Privacy Policy

Privacy Policy

Thank you for choosing easykind. We understand the importance of your privacy and are dedicated to safeguarding the information you provide to us.

1. Introduction

1.1 This Privacy Policy (Privacy Policy) is provided to ensure you understand your rights and obligations when you access and navigate our website located at www.easykind.com.au (Website). easykind, operated by Green Australia Clinics Pty Ltd (ACN: 686 902 509), is committed to protecting your Personal Information and complying with the Australian Privacy Principles and the Privacy Act 1988 (Cth), as well as the Health Records Act 2001 (Vic), where we handle health information in the course of providing health services.

1.2 This policy sets out:

• what is considered personal information;
• what personal information we collect and hold;
• how we collect, hold, use or disclose personal information;
• the purposes for which we collect personal information;
• what happens if we are not able to collect personal information;
• how to seek access to and correct your personal information;
• whether we disclose personal information outside Australia; and
• how to contact us.

1.3 We respect the rights and privacy of all individuals and are committed to complying with the Privacy Act 1988 (Cth) (the Act) the Health Records Act 2001 (Vic) and the Australian Privacy Principles and protecting the personal information we hold.

1.4 We may, from time to time, review and update this policy, including taking into account new or amended laws, new technology and/or changes to our operations. All personal information held by us will be governed by the most recently updated policy and we will give you notice of our revised policy by posting to our Website.

2. What is personal information?

When used in this policy, the term “personal information” has the meaning given to it in the Act. The definition includes a broad range of information, or an opinion, that could identify you. This may include (but is not limited to) your name, age, gender, postcode and contact details (including phone numbers and email addresses) and possibly financial information, including your credit card or direct debit account information. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

3. How we collect your personal information

3.1 We collect your personal information directly from you unless it is unreasonable or impractical to do so. We do this in ways including:

• when you submit any online form through the Website or Portal;
• when you submit an enquiry through the Website or Portal;
• when you book a consultation, make a purchase or update your contact information through the Portal
• during conversations between you and us via phone (if any);
• participating in customer satisfaction and market research surveys;
• administration of our services or other necessary actions to manage our business effectively.

3.2 We may also collect personal information from third parties including third party companies such as law enforcement agencies and other government entities, e-commerce platforms, data suppliers, advertisers, mailing lists and contractors and business partners.

3.3 We may record or store communications with you (including phone calls, live chats, support messages or other interactions) for training, verification, quality-assurance, compliance and security purposes.

4. Types of personal information we collect

4.1 We collect personal information required to provide you with access to the Website or Portal and to provide you with our services.

4.2 This may include personal information such as:

• Personal or Company name;
• mailing or street address;
• email address;
• telephone number;
• age or birth date;
• occupation;
• any additional information relating to you that you provide to us directly through our Website, our Portal, by phone or in person, or information you have provided indirectly through the use of our website or online presence through our representatives or otherwise;

4.3 Collection notices detailing the specific information being collected are available on our Website at the point of collection of your information.

4.4 Our partner doctors or nurse practitioners may also collect this information from you.

5. Our purposes for handling your personal information

5.1 We may collect and disclose personal information to third parties for the purposes described in this policy. These purposes include but are not limited to:

• efficient communications between you and us;
• secure storage and management of your files to allow us to provide you with proper access to the Website or Portal;
• notifying you of promotional material which may be suited to you.
• Facilitating access to and use of our Website and Portal:
• Assisting with booking appointments and making purchases.

5.2 The primary purpose for which we collect information about you is to enable us to perform our business activities and functions and to provide the best customer experience.

5.3 We may use or disclose your personal information where reasonably necessary to lessen or prevent a serious threat to life, health or safety, in accordance with applicable privacy laws.

5.4 We may also use your personal information, including health information, for activities reasonably necessary for the management, evaluation, auditing, compliance monitoring and quality assurance of our health services. This may include limited access by authorised non-clinician personnel for statistical analysis, service management, or to verify the accuracy or completeness of clinical information. Such access is strictly controlled, purpose-bound and conducted in accordance with the Australian Privacy Principles and applicable health-privacy laws.

5.5 Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.

