Privacy Policy

PRIVACY POLICY | NEURO OPTICA OPERATIONS PTY LTD

Last Updated: 15 January 2024

This Privacy Policy (Policy) describes how Neuro Optica Operations Pty Ltd ACN 669 149 884 trading as BrainEye and its affiliates (BrainEye, we, us) via www.braineye.com (Website) and our mobile application (App) collects, uses, and discloses your Personal Information when you visit the Website or our App. Any capitalised terms referred to within this Policy that are not defined, have the meaning provided in the BrainEye Terms and Conditions, available on our Website or App.

  1. COMMITMENT TO PRIVACY
    1. BrainEye are bound by the Australian Privacy Principles (AusPPs) contained in the Privacy Act 1988 (Cth), and any other privacy legislation that may apply in the jurisdiction in which you use our Website or App (Applicable Laws). 
    2. The object of the AusPPs is to protect the confidentiality of personal information and the privacy of individuals by regulating the way in which personal information is managed through our Website and our App. This Policy applies to all of the products, services, applications and websites offered by BrainEye (collectively, Services) accessed by you.
  2. WHAT IS “PERSONAL INFORMATION”?
    1. The Privacy Act currently defines “Personal Information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
      1. whether the information or opinion is true or not; and
      2. whether the information or opinion is recorded in a material form or not.
    2. If information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “Personal Information” and will not be subject to this Policy.
    3. Personal Information can include “health information”, which refers to information regarding an individual’s physical or mental health or a health service provided to an individual or “sensitive information”, which includes information or an opinion about an individual’s health, racial or ethnic origin, political opinions, religious beliefs, criminal record, and sexual orientation, amongst other things (Sensitive Personal Information).
    4. BrainEye is committed to protecting the Personal Information it collects and regularly monitors its systems and procedures to ensure compliance with the AusPPs and this Policy. This Policy outlines the way in which BrainEye deals with the Personal Information (including Sensitive Personal Information) it collects.
    5. We are not responsible for the privacy practices of any third-party websites that may be linked on our Website, or within the App.
  3. WHAT INFORMATION DO WE COLLECT AND WHY?
    1. The Personal Information that we collect and hold about you depends on your interaction with us. When you visit the Website or access our App, we will collect, use and hold your Personal Information if it is reasonably necessary for or directly related to the performance of our functions and activities.  Generally, we collect certain information about your device, your interaction with the Website and App, and information necessary to process your Subscription. We may also collect additional information if you contact us for customer support. See the list below for more information about what Personal Information we collect and why.
      1. Device information:
        1. examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Website;
        2. purpose of collection: to load the Website accurately for you, and to perform analytics on Website usage to optimise our Website; and
        3. source of collection: collected automatically when you access our Website using cookies; 
    2. BrainEye also collects Personal Information that is reasonably necessary for or directly related to our functions of the App.
    3. The Personal Information we collect may include:
      1. Your name;
      2. Your address;
      3. Your date of birth;
      4. Your email address;
      5. Your phone number; and 
      6. Website, App and service use information.
    4. We also collect your Personal information for the purposes of:
      1. providing you with promotional material and information about other goods and services that we, our related entities and other organisations that we have affiliations with, offer that may be of interest to you;
      2. facilitating our internal business operations, including the fulfilment of any legal requirements; and
      3. analysing our products, services and customer needs for research purposes or with a view to developing new or improved products and services.
    5. By using our Website, you consent to the receipt of direct marketing material. We will only use your Personal Information for this purpose if we have collected such information directly from you, and if it is material of a type which you would reasonably expect to receive from us. We do not use sensitive information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature.
  4. HOW WE COLLECT YOUR PERSONAL INFORMATION
    1. We may collect Personal Information from you whenever you input such information through our Website or App. 
