- Privacy is important
- We are committed to protecting your privacy, and ensuring that the ways in which we deal with your personal information comply with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (‘Privacy Act’) and any other applicable health records legislation.
- The types of personal information we collect
- Information You Provide (User Content): When you register and use the BRAVE Program, we ask you for information which may be reasonably capable of identifying you (and which may include your health or other sensitive information). This might include your name, email address, an account password, your age, your gender, your suburb, and the country you were born in. You are not obliged to give us your correct personal information and you are able to use a pseudonym instead of your real name. We also collect general information about your mental and physical wellbeing in order to evaluate progress against your self-defined goals. Please be aware that use of incorrect responses may impact the suitability of the content provided by the BRAVE Program to you.
- Cookies: When you visit the BRAVE Program we send one or more cookies—a small text file containing a string of characters—to your computer that uniquely identifies your browser. Example uses of these cookies include: recognising you when you return to the Program, maintaining data you’ve entered across multiple sessions, and storing information about your personal preferences. This cookie is only saved while logged in and using the program for that browsing session. Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, the BRAVE Program will not function properly if your cookies are disabled.
- Server log information: When you use the BRAVE website our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol (IP) address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser. This is standard procedure for routine server operation.
- Analytics: We use third party tools (such as Google Analytics) to gather statistics about how our web content is used, and statistics about our visitors, such as their browsers and geographic location. We do not collect personal information by such methods; only aggregate data is used. We then use the information to compile reports and to help us improve our site. The information collected may include:
- how visitors arrived at our pages (e.g. directly from a bookmark or typing in an address; from a search engine; linked from another page)
- which pages are viewed and for how long, including the viewing time and date
- the general geographical locations of visitors (as indicated by the network or internet service provider they use) and the speed of their internet connections
- technical information about the computers or devices used to browse pages, including the operating systems, browsers, plug-ins, screen types and default languages.
- Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site. To opt out of analytics, you can download a browser add-on from Google. Alternatively, you can set your browser to refuse or delete cookies from Google Analytics. Check your browser’s help information to find out how.
- User communications: When you send email or other communication to us, we may retain those communications in order to process your enquiries, respond to your requests and improve our services.
- How we use, store and disclose personal information
- We will never sell or exploit your Personal Information or share it for any purposes which are unrelated to providing and operating our Program.
- We will use your Personal Information to provide a personalised anxiety improvement program (and to support delivery of that program).
- We may use Personal Information for research purposes. While identifiable information will not be published, we may publish aggregate information about our users (for example, that 57% of registered users of the Program reside in major cities ) in the context of providing public health information and conducting academic research.
- We will only use your Personal Information for other purposes if you have provided your consent for us to do so, or if you might reasonably expect us to do so (for example, to investigate or respond to a complaint that you have raised with us, or to verify your identity if you have forgotten your user details for the Program)
- We may use and disclose your identifiable Personal Information to contact you as a reminder to interact with, or complete tasks relating to your use of the Program.
- With your explicit permission, we may share your Personal Information with a support person of your choice and specifically nominated by you, e.g. “Send My BRAVE Progress” functionality in the Program.
- We may use and disclose your Personal Information when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. Any disclosure, however, would only be to someone able to help prevent the threat.
- We must use and disclose your Personal Information to anyone who has the legal right to act for you (your personal representative) in order to administer your rights.
- If the BRAVE Program is licensed or acquired by a third party, personal data held by us about our users will be one of the transferred assets. In such an event, we may disclose your personal data to the prospective licensee, or buyer of the BRAVE Program assets.
- We take reasonable steps to protect all personal information which we hold (including your personal information) from misuse, interference, loss, unauthorised access, modification or disclosure.
- Your personal information will be stored in secure, encrypted electronic format and it will be stored within a secure database located on servers at The University of Queensland, Australia with appropriate electronic and physical security.
- All data transferred within our websites or Programs is protected by SSL. SSL is a technology that makes your data illegible in transit. If anyone were to intercept communication between our servers and your computer, they would not be able to easily decipher what was being passed back and forth.
- We may need to disclose your Personal Information to our service providers who support and enable us to provide our services and run our Programs, such as
- our information technology, network, and software providers
- our external professional advisors (such as legal advisors)
- our founding partners at The University of Queensland, the University of Southern Queensland and Griffith University.
- How to access, correct or update your personal information
- Under the Australian Privacy Principles, you have the right to request access to, or correction of, the Personal Information that we hold about you.
- If you would like to make a request to access, or correct, your Personal Information which is held by us, you can:
- if you are a user of the Program, update some of your Personal Information from within your Program account or profile; or
- If you cannot update or correct your Personal Information via the Program, we will take reasonable steps to correct any errors in the Personal Information we hold about you within 7 days of receiving written notice from you about those errors, or to provide you with access to the Personal Information we hold within 28 days of a written request.
- We may charge you a reasonable fee for our costs incurred in meeting any of your requests to access or correct the Personal Information we hold about you.
- If we deny you access to, or we refuse your request to correct, your Personal Information, we will provide you with our reasons for this.
- If you have a query or complaint about our handling of your Personal Information, please contact us in writing using the details provided in section 7 below. We will aim to resolve the issue with you directly.
- If you are not satisfied with our response to your complaint, you can also lodge a complaint with the Office of the Australian Information Commissioner:
- by phone: 1300 363 992; or
- online at: www.oaic.gov.au.
- by email: email@example.com; or
- by post:
- The Privacy Officer
The BRAVE Program
C/- UniQuest Pty Ltd
Level 7, General Purpose South Building
Staff House Road
University of Queensland
St Lucia 4072