Privacy Policy 

 

Our policy outlines how Specialist Direct collects, uses and discloses information, along with the choices you have with respect to the information you share. We are committed to complying with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth), ensuring that personal information is handled responsibly and securely. 

 

What the policy applies to 

 

The Privacy Policy applies to MiRA by Specialist Direct and any associated applications, along with the Website at www.specialist.direct. If you do not agree with any of the terms outlined here, please do not access our App, Web based system or Website. 

 

Our Privacy Policy expressly covers the MiRA by Specialist Direct software and Specialist Direct Website only, and does not apply to any third-party products, services or businesses. MiRA by Specialist Direct is proprietary software and may engage or use third parties. It can also be used in conjunction with and connect to client digital infrastructure and communications used by employers, businesses, insurers and technology firms and the privacy around those networks are outside of the scope of this policy and beyond Specialist Direct’s immediate control.  

 

The Specialist Direct Website and MiRA by Specialist Direct App 

 

This statement is our privacy policy as it relates to the Specialist Direct Website at www.specialist.direct and our MiRA App. These details also tell you how we collect and manage your personal information. 

What is personal information? 

When used in this privacy policy, the term “personal information” means details which is provided to, or collected by us. In general terms, that’s information that can be used to personally identify you. This could include your name, address, telephone number, email address, profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered as ‘personal information’. 

How do we collect your personal information? 

We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including: 

  • Through your access and use of our Website; 
  • Through your access and use of our App. 
  • During conversations between you and us; 
  • When you apply to use our product/s. 

In some cases, we may also collect your personal information through the use of cookies (these being small summary files containing a unique 10 digit number). When you access our website, we may send a cookie to your computer. This enables us to recognise your computer and greet you each time you visit our Website without bothering you with a request to register. It also enables us to keep track of products or services you view so that, if you consent, we can send you news about those products or services. We also use cookies to measure traffic patterns, to determine which areas of our Website have been visited, and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them. 

 

We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer our Websites, track users movements, and gather broad demographic information. If you do not wish to have an IP address logged, you can use a VPN (Virtual Private Network), which is something many businesses have, for added privacy. 

Our Websites may use Analytics for providers such as Google who’s services that use cookies, web beacons, web pixels and/or similar technology to collect and store information about you. You can learn more about Google Analytics’ privacy policy and ways to opt out from Google Analytics tracking by visiting Google Analytics’ website. 

 

What personal information does Specialist Direct’s Website and Application collect and hold? 

When visiting and interacting with our web site we may collect the following types of personal information: 

  • Name 
  • Mailing or street address 
  • Email address 
  • Telephone number 
  • Details of the products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to your enquiries 
  • Any additional information relating to you that you provide to us directly through our Websites (or App) or indirectly through use of our Websites (or App) or online presence, through our representatives or otherwise 

Please note that any correspondence using our live chat functions on MiRA by Specialist Direct, uploading and sharing of information including recovery progress updates, may be collected by MiRA to comply with relevant Client industry data retention requirements and backup purposes.  

We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect aggregated information and perform data analytics about how users use the Website and MiRA by Specialist Direct. 

Through the use of our Application(s) we may also collect and store additional information such as 

  • Identifying information: Name, age, contact details, gender, and date of birth. 
  • Health information: Details of injuries, treatment history, medical records (e.g. clearance certificates), rehabilitation progress, and healthcare provider notes. 
  • Sporting information: Information related to the athlete’s sporting activities. 
  • Organisation or Association related data: Information such as Usernames, Email, Organisation or Association history, Profession or Job title.  

 

Personal Health Information 

Some information collected and stored by Specialist Direct or added by our Members into our Applications may considered Protected Health Information (“PHI”) and/or medical information and is governed by laws that apply to that information, for example the Australian Privacy Act, Health Insurance Portability and Accountability Act (HIPAA). How Specialist Direct uses and discloses such PHI is in accordance with the relevant act-based jurisdiction. Specialist Direct will not use or disclose Personal Health Information for advertising, marketing, or other use-based data mining purposes and will not combine it with other data and will not sell it.  