6. Disclosure of personal information

6.1 We may disclose your personal information to:

• our employees, contractors, licensees or external service providers for the operation of our website, our Portal, or our business, fulfilling requests by you, including without limitation IT systems administrators or payment processors;
• specific third parties authorised by you to receive information held by us;
• the police, any relevant authority or enforcement body, or your Internet Service Provider or network administrator, for example, if we have reason to suspect that you have committed a breach of any of our terms and conditions, or have otherwise been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary;
• as required or permitted by any law (including the Privacy Act).

This may also include internal disclosure or controlled access to authorised non-clinician personnel engaged in health-service management, auditing, quality assurance or compliance activities.

6.2 We may disclose your information to third parties engaged by us to perform functions on its behalf, such as processing credit card information, order fulfilment, mailouts, shipping, debt collection, marketing, research, software or advertising.

6.3 We may disclose personal information with our subsidiaries or other entities under common ownership or control “Related Entities”. This sharing is done for purposes of providing and improving our services, enhancing user experience, and ensuring compliance with applicable laws and regulations. All Related Entities are required to handle your personal information in accordance with this Privacy Policy.

6.4 The law may require some of your personal information to be provided to the TGA and/or State and Territory authorities for your practitioner to obtain necessary exemptions or approvals. That information may include your full name, address, Medical Record Number, date of birth, gender, diagnosis and indications for which the medication is prescribed. Some personal information (excluding full name and address) may be visible to other registered health professionals for the purpose of them ensuring lawful supply of unapproved therapeutic goods.

7. Protection of personal information

7.1 We will take all reasonable steps to protect the personal information that we collect or hold from misuse, loss, or unauthorised access, including by means of firewalls, password access, secure servers and encryption of credit card transactions.

7.2 If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.

7.3 If we suspect any misuse or loss of, or unauthorised access to, your personal information we may inform you of that suspicion and take immediate steps to limit any further access to, or distribution of, your personal information. If we determine that the breach is likely to result in serious harm to you and we are unable to prevent the likely risk of serious harm with remedial action, we will take action in accordance with the Privacy Act 1988 (Cth).

7.4 If we receive unsolicited personal information that we are not permitted to collect under this privacy policy, or within the confines of the law, we will destroy or de-identify the unsolicited personal information as soon as practicable if it is lawful and reasonable to do so. We will destroy or de-identify your personal information if we no longer require it to deliver our services as soon as practicable if it is lawful and reasonable to do so.

7.5 Access to health information, including by authorised non-clinician personnel, is managed on a minimum-necessary basis and is governed by permissions, confidentiality obligations and internal privacy procedures.

7.6 For health information, we are required under health-records legislation to retain certain records for minimum statutory periods (for example, seven years for adults, or until the age of 25 for minors). We may not be able to delete or de-identify such information until these statutory periods have expired.

7.7 We maintain internal privacy procedures, staff training, access controls, data-security standards and incident-response processes to ensure compliance with our legal obligations and to protect your personal information.

8. Sensitive information

8.1 Sensitive information, as defined in the Privacy Act, includes details about an individual’s racial or ethnic origin, political opinions, membership in associations, religious or philosophical beliefs, trade union membership, criminal record, or health information.

8.2 We collect, use, retain, and disclose sensitive information only as necessary to provide or optimise our services, meet legal obligations, and support your treatment. We generally collect this kind of information when you complete our patient intake form and pre-screen questionnaire, and may also collect this information over the phone with you or on the Portal. 

8.3 We will only use sensitive information for the primary purpose it was obtained, for a secondary purpose directly related to the primary purpose, including health-service management, auditing and quality-assurance activities with your consent, in accordance with this policy, or as required or authorised by law. We may share your sensitive information with healthcare providers, pharmacies, insurers, and other entities involved in your care as necessary.

8.4 We take the security of your sensitive information very seriously. Sensitive information is encrypted both in transit and at rest using industry-standard encryption protocols. Access to sensitive information is restricted to authorised personnel only, and we use robust access control measures to prevent unauthorised access.

9. Direct marketing

9.1 We may send you direct marketing communications and information about services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS or email, in accordance with applicable marketing laws, such as the Spam Act 2004 (Cth). If you indicate a preference for a method of communication, we will endeavor to use that method whenever practical to do so.

9.2 In addition, at any time, you may opt-out of receiving marketing communications from us by contacting us (details below) or by using the opt-out facilities provided (e.g. an unsubscribe link). We will then ensure that your name is removed from our mailing list. We do not provide your personal information to other organisations for the purposes of direct marketing unless expressly authorised by you.

