top of page

Privacy Policy

We are bound by the Privacy Act 1988 (Cth) (“Act”) and the thirteen Australian Privacy Principles (“APPs”).

This Privacy Policy describes how we manage your personal information. It applies to all personal information collected by or on behalf of Ella Health Pty Ltd ACN 664 157 073 and/or Bryden Healthcare Pty Ltd ACN 657 445 844 (“we”, “us”, “our”, “Ella”) via the website located at ellahealth.co and the app ‘Ella’ (together “the Platform”).

Core Privacy Values at Ella Health

  • Ownership Lies with You – The personal; information we gather from you is yours. You have the ability to view, download, or erase your details at any time. To discontinue sharing your data for service enhancement, reach out to us at hello@ellahealth.co
     

  • Security First – Our focus is to collect only the indispensable details to offer meaningful services. Your data’s security is fundamental in all our operational decisions.

Personal information we collect and hold

We collect and hold personal information which enables us to deliver our Platform. 

The types of information that we may collect from clients and prospective clients include:

  • name and contact details (including your email address and phone number);

  • age, date of birth and gender;

  • financial data (including billing and payment details, bank account and/or payment card details through our third party payment processor);

  • health information (such as information about your reported pelvic pain symptoms and diagnosis; health information collected through questionnaires; other health information you share on our Platform);

  • profile and Platform usage (including your username and password; profile picture; support requests; content and information that you post, send receive and share; your interests, preferences, feedback and survey responses; search queries and browsing behaviour; information you provide when you participate in any interactive features such as surveys, promotions, activities or events; and your other communications with our Platform);

  • purchases and orders (including details about payments to you from us and from you to us and other details of services you have purchased from us or we have purchased from you); and

  • technical data (including internet protocol (IP) address, your login data, your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider).

From other persons, we collect different types of personal information.

From our employees, for example, we collect personal information relevant to their roles, which may include: 

  • name and contact details;

  • age, date of birth and gender;

  • resume and written references;

  • employment letters and performance appraisals;

  • payroll information; and

  • your professional history such as your previous positions and professional experience. 

 

We may collect similar personal information from you if you are a contractor, depending on what you are contracted to supply to us.

How we collect and hold your personal information

Ordinarily, we will collect personal information about you, from you directly:

  • we acquire information directly when you interact with our online services, for instance, via website forms or service subscription;

  • we may ask you to complete forms or questionnaires, and provide additional information from time to time (sometimes, verbally; other times, in writing);

  • we also use cookies to help customise your experience on the Platform. A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time. As a general rule, it is not possible to identify you personally from our use of cookies.

When you submit information through our Platform, it is initially collected by third-party service providers, who then forward it to Ella Health. We do not have control over the data while it is in transit. Users should be aware that these third-party service providers may store data outside of Australia (see section of this Privacy Policy on ‘Overseas (cross border) disclosure’) and are encouraged to review their individual privacy policies.
 

We may also collect personal information about you from third parties if you have agreed that they can provide us with this information. For example, we may collect information from:

  • your health insurance provider, if any; and

  • Government funding sources, if any (such as Medicare).

We adopt stringent measures to safeguard your data from unauthorized interception or leaks, and against loss, misuse, unauthorised access, unauthorised modification and unauthorised disclosure. We have security processes in place to secure database and server access, and we take steps to ensure that electronic data is backed up. Hard copy paperwork is stored in secure locations. 
 

When we no longer require your personal information for a permitted purpose, we will securely destroy or de-identify your records in accordance with Australian laws.
 

All our staff members are educated on these protocols.

Where we hold personal information that was collected for a particular (primary) purpose we will ordinarily use or disclose it only for that purpose and not for any other (secondary) purpose unless you have consented, or we are otherwise permitted or required to do so under the APPs, the Act, or another law. 
 

The personal information that we collect is mainly used in connection with the delivery of our Platform.