 

Your consent 

By using the MIRA (Application), the Specialist Direct Website, http://specialist.direct, and other sites we own and operate (Website), or otherwise providing us directly, or through others, with your personal information, you agree with the terms of this Privacy Policy and consent to the collection, use, storage, and disclosure of that information in accordance with this Privacy Policy, the Privacy Act 1988 (Cth) as amended (including the Australian Privacy Principles) (the Privacy Act) and other applicable privacy laws. 

The provision of personal information is optional. However, if you do not provide us with certain types of personal information, you may be unable to enjoy the full functionality of our Website or purchase goods and/or services from us. 

What happens if we can’t collect your personal information? 

If you do not provide us with the personal information described above (including by use of computer settings which do not permit acceptance of cookies), some or all of the following may happen: 

  • we may not be able to provide to you, products or services that you asked for, either to our usual standard or at all. 
  • we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions; or 
  • we may be unable to tailor the content of our Websites and App, as well as updates – to your preferences and your experience of material. As a result, your user experience may not be as enjoyable or useful.  

For what purposes do we collect, hold, use and disclose your personal information? 

We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of customer service. 

We collect, hold, use and disclose your personal information for the following purposes: 

  • to provide products and services to you and to send communications requested by you; 
  • to answer enquiries and provide information or advice about existing and new products or services; 
  • to provide you with access to our Websites, Web based systems and our computer applications (“Apps”); 
  • to assess the performance of our Websites, Web based systems and our Apps, and to improve the operation of our Websites, Web based systems and our Apps; 
  • to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties; 
  • for the administrative, marketing, planning, product or service development, quality control and research purposes of Specialist Direct. 
  • to update our records and keep your contact details up to date; 
  • to process and respond to any concerns or complaints you raise; and 
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in cooperation with any governmental authority of any country (or political sub-division of a country). 

Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy. 

To whom may we disclose your information? 

We may share Personal Information with third parties including service providers in certain circumstances or for certain purposes, including:  

  • For business purposes. We may share your Personal Information with vendors and service providers, including our data hosting and data storage partners, analytics and advertising providers, technology services and support, and data security. We also may share Personal Information with professional advisors, such as auditors, law firms, and accounting firms. We may disclose your name, email address, date of birth, phone number, and address if you provided it to us via a form on the website or during an incomplete or failed registration to Service Providers.  
  • For other business reasons. We may share your Personal Information to enforce any applicable Legal Disclaimer, and to ensure the safety and security of the Websites and/or our users. Access may also be granted to our employees, related bodies corporate, contractors or service providers for the purposes of operation of our Websites or our business, fulfilling requests by you, and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, registry providers, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants; suppliers and other third parties with whom we have commercial relationships. 
  • With your direction or consent. We take reasonable steps to ensure that third party recipients of your Personal Information do not breach the privacy obligations relating to your Personal Information.  
  • With affiliates within our corporate group. We may share your Personal Information with any subsidiaries or affiliates within our corporate group.  
  • Compliance with law. We may share your Personal Information to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries.  
  • In the context of a transaction. We may share your Personal Information in connection with an asset sale, merger, bankruptcy, or other business transaction.  
  • For Advertising. Using cookies and web beacons, we may disclose Personal Information regarding your activity on our Websites to third-party advertising partners to optimize marketing. See Section 7 for additional details.  

Children’s privacy  

Unless specifically defined and subject to additional agreements, our Websites and Applications are not intended for children under 13 years of age, and we do not knowingly collect or sell Personal Information from children under 13. If you are under 13, do not use or provide any information on these Websites without your parent first providing consent. If you are the parent or guardian of a child under 13 years of age whom you believe might have provided us with their Personal Information, you may contact us using the below information to request that it be deleted. 

Security of personal information  

We take steps to secure Personal Information through administrative, technical, and physical safeguards designed to protect against the risk of accidental, unlawful, or unauthorised destruction, loss, alteration, access, disclosure, or use. Unfortunately, we cannot guarantee the security of information transmitted through the Internet, and where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential. 

Marketing materials 

We may send you marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.  

We do not provide your personal information to other organisations for the purposes of direct marketing, and we certainly do not sell it to third parties. 

Third party websites and Services  

Our Websites and applications may contain links or integrations to other online platforms operated by third parties. We do not control such other online platforms and are not responsible for their content, their privacy policies, or their use of your information. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms (such as Facebook, LinkedIn or Twitter) may also be viewable by other users of the Websites and/or users of those third-party online platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators except as disclosed on the Websites.  