    2. Personal Information will generally be collected directly from you through the use of our standard forms, over the internet via accessing our Website or App, via email, through a telephone or in-person conversation with you, or through video recordings of your use of our Website or App. There may, however, be some instances where Personal Information about you will be collected indirectly because it is unreasonable or impractical to collect Personal Information directly from you.  We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
    3. If the Personal Information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the products or services you, or they, are seeking.
    4. You can always choose to deal anonymously (or by providing a pseudonym), however this may impact our ability to provide you with the services you are seeking.
  5. WEBSITE, APP, COOKIES & BEACONS
    1. Our Website and App may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that BrainEye is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our Website, to read the privacy statements of each website that collects Personal Information.
    2. Our Website and App may use web beacons from time to time. Web beacons or clear gifs are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. When you visit the Website or login to the App, certain information may be collected such as browser type, and operating system.
    3. We also collect Personal Information via cookies from your computer which enable us to identify when you use the Website and App and also to help customise your experience. As a general rule, however, it is not possible to identify you personally from our use of cookies, but they may link back to a database record about you.  
    4. A cookie is a small amount of information that is downloaded to your computer or device when you visit our Website or login to our App. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you do not have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it is their first time visiting or if they are a frequent visitor.
    5. You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our Website or App may no longer be fully accessible.
    6. Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.
    7. Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. 
    8. We also use Google Analytics to help us understand how our customers use the Website. Google Analytics anonymously tracks how users interact with the websites, including where they came from, what they did on the websites and whether they completed any transactions on the websites. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
    9. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s educational page at: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work
    10. You can opt out of targeted advertising through:
      1. Facebook – https://www.facebook.com/settings/?tab=ads.
      2. Google- https://www.google.com/settings/ads/anonymous.
    11. Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
  6. USE AND DISCLOSURE
    1. BrainEye will use your Personal Information for the primary purpose for which it is collected, which generally includes the following purposes:
      1. during the provision of the App or Services that have been requested by you;
      2. administering clinical trials or other similar programs in which you agree to be involved;
      3. compliance with regulatory requirements, such as maintaining a record of medical queries, complaints, adverse events and recalls relating to our products;
    2. We may also use your Personal Information to:
      1. Provide you with updated product or safety information with respect to the App and Services;
      2. Send you material on our activities and products or developments that BrainEye believes may be of interest to you (although if you are a subscriber we will not do so without your consent);
      3. Respond to your requests for information, product, services including managing your online accounts and providing warranty service where this applies to products;
      4. Provide you with general health information, where this is permissible, such as information about certain health conditions related to concussions, as well as information about our products and services;
      5. Resolve or track the status of all problems with consumers and / or products or services;
      6. Manage, plan and arrange meetings between you and BrainEye representatives;
      7. Generate customer lists for the purposes of market research;
      8. Conduct general research for the purposes of advancing science, our products and/or services;
      9. Manage accounts and ensure that we receive payment for our Services;
      10. Verify your age or identity as needed for us to provide our products and Services safely and lawfully;
      11. Improve our products and Services;
      12. De-identify your information by removing all personal identifiers (your name, e-mail address etc.) so that the information is no longer Personal Information and can be used for other purposes;
      13. Protect someone’s health safety or welfare;
