareMonitor App. When you enquire about CareMonitor SaaS, create an account, or otherwise interact with CareMonitor SaaS we may collect personal information from you. 

What personal information do we collect from Health Care Professionals?

We may collect the following types of personal information from Health Care Professionals: 

  • name; 

  • mailing or street address; 

  • email address; 

  • telephone number and other contact details; 

  • employer and employment details; 

  • provider number; 

  • login times and locations, and information on which parts of CareMonitor you have accessed and when; 

  • device, connection and usage information, including device type, IP address, log information and other technical data relating to your use of our services; 

  • details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries; 

  • information you provide directly to us or through your use of our website, applications and services; 

  • information you provide to us through customer surveys; or 

  • any other personal information that may be required in order to facilitate your dealings with us. 

We may collect these types of personal information either directly from you, or from third parties. We may also receive personal information from third parties, including event organisers, where you have provided your details in connection with an event or requested follow-up from exhibitors. We may collect this information when you: 

  • enquire about or sign up for CareMonitor’s products or services; 

  • create an account in CareMonitor SaaS; 

  • interact with or use CareMonitor SaaS; 

  • attend or engage with us at conferences, events or exhibitions, including where your details are provided by event organisers;

  • communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites; or 

  • interact with our website, services or content.

Why do we collect, use and disclose personal information of Health Care Professionals?

We may collect, hold, use and disclose your personal information for the following purposes: 

  • to enable you to access and use our services (including CareMonitor SaaS) and website; 

  • to operate, protect, improve and optimise our services, website, app, business, and our users’ experience, including analytics, research, service improvement and communications relating to our services; 

  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you; 

  • to send you communications related to CareMonitor’s services or relevant industry information connected to digital healthcare delivery; 

  • to administer surveys, events or engagement activities relevant to our services; and 

  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties. 

To whom do we disclose personal information of Health Care Professionals?

We may disclose personal information for the purposes described in this privacy policy to: 

  • our employees and related bodies corporate; 

  • third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you); 

  • professional advisers and agents; 

  • payment systems operators (eg merchants receiving card payments); 

  • our existing or potential agents, implementation partners and subcontractors engaged to support the delivery, operation or improvement of CareMonitor services; 

  • specific third parties authorised by you to receive information held by us; and/or 

  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law. 

Patients

The CareMonitor system is used to manage the healthcare of patients via the CareMonitor App. When you create an account or otherwise interact with the CareMonitor App we may collect personal information from you, including sensitive health information. We may also collect information about you from Health Care Professionals or health care providers involved in your treatment. 

Patients should also refer to the privacy information provided by their healthcare provider, which may contain additional information about how their personal information is collected, used and disclosed.

What personal information do we collect from Patients?

We may collect the following types of personal information: 

  • name; 

  • mailing or street address; 

  • email address; 

  • telephone number and other contact details; 

  • age or date of birth; 

  • government healthcare identifiers (such as Medicare, NHS or equivalent identifiers);

  • private health insurance details; 

  • health information such as clinical conditions, health metrics, medications, and treatment plans; 

  • login times and locations, and information on which parts of CareMonitor you have accessed and when; 

  • device, connection and usage information, including device type, IP address, log information and other technical data relating to your use of our services; 

  • details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries; 

  • information you provide directly to us or through your use of our website, applications and services; 

  • information you provide to us through customer surveys; or 

  • any other personal information that may be required in order to facilitate your dealings with us. 

We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you: 

  • create an account in the CareMonitor App; 

  • interact with the CareMonitor App or with our other products or services; 

  • communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites; or 

  • interact with our websites, services or content. 

We may receive personal information about you from your Health Care Professionals, healthcare providers or organisations involved in your care where authorised by them, permitted by law, or necessary to provide the services being delivered through the CareMonitor platform.

Why do we collect, use and disclose personal information of Patients?

