brave program

Privacy policy

Hi there, we’re the BRAVE® Team and this is our Privacy Policy. This is an important document that tells you what information we collect about you and how we handle that information. We like to make sure our practices are transparent and easy to understand. Feel free to contact us if you have any questions or feedback about our approach to data privacy.

  1. Privacy is important
    1. We know that your privacy is important to you—it’s important to us as well. We publish this Privacy Policy to make it easy for you to understand the types of personal information we might handle, why and how we might collect, use or disclose it, and the rights you have to access or correct any personal information held by us.
    2. We are committed to protecting your privacy, and ensuring that the ways in which we deal with your personal information comply with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (‘Privacy Act’) and any other applicable health records legislation.
    3. We may update this Privacy Policy periodically and without notice to you. You should review this Privacy Policy from time to time to review any changes. If you have any questions about this Privacy Policy, please contact us using our contact details contained in section 6 below.
  2. The types of personal information we collect
    1. Information You Provide (User Content): When you register and use the BRAVE Program, we ask you for information which may be reasonably capable of identifying you (and which may include your health or other sensitive information). This might include your name, email address, an account password, your age, your gender, your suburb, and the country you were born in. You are not obliged to give us your correct personal information and you are able to use a pseudonym instead of your real name. We also collect general information about your mental and physical wellbeing in order to evaluate progress against your self-defined goals. Please be aware that use of incorrect responses may impact the suitability of the content provided by the BRAVE Program to you.
    2. Cookies: When you visit the BRAVE Program we send one or more cookies—a small text file containing a string of characters—to your computer that uniquely identifies your browser. Example uses of these cookies include: recognising you when you return to the Program, maintaining data you’ve entered across multiple sessions, and storing information about your personal preferences. This cookie is only saved while logged in and using the program for that browsing session. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, the BRAVE Program will not function properly if your cookies are disabled.
    3. Server log information: When you use the BRAVE website our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol (IP) address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser. This is standard procedure for routine server operation.
    4. Analytics: We use third party tools (such as Google Analytics) to gather statistics about how our web content is used, and statistics about our visitors, such as their browsers and geographic location. We do not collect personal information by such methods; only aggregate data is used. We then use the information to compile reports and to help us improve our site. The information collected may include:
      • how visitors arrived at our pages (e.g. directly from a bookmark or typing in an address; from a search engine; linked from another page)
      • which pages are viewed and for how long, including the viewing time and date
      • the general geographical locations of visitors (as indicated by the network or internet service provider they use) and the speed of their internet connections
      • technical information about the computers or devices used to browse pages, including the operating systems, browsers, plug-ins, screen types and default languages.
    5. Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site. To opt out of analytics, you can download a browser add-on from Google. Alternatively, you can set your browser to refuse or delete cookies from Google Analytics. Check your browser’s help information to find out how.
    6. User communications: When you send email or other communication to us, we may retain those communications in order to process your enquiries, respond to your requests and improve our services.
    7. Other sites: This Privacy Policy applies to the BRAVE websites and programs. We do not exercise control over the sites displayed as external links from our site. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you.
  3. How we use, store and disclose personal information
    1. We will never sell or exploit your Personal Information or share it for any purposes which are unrelated to providing and operating our Program.
    2. We will use your Personal Information to provide a personalised anxiety improvement program (and to support delivery of that program).
    3. We may use the Personal Information in research projects, but only in a de-identified form. All partner researchers will commit to our privacy policy to gain access to the de-identified data.
    4. We may use Personal Information for research purposes. While identifiable information will not be published, we may publish aggregate information about our users (for example, that 57% of registered users of the Program reside in major cities ) in the context of providing public health information and conducting academic research.
    5. We will only use your Personal Information for other purposes if you have provided your consent for us to do so, or if you might reasonably expect us to do so (for example, to investigate or respond to a complaint that you have raised with us, or to verify your identity if you have forgotten your user details for the Program)
    6. We may use and disclose your identifiable Personal Information to contact you as a reminder to interact with, or complete tasks relating to your use of the Program.
    7. With your explicit permission, we may share your Personal Information with a support person of your choice and specifically nominated by you, e.g. “Send My BRAVE Progress” functionality in the Program.
    8. We may use and disclose your Personal Information when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. Any disclosure, however, would only be to someone able to help prevent the threat.
    9. We must use and disclose your Personal Information to anyone who has the legal right to act for you (your personal representative) in order to administer your rights.
    10. If the BRAVE Program is licensed or acquired by a third party, personal data held by us about our users will be one of the transferred assets. In such an event, we may disclose your personal data to the prospective licensee, or buyer of the BRAVE Program assets.
    11. We take reasonable steps to protect all personal information which we hold (including your personal information) from misuse, interference, loss, unauthorised access, modification or disclosure.
    12. Your personal information will be stored in secure, encrypted electronic format and it will be stored within a secure database located on servers at The University of Queensland, Australia with appropriate electronic and physical security.
    13. All data transferred within our websites or Programs is protected by SSL. SSL is a technology that makes your data illegible in transit. If anyone were to intercept communication between our servers and your computer, they would not be able to easily decipher what was being passed back and forth.
    14. We may need to disclose your Personal Information to our service providers who support and enable us to provide our services and run our Programs, such as
      • our information technology, network, and software providers
      • our external professional advisors (such as legal advisors)
      • our founding partners at The University of Queensland, the University of Southern Queensland and Griffith University.
    15. We will retain Personal Information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
  4. How to access, correct or update your personal information
    1. Under the Australian Privacy Principles, you have the right to request access to, or correction of, the Personal Information that we hold about you.
    2. If you would like to make a request to access, or correct, your Personal Information which is held by us, you can:
      • if you are a user of the Program, update some of your Personal Information from within your Program account or profile; or
      • otherwise contact us using the details provided in section 7 of this Privacy Policy below.
    3. If you cannot update or correct your Personal Information via the Program, we will take reasonable steps to correct any errors in the Personal Information we hold about you within 7 days of receiving written notice from you about those errors, or to provide you with access to the Personal Information we hold within 28 days of a written request.
    4. We may charge you a reasonable fee for our costs incurred in meeting any of your requests to access or correct the Personal Information we hold about you.
    5. If we deny you access to, or we refuse your request to correct, your Personal Information, we will provide you with our reasons for this.
    6. We will retain Personal Information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
  5. How to make a complaint
    1. If you have a query or complaint about our handling of your Personal Information, please contact us in writing using the details provided in section 7 below. We will aim to resolve the issue with you directly.
    2. If you are not satisfied with our response to your complaint, you can also lodge a complaint with the Office of the Australian Information Commissioner:
      • by phone: 1300 363 992; or
      • online at:
  6. How to contact us
    1. All questions, comments or requests regarding this Privacy Policy or the way in which we handle your Personal Information should be addressed to:
      • by email:; or
      • by post:
      • The Privacy Officer
        The BRAVE Program
        C/- UniQuest Pty Ltd
        Level 7, General Purpose South Building
        Staff House Road
        University of Queensland
        St Lucia 4072
    2. You may contact the Privacy Officer by email in the first instance.
  7. Changes to this policy
    1. From time to time, we may need to change this Privacy Policy. If we do so, we will post the updated Privacy Policy on our website.
    2. Please refer back to this Privacy Policy to review any amendments, as any revised Privacy Policy will apply to all Personal Information (including health and other sensitive information) that is held by us.