Privacy Policy

Quick Overview

  • We collect information you provide to us and information we gather when we interact with you
  • We use this information to provide our services and improve your experience
  • We protect your information using secure systems and processes
  • You have rights regarding your personal information, including access and correction rights

The information we collect

Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.

The types of personal information we may collect about you include:

  • basic identifying and contact information, such as your name, email or phone number;
  • details about payments to you from us and from you to us and other details of products and services you have purchased from us or we have purchased from you;
  • information you provide to us when you participate in any interactive features, including surveys, feedback forms, contests, promotions, activities or events;
  • your preferences in receiving marketing from us and our third parties and your communication preferences
  • if we need to verify your identity (for example, because we have a legal obligation to do so), your government-issued identification and proof of address documents;
  • if you access any software or websites we make available to you, details about your use of such platforms, which may include username and password details, your internet protocol (IP) address, your search queries or browsing behaviour (including through the use of cookies, tracking pixels, and other analytics tools); or
  • where you are a worker of ours or applying for a role with us, your professional history such as your previous positions and professional experience, or whether you hold required authorisations or licences (if applicable).

Sensitive information is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information. The types of sensitive information we collect include:

  • where you apply for a role with us:
    - results of criminal records checks; and
    - your professional registrations and associations (where applicable);
  • where our Platform is used for health services:
    - health information about patients which is configured by healthcare practitioners each time patients or healthcare practitioners use the Platform (e.g. Medicare details, medicine information, allergies, family health history and potential risk factors) but is not retained by the Platform; 
    - subject to patients’ prior consent, if the healthcare practitioner uses the AI Notes software available on the Platform, by taking a recording of health sessions, such recording retained by the Platform and converted into clinical notes for use by the healthcare practitioner; and
    - patient appointment history and/or records.

How we collect personal information

We collect personal information in a variety of ways, including:

  • when you provide it directly to us, including face-to-face, over the phone, over email, online, or via the Platform;
  • when you complete a form, such as registering for any events or newsletters, or responding to surveys;
  • when you complete a form, such as registering for any events or newsletters, or responding to surveys;
  • when you use any software or website we operate and make available to you (including from any analytics and cookie providers or marketing providers. See the "Cookies" section below for more detail on the use of cookies);
  • from third parties: where you are a healthcare practitioner or you use our Platform to access health services, from our analytics providers such as Google Analytics and [insert other analytics providers]; and where you are a patient and use our Platform to access health services, health information provided by your healthcare practitioner (subject to your consent); or
  • from publicly available sources.

Why we collect, hold, use and disclose personal information

We collect and use your personal information to run our business and provide our services as set out below.

Business operations
- To manage our relationship with you as a customer or supplier
- To process and deliver our products and services
- To handle your inquiries, support requests, and communications
- To maintain accurate records for billing and administration
- To verify your identity when required or permitted by law

Communication and support
- To respond to your questions and support requests
- To communicate important updates about our services
- To handle inquiries made through our website or platforms
- To manage your participation in surveys, feedback sessions, or events

Service improvement
- To conduct analytics and market research
- To improve our business operations and services
- To develop and enhance our applications and platforms
- To understand how our services are used

Marketing and promotions
- To send you promotional information about our services and events
- To inform you about products or services that may interest you
- To manage your marketing preferences
- To run competitions, promotions, and special offers
- To provide additional benefits to our customers

Employment purposes
- To assess employment applications
- To evaluate candidate qualifications
- To manage professional certifications and licences
- To maintain employment records

Legal and compliance
- To comply with our legal obligations
- To respond to court orders or legal processes
- To maintain required business records
- To fulfill regulatory requirements or reporting obligations
- To protect our legal rights and interests or as authorised by law

Our disclosures of personal information to third parties

Service providers
- IT service providers and data storage vendors, including email marketing service providers who assist us in delivering communications to you
- Web hosting and server providers
- Payment processorsMarketing and advertising providers
- Analytics providers

Business partners
- Our existing or potential agents
- Our business partners or contractors

Professional advisers
- Bankers
- Auditors
- Insurers and insurance brokers
- Legal advisers

Corporate transactions
If we merge with or are acquired by another company, or sell our business assets:
- Your information may be disclosed to our advisers
- Your information may be disclosed to the potential purchaser's advisers
- Your information may be included in the transferred assets

Legal and regulatory bodies
- Courts and tribunalsRegulatory authorities including as required for reporting obligations
- Law enforcement officers

Other parties
- Third parties you have authorised
- Emergency services when necessary
- Any other parties as required or permitted by law

Overseas disclosure

We may store personal information overseas. Including where our providers use sub-processors based in United States of America. Where we disclose your personal information to third parties, those third parties may also store, transfer or access personal information outside of Australia. We will only disclose your personal information overseas in accordance with the Australian Privacy Principles.