We may collect, hold, use and disclose your personal information for the following purposes: 

  • to enable you to access and use our services, website, and app; 

  • to assist you and your Health Care Providers to better co-ordinate your health care; 

  • to operate, protect, improve and optimise our services, website and app, including analytics and service improvement activities;

  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you; 

  • to support healthcare providers in delivering, coordinating and monitoring care services;

  • to administer surveys or feedback activities where appropriate and in connection with the services being provided; and 

  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties. 

To whom do we disclose personal information of Patients?

We may disclose personal information for the purposes described in this privacy policy to: 

  • our employees and related bodies corporate; 

  • Health Care Professionals involved in your care; 

  • third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you); 

  • professional advisers, dealers and agents; 

  • payment systems operators (eg merchants receiving card payments); 

  • our existing or potential agents, service providers, implementation partners and subcontractors engaged to support the delivery, operation or improvement of CareMonitor services; 

  • specific third parties authorised by you to receive information held by us; and/or 

  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law. 

Other Individuals 

We may collect personal information from you when you interact with our business other than via the use of, or in relation to, CareMonitor SaaS or the CareMonitor App. 

What personal information do we collect from Other Individuals?

We may collect the following types of personal information: 

  • name; 

  • mailing or street address; 

  • email address; 

  • telephone number and other contact details; 

  • device, connection and usage information, including device type, IP address, log information and other technical data relating to your use of our services; 

  • details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries; 

  • information you provide directly to us or through your use of our website, applications and services; 

  • information you provide to us through customer surveys; or 

  • any other personal information that may be required in order to facilitate your dealings with us. 

We may collect these types of personal information either directly from you, or from third parties. We may also receive personal information from third parties, including event organisers, where you have provided your details in connection with an event or requested follow-up from exhibitors.

We may collect this information when you: 

  • sign up for any of our products or services; 

  • communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites; 

  • attend or engage with us at conferences, events or exhibitions, including where your details are provided by event organisers;

  • interact with our websites, services or content; or

  • invest in our business or enquire as to a potential purchase in our business. 

In addition, when you apply for a job or position with us we may collect certain information from you (including your name, contact details, working history and relevant records checks) from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. This Privacy Policy does not apply to acts and practices in relation to employee records of our current and former employees, which are exempt from the Privacy Act (1988). 

Why do we collect, use and disclose personal information of Other Individuals?

We may collect, hold, use and disclose your personal information for the following purposes: 

  • to enable you to access and use our services, website, and app; 

  • to operate, protect, improve and optimise our services, website and app, business and our users’ experience, such as to perform analytics, conduct research and for service improvement, analytics and communications relating to our services; 

  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you; 

  • to send you marketing and other communications relevant to CareMonitor’s services and your professional role;

  • to administer surveys, events or engagement activities relevant to our services; 

  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and 

  • to consider your employment application. 

To whom do we disclose personal information of Other Individuals?

We may disclose personal information for the purposes described in this privacy policy to: 

  • our employees and related bodies corporate; 

  • third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you); 

  • professional advisers, dealers and agents; 

  • payment systems operators (eg merchants receiving card payments); 

  • our existing or potential agents, service providers, implementation partners and subcontractors engaged to support the delivery, operation or improvement of CareMonitor services; 

  • specific third parties authorised by you to receive information held by us; and/or 

  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law. 

General Privacy Terms

Deidentifying Data

You agree that we may compile and deidentify data that we hold (including personal information) and may use such deidentified data for analytics, service improvement, product development, reporting and research purposes, provided individuals are not reasonably identifiable.  

Do we use your personal information for direct marketing?

CareMonitor’s marketing activities are primarily directed to healthcare organisations, healthcare professionals and industry stakeholders. We do not use patient health information for marketing purposes and do not sell, rent or provide personal information to third parties for their own marketing purposes.

We may contact you about CareMonitor services, events, industry updates or other information relevant to your professional role where permitted by applicable law. Where required, we will obtain consent before sending electronic marketing communications.

Marketing communications will identify CareMonitor as the sender and include a simple way to opt out at any time.

