Last Updated March 2022
We are subject to the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
Who is SimConverse?SimConverse is a technology company headquartered in Sydney, Australia that provides services to educators in the healthcare industry including, but not limited to:
- AI Simulated Patients
What information do we collect and hold?
Personal information is information or an opinion about an individual whose identity is apparent or can be reasonably ascertained.
If you are a student or a user of the platform under the provision of any institution the personal information that we may collect at the discretion of your institution includes:
- Identity information (your email address only)
If you are a customer or representative of an institution, then the information we may collect for the purposes of marketing and providing services includes:
- Identity information (your name, email address)
- Contact information (your phone number)
- Occupational information (name of your employer)
Sensitive information is a type of personal information and specifically refers to information or an opinion about certain things like your racial or ethnic origin, religious beliefs or affiliations, sexual orientation or practices, criminal record, and health information.
SimConverse heavily limits our collection of sensitive information. We do not actively collect it, require it or use it for any purpose.
If you do not wish us to store any sensitive information, please do not provide it to us directly.
How do we collect your personal information?
We may collect your information from a variety of sources including, but not limited to:
Directly From You
- When you create an account
- When you contact us
From Your Educational Institution / Employer
- When they create an account on your behalf
From Automated Sources
- When our website stores a cookie on your browser
- When our website analytics services log your information
If you do not consent to us collecting your information, we may not be able to provide these services.
Analytics and Cookies
By using our websites, you consent to the processing of data about you in the manner described, and for the purposes set out, above
You can set your browser to notify you when you receive a cookie. This will provide you with an opportunity to either accept or reject it in each instance. However, if you disable cookies, you may not be able to access certain areas of our websites, or the website may not operate as intended for you.
How do we store your personal information?
Once we collect your personal information, we will hold it securely and store it on infrastructure either owned or controlled by us or with a third party service provider (for example, cloud storage providers). Where we use a third party service provider, we take reasonable steps to ensure that they comply with the Privacy Act 1988 (Cth).
Regardless of whether your information is stored on devices, in the cloud or physically, we secure your information using industry standard techniques and reputable suppliers.
With regards to the personal information that you may provide or have provided on your behalf as a user of SimConverse, we store this data securely in an AWS datacentre in your institution’s home country. This is a top-tier ISO 27001 certified storage provider.
We require all staff to comply with our IT policies, procedures and access controls which are regularly reviewed.
How do we use personal information?
We collect, hold and use your personal information for the following purposes:
- To provide our services to you and to conduct our business
- For administration purposes and to provide technical support to you
- To communicate with you
- To verify your identity
- Development and analysis – We may use reporting, data analysis, automated functions, cookie data and website analytics (e.g. logging numbers of unique and repeat users) to support this. In many cases, this data is aggregated and anonymised. We may also combine this data with other information that we hold for a more complete picture of how we can better serve you and your needs.
If you do not consent to us collecting your information as outlined above, we may not be able to provide these services to you, and the third parties who use our services (such as property managers) may not be able to provide their services to you. 8. ### Direct Marketing
If you are a representative of an institution in the markets we serve, we may send you communications that market our products or services, using our systems or by methods such as email, SMS, telephone or online.
We will not provide your personal information to third parties for the purpose of them direct marketing to you.
We will not send marketing emails to non-representative users of the service
If you have received marketing communications from us, and if you no longer wish to receive those types of communications from us, please use the opt-out mechanism in the relevant communication and we will ensure that the relevant communication ceases.
To whom do we disclose your personal information?
We may disclose your personal information:
- To our service providers – We use other service providers to help us provide our products and services to you.
- To relevant third parties (including regulators, law enforcement and concerned parties) when we are legally compelled or required to do so or when we reasonably believe that disclosure is necessary.
- To facilitate or implement a sale or transfer of all of part of our business or assets.
- As otherwise required or permitted by law.
Personal information collected and held by us may be accessed from, disclosed to, and held outside of Australia (including but not limited to New Zealand, the United Kingdom, countries within the European Union, Switzerland and the United States of America). Personal information in SimConverse accounts is held within servers located in Australia.
From time to time, we use third party service providers and this may result in the storage of, processing of and access to your personal information outside of Australia (even if the information is primarily held within servers in Australia).
Similarly, your personal information may be accessed by staff or other third parties operating outside of Australia who work with or for us, our related bodies corporate, or our other suppliers, agents or partners.
You may not have the same rights in relation to the handling of your personal information by overseas recipients as you would under the Australian privacy laws, but when we disclose information to overseas recipients, we take reasonable steps to ensure that your personal information will not be held, used or disclosed in a way which is inconsistent with Australian law. By providing your personal information to us, you consent to the disclosure of your personal information to recipients outside Australia.
How to access or correct your personal information
You have the right to access or correct the personal information that we hold about you if it is inaccurate, out of date, incomplete, irrelevant or misleading, including your account details. If there is anything you want to change or correct, you can contact our Privacy Officer at email@example.com.
We reserve the right to refuse a request to access or correct your personal information where there are reasonable grounds for doing so. For example, if providing access to your personal information would be unlawful or would compromise the privacy of another person, we may be required to reject a request for access.
If you have a complaint, please contact our Privacy Officer at firstname.lastname@example.org. When you notify us of a complaint about our handling of your personal information, we will deal with the complaint by responding to it in writing within a reasonable period (usually 10 business days from the day we receive your email).
We will endeavour to work with you to resolve the complaint within 30 days, although that period may be longer if it is reasonable to take longer in the circumstances or given the nature of your complaint.
If you are unsatisfied with our response, you may refer the complaint to the Office of the Australian Information Commissioner.
- You may be entitled to request details of the data that we hold about you and how we process it.
- You may also have a right to:
- have that data rectified or deleted;
- restrict our processing of that data;
- stop unauthorised transfers of your personal data to a third party;
- in some circumstances, have that data transferred to another organisation; and
- lodge a complaint in relation to our processing of your personal data with a local supervisory authority.
- Where we rely upon your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time. If you object to the processing of your personal data, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, please be aware that:
- such objection or withdrawal of consent could mean that we are unable to provide our services to you, and could unduly prevent us from legitimately providing our services to other clients subject to appropriate confidentiality protections; and
- even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal data to the extent required or otherwise permitted by law, in particular:
- to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests; and
- in exercising and defending our legal rights and meeting our legal and regulatory obligations.
Additionally, as part of our commitment to privacy, we endeavour to extend these rights to all individuals, where it is legally applicable to do so. If you believe the GDPR may apply to your personal data and you wish to exercise any of your data subject rights, please send your request in writing to our Privacy Officer at email@example.com