Privacy Policy

Lilith Elemental Pty Ltd is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.oaic.gov.au.

This Privacy Policy applies to Lilith Elemental Pty Ltd, ABN 97 694 424 121. Our contact details are provided in the Complaints and Enquiries section below.

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect includes names, addresses, email addresses and phone numbers.

This Personal Information is obtained in many ways including by telephone, by email, via our website, from other publicly available sources, and from third parties. We are not responsible for the privacy practices of third-party websites linked from our site.

We collect your Personal Information for the primary purpose of providing our services to you, providing information to our clients and marketing. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.

When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

The types of personal information we may collect include your name, date of birth, contact details, health information, medical history, pathology results, and payment information. Health information is classified as sensitive information under the Privacy Act and is subject to additional protections.

If you do not provide the personal information we request, we may be unable to provide you with our services, process your consultation, or deliver treatment.

We collect personal information for the purposes of delivering telehealth consultations and clinical services, fulfilling prescriptions, processing payments, communicating with you about your care, complying with our legal and regulatory obligations, and improving our services. Some collection is required by law, including under applicable health records legislation, which requires us to retain clinical records for a minimum of 7 years.

Anonymous and Pseudonymous Access

Where practicable, you may interact with us anonymously or using a pseudonym, for example, when browsing our website or reading educational content.

Due to the nature of the health services we provide, it is generally impracticable for us to deal with individuals who have not identified themselves. Accurate identification is required to ensure the safety and continuity of clinical care, to comply with our legal and professional obligations under applicable health legislation, and to meet the requirements of Medicare and private health insurance billing. If you do not provide the required information, we may be unable to provide services to you.

Unsolicited Information

From time to time, we may receive personal or health information that we did not solicit. Where we receive unsolicited personal information, we will promptly assess whether that information is of a kind we could have collected under our standard collection practices. If we determine that we could not have collected the information, and it is not contained in a Commonwealth record, we will destroy or de-identify that information as soon as practicable, provided it is lawful and reasonable to do so.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

Sensitive information will be used by us only:

• For the primary purpose for which it was obtained
• For a secondary purpose that is directly related to the primary purpose
• With your consent; or where required or authorised by law

Third Parties

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.

Disclosure of Personal Information

Your Personal Information may be disclosed in a number of circumstances, including to:

• IT service providers and technology platform operators who assist us in delivering our services;
• Payment processors and financial services providers who handle transactions on our platform;
• Marketing and analytics platforms that help us understand service usage (de-identified where possible);
• Professional advisors including legal, accounting, and compliance advisors;
• Regulatory authorities including AHPRA, the TGA, and the OAIC, where required by law;
• Third parties where you have consented to the use or disclosure; and
• Any other party where required or authorised by law.

Overseas Disclosure of Personal Information

We may disclose your personal information to overseas service providers, including cloud storage, computing, and communication platforms whose infrastructure may be located outside Australia (such as in the United States or the European Union). These providers assist us in delivering our website, storing data, processing payments, and communicating with you.

We take reasonable steps to ensure that any overseas recipients handle your personal information in a manner consistent with the Australian Privacy Principles. By using our services, you consent to your personal information being disclosed to overseas recipients for these purposes.

Security of Personal Information

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.

Health information and clinical records collected through our services are retained for a minimum of 7 years from the date of the last service, in compliance with applicable Australian health records legislation. For other personal information not related to your clinical care, we will take reasonable steps to destroy or permanently de-identify it when it is no longer needed for the purpose for which it was collected and we are no longer required by law to retain it.

Access to your Personal Information

You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.

Lilith Elemental Pty Ltd will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.

In order to protect your Personal Information we may require identification from you before releasing the requested information.

Maintaining the Quality of your Personal Information

It is important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

Policy Updates

This Policy may change from time to time and is available on our website.

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy or how we have handled your personal information, please contact us in writing:

• Organisation: Lilith Elemental Pty Ltd
• ABN: 97 694 424 121
• Email: [email protected]

We will acknowledge your complaint promptly and endeavour to resolve it within 30 days. If additional time is required, we will notify you of the reason and the expected timeframe for resolution.

If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au/privacy/privacy-complaints
• Phone: 1300 363 992