      14. Comply with a law or regulation, court order or other legal requirement; and
      15. Undertake other activities for which you have consented we can use or disclose your personal information.
    3. We will only use or disclose your Personal Information for a purpose that was not the primary purpose for which we collected it, if we are required, authorised or permitted by law or a court / tribunal order to do so.
    4. We may disclose Personal Information:
      1. to our related companies and affiliates;
      2. to third party service providers engaged by us so that they may perform services for us or on our behalf;
      3. to third party service providers engaged directly by your healthcare professional or representative, so that they may perform services for your healthcare professional or on their behalf;
      4. if you are a subscriber, to care partners who you nominate to receive information and notifications about you and your care from BrainEye;
      5. where we are authorised or required by law to do so or are permitted to disclose the information under the AusPPs or Applicable Legislation;
      6. if you have expressly consented to the disclosure.
    5. You represent and warrant that you have permission to share any information you elect to provide BrainEye, you consent to such information being shared with third parties, and that such information is accurate, current, non-misleading, and consistent and relevant for the purpose for which you are providing information.
  7. SENSITIVE PERSONAL INFORMATION 
    1. We may collect Sensitive Personal Information as part of providing Services to you. When dealing with Sensitive Personal Information, such as your health information, for a purpose that is not directly linked to the primary purpose of collection, BrainEye will seek your consent before using Sensitive Personal Information. 
    2. In only very limited circumstances, such as where we are required by law to disclose information or in the event of a serious threat to your life or health, will we use or disclose your Sensitive Personal Information for other secondary purposes to the extent necessary in the circumstances without your consent.
  8. DISCLAIMER 
    1. The information on the Website, and App is not intended or implied to be a substitute for professional medical advice, diagnosis or treatment. BrainEye makes no representation and assumes no responsibility for the accuracy of information contained on or available through this Website or App, and such information is subject to change without notice. You are encouraged to confirm any information obtained from or through our App and Website with other sources and review all information regarding any medical condition or treatment with your physician.
    2. Never disregard professional medical advice or delay seeking medical treatment because of something you have read on or accessed through the service.
    3. BrainEye does not recommend, endorse or make any representation about the efficacy, appropriateness or suitability of any specific tests, products, procedures, treatments, services, opinions, health care providers or other information that may be contained on or available through the Service. 
    4. BrainEye is not responsible nor liable for any advice, course of treatment, diagnosis or any other information, services or products that you obtain through the Website or App.
  9. CROSS BORDER DATA TRANSFER
    1. As part of a global group of companies located in many different countries, we may disclose your Personal Information to a BrainEye company or affiliate, or to our database overseas. The countries to which we are likely to disclose Personal Information include the European Union, United Kingdom, United States of America, Argentina, Pakistan, Indonesia, India, Israel, Philippines, and Malaysia. In disclosing Personal Information offshore, BrainEye ensures that the use and disclosure of the personal information transferred is dealt with in accordance with this policy and the requirements of the relevant law within the relevant jurisdictions.
    2. By providing BrainEye with your Personal Information, you consent to the transfer, storing, and processing of your Personal Information in other countries. You acknowledge that where we rely on your consent for these activities that your Personal Information may not be given the same protection as is available under the Australian Privacy Laws.
  10. TRANSFER OF DATA TO THIRD PARTIES
    1. BrainEye processes and stores its data, including Personal Information, on secure AWS cloud servers. BrainEye may transfer data to the third-party service providers. By submitting Personal Information or otherwise using the Services, you agree to this transfer, storing or processing of your Personal Information. You acknowledge and agree that your Personal Information may be accessible to law enforcement and governmental agencies under lawful access regimes or court order.
    2. We will not sell or rent your Personal Information to anyone other than as described in this Privacy Policy.
  11. SERVICE PROVIDERS AND BUSINESS PARTNERS