  • For example, if you are a client, we collect your personal information in order to deliver the Platform to you, improve your user experience, and keep you updated on our offerings. This may include:

    • assessing whether we can safely provide you with services on the Platform;

    • accessing your account and associated information for troubleshooting or if you request help from our support or engineering teams;

    • research in the field of holistic care for chronic pelvic pain (for which purpose you may be asked to contribute your data to our ongoing product improvement and research studies);

    • maintaining and administering your client file;

    • invoicing and collection of payments;

    • making payment claims to your health insurer (if any) and/or to any Government funding sources (such as Medicare);

    • sending information to you about our services; and

    • direct marketing: We may provide you with information about new services which may be of interest to you, unless you opt out from receiving marketing messages from us – which you can do at any time.

  • If you are an employee or contractor, we use your personal information for the purpose of managing and administering your role, and/or the duties or services you perform.

Due the structure of our business, and how we deliver the Platform, we may disclose your personal information from one of our related bodies corporate or associated entities, to another.

We will also disclose your personal information if necessary to comply with a legal obligation and/or if properly directed to do so by an appropriate government, regulatory or statutory body (including a court or tribunal).

We will never sell your personal data to third parties for commercial purposes. We will not disclose your personal information to third parties for marketing purposes without your consent. 

Purposes for which we collect, hold, use and disclose your personal information

You have the right to access the personal information that we hold about you.

To do so, a formal request can be sent to us. Our contact details are set out later in this policy. We will always endeavour to meet your request within a reasonable time. 
 

In some circumstances, your request for access may be denied – in which case we will give you written reasons. Relevant circumstances could include:

  • if we no longer hold any personal information about you; 

  • if your request is frivolous or vexatious;

  • if the information requested relates to existing or anticipated legal proceedings and would not ordinarily be disclosed as part of those proceedings; and

  • if providing access would be unlawful, or the denying of access is required or allowed by law. 

We may charge you a reasonable fee for access to some types of information, limited to an amount to recoup our costs. Charges may include document retrieval, photocopying and delivery costs.

Accessing your personal information 

It is important that the personal information we hold is accurate, up-to-date, and complete. You will need to provide us with any changes to your personal information (including change of name, address, contact details and health information) to enable us to update your records.

We will take steps to ensure your personal information is correct and up to date by:

  • reminding you to contact us if your information has changed; and

  • amending our records when you inform us that your information has changed.

Correcting your personal information

From time to time we may engage external service providers who are located overseas and/or who store information outside of Australia. For example:

  • our data storage providers or web hosts may use servers, systems, and cloud computing facilities located outside of Australia;

  • we leverage third-party platforms to gather information and deliver our services, including Typeform (United States of America) for generating in-app surveys and questionnaires.

Whilst the use of overseas service providers will not always involve a disclosure of personal information, by providing us with your personal information, you consent to the possibility that it may be shared with overseas service providers and/or stored on overseas servers. We will also send your personal information overseas if you specifically ask us to.

Prior to knowingly disclosing or allowing disclosure of personal information to overseas recipients, we will:

  • take reasonable steps to ensure that the recipient does not breach the APPs; or

  • seek to establish a reasonable belief that the overseas recipient is subject to protections which, overall, are at least substantially similar to those in the APPs (and which can be enforced).

We will, where practicable, update this policy from time to time to list the countries in which any overseas recipients are likely to be located.

Please contact us if you do not want us to disclose your information to overseas recipients.

If in the future our cross-border disclosure practices change, this will occur only in accordance with the requirements of the Act and the APPs.

We will take steps to ensure your personal information is correct and up to date by:

  • reminding you to contact us if your information has changed; and

  • amending our records when you inform us that your information has changed.

Overseas (cross border) disclosure 

For questions, disputes, or grievances, get in touch with us at hello@ellahealth.co. We strive to resolve all issues in an appropriate timeframe.

We may, at any time and at our discretion, vary this Privacy Policy by publishing changes on the Platform. We recommend you check the Platform regularly to ensure you are aware of our current Privacy Policy.

Further information and resolving your concerns

bottom of page