Disclosure of personal information outside Australia

CareMonitor is based in Australia and may store or process personal information in Australia and other jurisdictions where our service providers operate.

Where we collect personal information from individuals located outside Australia, including in the United Kingdom and New Zealand, we ensure that such information is handled securely and in accordance with applicable data protection laws. Where personal information is transferred internationally, we implement appropriate contractual, technical and organisational safeguards designed to protect that information in accordance with applicable laws, including where appropriate, contractual protections with service providers handling personal information on our behalf.

Using our website and cookies

We may collect personal information about you when you use and access our website (as opposed to when you use the CareMonitor system, which is covered in more detail in the relevant category descriptions above). 

We use cookies and similar technologies to operate our website, analyse usage and to support our communications and service improvement activities. This includes the use of third-party platforms such as Google Analytics and HubSpot.

For individuals located in the United Kingdom, we will obtain your consent before placing non-essential cookies on your device, in accordance with the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) and UK GDPR. Non-essential cookies include analytics, performance and marketing cookies.

For individuals located in Australia and New Zealand, cookies are used in accordance with applicable privacy laws. Where cookies collect personal information, we provide transparency about their use and purpose.

You will be provided with clear information about the cookies we use, including their purpose, and where required, the ability to accept or reject non-essential cookies before they are activated.

While we do not use general website browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer. 

You can disable cookies through your internet browser, but our websites may not work as intended for you if you do so. 

We may also use cookies both via our website and services delivered via the website (including CareMonitor SaaS) to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act (1988). We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy. 

You can manage or withdraw your cookie preferences at any time through available cookie settings or your browser controls.

Where required by applicable law, analytics and marketing technologies are only activated after consent has been obtained.

Data Retention, Protection, Privacy and Security

We may hold your personal information in electronic form. We also collect health-related data from wearable devices for certain features of our applications. These health-related data can be collected from Google Fit, Withings, and Apple Health. Where enabled as part of a healthcare service, data from connected devices may be used to support monitoring, care coordination, clinical workflows, service delivery and related communications.

We take reasonable steps to protect your personal information and health-related data from misuse, interference, and loss, as well as unauthorised access, modification, or disclosure. We use physical, administrative and technical safeguards to protect personal information from misuse, loss and unauthorised access, modification or disclosure. CareMonitor maintains ISO 27001 certification. However, we cannot guarantee the security of your personal information if it is found to be compromised due to factors beyond control, such as unauthorised access by malicious third parties or unforeseen cybersecurity breaches caused by users and/or suppliers.  

Data Deletion

Individuals may request deletion of personal information where permitted by applicable law by contacting our Privacy Officer using the details set out in the Contact Us section below. Requests will be assessed in accordance with our legal, contractual and regulatory obligations, including requirements to retain certain records. Where deletion is appropriate, we will securely remove or deidentify the information.

Notifiable data breaches 

We are subject to applicable data breach notification requirements under the Privacy Act 1988 (Cth), and we also take into account relevant obligations in other jurisdictions in which we operate, including the New Zealand Privacy Act 2020 and, where applicable, the UK GDPR and Data Protection Act 2018.

In the event of a data breach involving personal information where notification is required, we will notify affected individuals and relevant regulators in accordance with applicable laws.

Third Party Links

Our website may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Accessing or correcting your personal information

You can access the personal information we hold about you by contacting us using the information below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information. 

If you think that any personal information, we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected. 

Making a complaint

If you believe we have not handled your personal information in accordance with applicable privacy or data protection laws, you may contact us using the details below.

Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable timeframe. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take. 

International Users

CareMonitor operates in multiple jurisdictions, including Australia, New Zealand and the United Kingdom. We handle personal information in accordance with applicable privacy and data protection laws in the jurisdictions in which we operate.

Contact Us

For further information about our Privacy Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below: 

Privacy Officer 

Level 4, 141 Walker Street, North Sydney, NSW 2060 

privacy@caremonitor.com.au

+61 (02) 8074 4868 

Last Updated: 1 June 2026