We may from time to time employ third parties to perform tasks on our behalf and we may need to share Personal Information with them to provide certain services. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary for them to provide the tasks and services on our behalf. We currently engage third party companies and individuals employed by us to facilitate our Services, including the provision of maintenance services, database management, web analytics and general improvement of the Services, and businesses who engage our Services (to the extent provided for above). We take commercially reasonable steps to ensure our service providers adhere to the security standards we apply to your Personal Information.

  1. MINORS
    1. The Website and App are designed for all users, including users under the age of majority in your jurisdiction (subject to parent or guardian consent and supervision). Personal Information may only be collected from children who obtain verifiable consent from their parent or guardian.
    2. Any Personal Information that is inadvertently collected from a child will be deleted at the request of the parent or guardian; please contact us at the address in clause (22) below to request deletion.
  2. DATA SECURITY

You use the App and Website at your own risk. We implement commercially reasonable technical, administrative, and organisational measures to protect Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction in accordance with the Applicable Laws. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Information to BrainEye via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third-party websites.

  1. ACCESS, CORRECTION AND ACCURACY
    1. AusPP 12 permits you to obtain access to the Personal Information and Sensitive Personal Information we hold about you in certain circumstances, and AusPP 13 allows you to correct inaccurate Personal Information subject to certain exceptions. 
    2. You may access the Personal Information we hold about you, upon making a written request.  We will respond to your request within a reasonable period.  We may charge you a reasonable fee for processing your request (but not for making the request for access).
    3. We may decline a request for access to Personal Information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).
    4. If, upon receiving access to your Personal Information or at any other time, you believe the Personal Information we hold about you is inaccurate, incomplete or out of date, please notify us immediately.  We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
    5. If we refuse to correct your Personal Information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
    6. If you would like to obtain such access, please contact us as set out in clause (22) below.
  2. OPT-OUT CHOICES

To “opt-out” of (1) any consents previously given to us, (2) receiving communications from us, or (3) having Personal Information disclosed to third parties, send an e-mail to info@braineye.com. Notwithstanding this right to request to cease receiving communications from us and to have us not share Personal Information with third parties, we retain the right to collect, maintain and process information provided by and collected about you on and through the Services, and disclose such information to comply with its reasonable business and legal obligations.

  1. BUSINESS TRANSFER

If our business (or substantially all of our assets) are acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be made available or otherwise transferred to the new controlling entity, where permitted under applicable law.

  1. CHANGES TO THIS PRIVACY POLICY

We may amend this Privacy Policy from time to time. If we decide to change our Privacy Policy, we will post those changes on this page and update the Privacy Policy modification date at the top of this page. Use of Personal Information we collect is subject to the Privacy Policy in effect at the time such information is collected, used or disclosed. If we make material changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or App or sending you an email prior to the change becoming effective. You are bound by any changes to the Privacy Policy when you use the Website, Website or App after such changes have been first posted.

  1. COMPLAINT PROCEDURE
    1. If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us as set out in clause (22) below. All complaints will be considered by our privacy officer and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem.
    2. If we are unable to satisfactorily resolve your concerns about our handling of your Personal Information, you can contact the Office of the Australian Information Commissioner:

GPO Box 5218

Sydney NSW 2001

Email: enquiries@oaic.gov.au 

Tel: 1300 363 992

www.oaic.gov.au

  1. Foreign residents may also reach the relevant information commissioner in your jurisdiction.
  2. FOREIGN PRIVACY ACTS
    1. If you are a Malaysian resident, you may have additional rights under the Personal Data Protection Act 2010 (Malaysia).
    2. If you are an Israeli resident, you may have additional rights under the Protection of Privacy Law, 5741-1981 (Israel).
    3. If you are an Argentinian resident, you may have additional rights under the Personal Data Protection Act 25.326 (PDPA) (Ley de Protección de los Datos Personales).
    4. If you are a UK resident, you may have additional rights under the Data Protection Act 2018 (UK).
    5. If you are a California resident, you may have additional rights under the California Consumer Privacy Act (2018) (CCPA), and if you are a resident of any other state in the United States of America, you have additional rights under the relevant state based legislation in your state of residence.
    6. If you are an Indian resident, you may have additional rights under the Digital Personal Data Protection Act, 2023.
    7. If you are an Indonesian resident, you may have additional rights under the Personal Data Protection Law, being: Law No. 11 of 2008 on Electronic Information and Transactions, as amended by Law No. 19 of 2016 on the Amendment to Law No. 11 of 2008 on Electronic Information and Transactions, the Kominfo Regulation No. 20 of 2016 on Personal Data Protection in Electronic Systems (‘Kominfo Regulation 20’), and Government Regulation No. 71 of 2019 (‘GR 71’),(PDPL).
    8. If you are a resident of the European Union, you may have additional rights under the GDPR, as discussed further in clause 20 and 21 of these Terms.
    9. If you are a Philippine resident, you may have additional rights under the Data Privacy Act of 2012 (Republic Act No. 10173).
    10. If you are a Pakistan resident, you may have additional rights under the Prevention of Electronic Crimes Act, 2016 (PECA).
    11. You can request to know the specific information that we have collected about you, or information about the categories of Personal Information that we hold about you by contacting us at the address in clause 22 below.
  3. GDPR
    1. If you are an individual in a country in the European Economic Area (EEA), we may be required to comply with the EU General Data Protection Regulation 2016/679 (GDPR) which applies to us when processing the Personal Information of individuals (data subjects) who are in countries in the EEA in relation to offering you our products or services or if we monitor any of your behaviour when in those countries. BrainEye is a data controller for our website and services provided through our website.
    2. In some circumstances, the GDPR provides additional protection to individuals located in Europe. Where this is the case, there may be additional rights and remedies available to you under the GDPR if your Personal Information is handled in a manner inconsistent with that law.
    3. You have certain rights in relation to personal information we hold about you, such as the right to be informed, access, rectify, erase, and object or restrict your data. We will require evidence of your identity before we are able to act on your request.
  4. GDPR LAWFUL Processing OF personal data