We expressly disclaim any and all liability for the actions of third parties, including but without limitation to actions relating to the use and/or disclosure of Personal Information by third parties. Any information submitted by you directly to these third parties is subject to that third party’s privacy policy.  

How can you access and correct your personal information? 

You may request access to any personal information we hold about you at any time by contacting us (see the details below). If we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We may charge you a fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for the making of the request and we will not charge for our making any corrections to your personal information. 

There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal. 

If you believe the personal information we hold is incorrect, incomplete or inaccurate, you can request to have it amended. Upon any such request, we will consider whether the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it. 

Storage and Security of Personal Information 

We take reasonable steps to ensure that personal information is securely stored and protected from unauthorised access, loss, misuse, or modification. Security measures include: 

  • Encryption of data stored within the System. 
  • Secure access protocols for authorised users. 
  • Regular data audits and system integrity checks. 

Personal information will be stored within Australia in compliance with (Cross-border disclosure of personal information) and will not be transferred overseas unless legally permitted and with the individual’s consent. 

Retention of personal information  

We retain records only as long as necessary and as required for our business operations, for archival purposes, and/or to satisfy legal requirements. When determining the appropriate retention period for Personal Information, we take into account various criteria, such as the amount, nature, and sensitivity of the Personal Information; potential risk of harm from unauthorised use or disclosure; purposes for which we process your Personal Information and Personal Health Information; whether we can achieve those purposes through other means; and business operations and legal requirements.  

Where legal or contractual requirements forms part of an Organisation requirements to keep records of Personal Information, only the specific records or data will be retained and accessible by the Organisations representatives. 

Because we maintain our Websites and Application(s) to protect from accidental or malicious loss and destruction, residual copies of your Personal Information may be retained in our backup and archival systems for a limited period of time, after which the information will be automatically deleted or put beyond use where deletion is not possible. 

Destruction or De-identification: When personal information is no longer needed for its original purpose or when retention is no longer legally required, we will: 

  • Permanently delete electronic records. 
  • Securely destroy physical records. 
  • Anonymize data so that it cannot be re-identified if kept for analysis or research. 

What is the process for complaining about a breach of privacy? 

If you believe that your privacy has been breached, please contact us and provide as much detail as possible about your concern so that we can fully investigate it. 

Our procedure for dealing with privacy breaches is for you to contact us on support@specialist.direct 

 

If we have reasonable grounds to believe an eligible data breach has occurred, we will notify the Privacy Commissioner and take reasonable steps to notify affected individuals.  

Notifiable Data Breaches scheme 

In the event of any loss or unauthorised access or disclosure of your personal information that is likely to result in serious harm to you, we will: 

  1. investigate; and 
  1. notify you and the Australian Information Commissioner as soon as practicable, in accordance with the Act. 

Do we disclose your personal information to anyone outside Australia? 

We may disclose personal information to our related bodies corporate and third-party suppliers and service providers located overseas for some of the purposes listed above.  

We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information. 

We may disclose your personal information to entities located outside of Australia, including the following: 

  • our development team, located in Australia. 
  • our data hosting and other IT service providers, located in Australia. 
  • other third parties located in Australia. 

Requests to Delete or Correct 

You may have the right to request that we delete, or correct Personal Health Information associated with you, subject to applicable law and certain exceptions such as where there is a legal requirement to retain the data, deletion or correction requests may not be fulfilled. For example, if medical records must be retained or maintained for a statutory period 

Right to Non-discrimination  

You have the right to be free from discriminatory treatment for exercising the privacy rights conferred by applicable law, including not being: denied goods or services; charged different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provided a different level or quality of goods or services; or suggested that you will receive a different price or rate for goods or services or a different level or quality of goods or services..  

Contacting us 

If you have any questions about this privacy policy, or any concerns or complaints regarding the treatment of your privacy or a possible breach of your privacy, you can email us directly at support@specialist.direct 

We will treat your requests or complaints confidentially.  

Changes to our privacy policy 

We may change this privacy policy from time to time. Any updated versions of this privacy policy will be posted on our Website. 

This privacy policy was last updated on 1 October 2024.