Privacy Policy

Welio is committed to protecting the privacy and security of any personally identifiable information you provide to us. Personally identifiable information is information that can be linked to a specific individual, and includes, but is not limited to, your name, address, phone number, email address, , date of birth, and

This privacy policy explains how we handle and protect your personally identifiable information. We do this in line with the broad principles set out in Guidelines on Privacy in the Private Health Sector 2001 published by the Office of the Federal Privacy Commissioner . The Privacy Act 1988 is applicable Commonwealth legislation.

We reserve the right to modify or amend this policy at any time and for any reason. Any material changes to this privacy policy will be posted prior to their implementation. Questions regarding this policy should be submitted to privacy@welio.com, or sent via regular mail to: The Privacy Officer, Level 18, Grosvenor Place, 225 George Street, Sydney NSW 2000.

What information does Welio collect?

Welio only record personally identifiable information and other information that is reasonably required to do business with you. On all the Welio pages that collect personally identifiable information, Welio describe what information is required in order to provide you with the product or service you request. In an effort to keep the Welio service as simple and easy as possible, profiles are created and stored for each of its users. A unique identifier for each profile is also created for our internal use, and is not shared outside of Welio.

Welio will collect personally identifiable information when you register to fulfil the legal and technical requirements of delivering our service to you. This information is available to you when logged in under the My Profile section in both website and mobile applications.

Welio may collect personally identifiable information such as your name, email address and/or telephone number whenever you contact us.

When you visit our website site, Welio record general information about your visit for statistical purposes. These statistics do not contain any personally identifiable information.

Welio uses "cookies" to store your preferences, record session information and collect information on how you visit and access our web pages. This helps us deliver and continue to improve our services. Cookies are small pieces of information that a web page transfers to your computer's hard disk for record-keeping purposes. Cookies make the web more useful by storing information about your preferences on a particular site.  Cookies in and of themselves do not personally identify you, only your computer. You can delete cookies from your computer at any time.

Welio uses highly secure payment gateway services provided by eWay. eWAY is tier-one PCI DSS compliant, as externally audited by Stratsec (QSA) ensuring the highest security standards set by Visa and MasterCard. eWAY secures all customer and credit-card data with military-grade software and servers, and the highest level of encryption available.

The PCI DSS is a set of rules created by the PCI Security Standards Council, which consists of the biggest companies in the payment card industry, in order to facilitate the adoption of a consistent set of standards for the processing, handling and storing of sensitive credit card information.

How do we use your information?

We only use your personally identifiable information for the purpose of providing our services and communicating with you in relation to our services.

We send email and SMS appointment reminders unless specifically requested do not do so. We send email invoices and receipts unless specifically requested not to do so.

We may from time to time send you email related to the services we provide, changes in this privacy policy, and other relevant matters.

We may use your email address and/or telephone number(s) to contact you when you submit a suggestion, question, or inquiry.

Who do we share your information with?

We do not disclose information to anyone except the relevant Health Professional and Patient.

We send personally identifiable information and encoded transaction identifiers to our eWay payment services provider to facilitate the payment transaction. eWay holds and handles all the card data on their PCI DSS compliant hosted solutions. Please refer to What information does Welio collect? for more information about payment services and PCI DSS compliance.

We may be required by law to disclose information you provide us with for the purposes of obtaining products or services. We may also disclose information about someone whose activities could cause harm to others (i.e. fraud).

Other than in the circumstances outlined above the information you supply to us remains stored confidentially on our secure servers and is not shared with 3rd parties.

How can you control and access your information?

My Profile pages provide you with the ability to update your information and set notification preferences.

You are free to delete your profile at any time, however you should note that while this will render your information invisible to the general user system we are required by law to retain an audit trail.

If at any time you want to inquire about any of the personally identifiable information that we store, or to request any amendment or correction to that information, please contact us via email at privacy@welio.com, or via regular mail at Level 18, Grosvenor Place, 225 George Street, Sydney NSW 2000.

How we protect your information

Welio utilise Microsoft Azure cloud services to store and access data and information related to providing services to its clients. Azure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards, such as Australia IRAP, UK G-Cloud and Singapore MTCS.

Skype For Business traffic (both signal and media traffic) is encrypted by using the Transport Layer Security (TLS) protocol. This protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering or message forgery.

Welio use transaction logging to provide a robust administrative audit trail.

This policy was last updated on 29 th June, 2017