Under the GDPR, we are allowed to process your personal data based on the following legal bases for the purposes explained in the previous clause 20 “What information we collect and why”:

  1. Legitimate Interests: We are permitted to process your personal data if it is based on our ‘legitimate interests’ i.e., we have good, sensible, practical reasons for processing your personal data which is in our interests. To do so, we have considered the impact on your interests and rights, and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible. You can object to processing that we carry out on the grounds of legitimate interests. See the clause 20“General Data Protection Regulation” and 22 “Contact Us”.
  2. Contract: It is necessary for our performance of the contract you have agreed to enter with us. If you do not provide your personal data to us, we will not be able to carry out our obligations under the terms of your contract.
  3. Legal obligation: We are subject to legal obligations to process your personal data for the purposes of complying with applicable regulatory rules and to make mandatory disclosures to government bodies and law enforcement agencies.
  4. Consent: Sometimes we want to use your personal data in a way that is entirely optional for you, such as when you sign up to our newsletter. On these occasions, we will ask for your consent to use your information. You can withdraw this consent at any time by following the instructions in the marketing communication (e.g., clicking “unsubscribe” in the marketing email) or reaching out to us using the information in clause 22 “Contact Us”.
  5. HOW TO CONTACT US ABOUT PRIVACY

If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact our privacy officer below:

Address: 20-40 Meagher Street, CHIPPENDALE, NSW, 2008, AU

Email: info@braineye.com 

  1. DEFINITIONS AND INTERPRETATION 
    1. Definitions

In this Policy:

AusPP  or Australian Privacy Principlesmeans the Australian Privacy Principles under section 28(1) of the Privacy Act 1988 (Cth).
Appmeans the BrainEye application.
CCPAmeans the California Consumer Privacy Act 2018 (US).
Corporations Actmeans the Corporations Act 2001 (Cth).
GDPRmeans the EU General Data Protection Regulation 2016/679.
Personal Informationmeans any personal information, as defined in the Privacy Act 1988 (Cth) as amended, provided by you including via the Website.
Policymeans this Privacy Policy as amended from time to time.
Privacy Actmeans the Privacy Act 1988 (Cth).
Related Body Corporatehas the meaning provided by section 50 of the Corporations Act.
User(s)means a User/s of the Website, or App either collectively or individually, as the context requires.
we/us/ourmeans Neuro Optica Operations Pty Ltd ACN 669 149 884 and its Related Bodies Corporate.
Websitemean the website located at braineye.com or any subsequent URL which may replace any of it.
you/yourmeans you as: a.  a User of the Website and/or App; and b.  the person acquiring information from us.

2. Interpretation

In this Policy, unless the context requires otherwise:

  1. a singular word includes the plural and vice versa;
  2. a reference to a time is to local time in New South Wales, Australia; 
  3. headings are for convenience only and do not affect interpretation;
  4. a reference to a Party, includes the Party’s executors, administrators, successors, substitutes, and permitted assigns;
  5. a reference to a statute, ordinance, code or other law includes regulations and other instruments under any of them and consolidations, amendments, re-enactments, or replacements of any of them;
  6. a reference to a document or agreement, including this Policy, is a reference to that document or agreement as amended, supplemented, varied, or replaced; and
  7. a reference to a natural person includes a body corporate, partnership, joint venture, association, government or statutory body or authority or other legal entity, and vice versa.