9.3 Even if you do opt out of receiving marketing communications from us, you agree that we may still send you information relevant to the supply of any services arranged by us or goods or services purchased by you through our Portal or Website.

9.4 If you receive communications from us that you believe have been sent to you other than in accordance with this policy, or in breach of any law, please contact us using the details provided below.

10. Use of financial information

10.1 If you use our Portal to make purchases or other financial transactions (such as payment of invoices through the Portal for products or services you purchase from a third-party user), we collect information about the purchase or transaction. This includes payment information, such as your credit card or debit card number, billing details and other account and contact information (Financial Information). 

10.2 We will only collect Financial Information from you with your prior knowledge and consent. You can access and browse our Portal without disclosing Financial Information.

10.3 We use your Financial Information solely to process payments for services you request or purchase through the use of our Portal. We do not retain your Financial Information after the transaction is complete, unless you check a box through which you ask us to save your Financial Information for future product purchases or payments. If you do check that box, we will retain your Financial Information until you contact us and ask that we remove it from our databases.

10.4 We may use third-party agents to manage online payment processing.

11. Use of cookies and AI

11.1 When you access our Website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognise your computer and greet you each time you visit our website or portal, without bothering you with a request to register or log-in. It also helps us keep track of products or services you view so that we can send you news about those products or services.

11.2 We also use cookies to measure traffic patterns, to determine which areas of our websites have been visited, and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online services. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.

11.3 We may also log IP addresses (the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track user movements, and gather broad demographic information.

11.4 We use artificial intelligence (AI) technologies to enhance our customer service and performance. We may share Personal Information collected through our AI functions in the same way we share other Personal Information as set out in this Policy.

11.5 Where we use AI technologies to support customer service, triage, administrative or analytical functions, these systems operate under human oversight and do not make clinical decisions. AI-assisted outputs may be reviewed by authorised personnel for accuracy, quality-assurance, or training purposes.

11.6 Where automated systems assist in form-processing, questionnaire analysis or appointment triage, such systems do not make clinical decisions. Any clinical determinations are made exclusively by qualified health practitioners.

12. Accessing and correcting your personal information

12.1 You may request access to personal information we hold about you at any time by contacting us at [email protected].

12.2 Where we hold personal information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge for simply making a request and will not charge for making any corrections to your personal information. If you make an access request, we will ask you to verify your identity. There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

12.3 If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.

12.4 We request that you keep your information as current as possible so that we may continue to improve our service to you.

13. Overseas transfers of personal information

13.1 Your personal information may be processed and stored in secure cloud servers located in the USA, Asia and Europe where required. 

13.2 If we are required to disclose your personal information overseas, we will advise you of this in a collection notice at the point of collection. We will take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

13.3 Where we engage overseas service providers (such as cloud hosting, communication platforms, analytics or support tools), we take reasonable steps to ensure that such providers handle your personal information in accordance with Australian Privacy Principles and applicable health-privacy standards.

13.4 To protect our website and online forms from spam and automated abuse, easykind uses security services that may process technical signals.  We take reasonable steps to ensure any overseas processing complies with the Australian Privacy Principles (APPs) and Health Privacy Principles (HPPs).

14. Resolving personal information concerns

14.1 If you have any questions about this Privacy Policy or your rights under Australian privacy law, or if you wish to exercise any of your rights, don’t hesitate to get in touch with our Privacy Officer at [email protected].

14.2 If you believe your privacy has been breached by us, have any questions or concerns about our Privacy Policy please, contact us using the email [email protected] and provide details of the incident so that we can investigate it.

14.3 If you are not satisfied with the outcome of our investigation, then you may request that an independent person (usually the Commonwealth Privacy Officer) investigate your complaint.

15. Changes

15.1 This Privacy Policy may change from time to time, and the most up-to-date version will be available on our website (https://easykind.com.au). We encourage you to periodically review our Privacy Policy to stay informed about any updates or changes.

15.2 If we make significant changes to our Privacy Policy, we will notify you by email or by placing a prominent notice on our website.

By accessing our Website or using our services you acknowledge that you have read and agree to the Privacy Policy and Terms of Service.

Version Control

Version: 4.0

Last Updated: November 2025