Your rights and controlling your personal information

Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to work with you as a customer or supplier of our business.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Restrict and unsubscribe: Every marketing email we send contains a functional unsubscribe link. You can opt out at any time by clicking that link, and we will action your request within 5 business days. You may also contact us using the details below to opt out of all marketing communications.

Access: You may request access to the personal information that we hold about you. An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.

Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.

Data Deletion: You have the right to request that we delete your personal information in certain circumstances, including when the information is no longer necessary for the purposes for which it was collected, you withdraw your consent, the information has been unlawfully processed, or deletion is required for legal compliance. To request deletion, please email [email protected] using the details provided in this Privacy Policy with sufficient detail to identify you and the specific information you want deleted. We will verify your identity, assess whether we are legally permitted to delete the information, and delete the requested information within a reasonable timeframe (typically within 30 days), notifying you in writing once complete. In some circumstances, we may not be able to delete your personal information if we are required or permitted by law to retain it for compliance with legal obligations (such as certain health records requirements), establishing or defending legal claims, protecting vital interests, or legitimate business purposes where retention is necessary and proportionate. Where we cannot delete all information due to legal retention requirements, we will delete what we can and inform you of what remains and why it must be retained.

Storage and security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.

User-Generated Content

We may enable you to post reviews, comments, photos and other user-generated content. Any content you choose to submit will be accessible by anyone, including third parties not associated with us. We have no control over how others may use or misuse information you make publicly available. We are not responsible for the privacy, security or accuracy of any user-generated content you choose to post or for the use or misuse of that information by any third parties.

Data Retention

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, including legal and regulatory obligations. As a general guide:

Health and clinical records are retained for a minimum of 7 years from the date of your last consultation with Everlab, or until you turn 25 if you were under 18 at the time of collection, whichever is later. Records may be retained beyond this period where clinically necessary for your ongoing care.

Account, billing and transaction records are retained for 7 years in accordance with our obligations under Australian tax law.

Marketing contact data is retained for as long as you remain an active subscriber. If you unsubscribe, your email address is moved to a suppression list and retained indefinitely solely to ensure your opt-out preference is honoured. All other associated marketing data is deleted or anonymised within 3 years of your last engagement with Everlab.

Where you have not become a patient or customer of Everlab, personal information collected through our website or quiz is retained for no longer than 3 years from collection, after which it is deleted or anonymised.

Cookies and Analytics

We may use cookies on our website from time to time. Cookies are text files placed in your computer's browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally identifiable information. However, they do recognise you when you return to our online website and allow third parties, such as Google, to cause our advertisements to appear on your social media and online media feeds as part of our retargeting campaigns. If and when you choose to provide our online website with personal information, this information may be linked to the data stored in the cookie.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

Google Analytics
We use Google Analytics to understand how people use our website. This involves cookies that collect information about your browsing activity. You can opt out of Google's advertising features through your Google account settings, browser add-ons, or your device's privacy settings. Google provides various tools and options to control how your data is used for advertising purposes. You can learn more about how Google uses your data and your available options on Google's privacy pages.

Meta advertising tools
We use Meta's advertising tools (such as Meta Pixel) to understand how our ads perform and to show you more relevant advertisements on Meta platforms like Facebook and Instagram when you visit our website or app. You can manage whether we connect information from our website

Links to other websites

Our website may contain links to other party’s websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Use of Artificial Intelligence (AI)

Overview: We may use artificial intelligence and machine learning technologies, including AI Technologies provided by third parties (AI Technologies) in our business operations and the provision of our Services via our Platform. We will only use AI Technologies when legally permitted and necessary for our business operations.

How we use AI Technologies: We may use AI Technologies for the following purposes: 

- where a patient consents to their healthcare practitioner’s use of the Platform, to record your consultations and produce file notes for your healthcare practitioner;
- to conduct analysis and processing; 
- to generate and modify content and coding;
- to improve and optimise our services and operations;
- to automate certain processes and communications, such as routine tasks;
- to personalise your experience with our services; 
- for quality assurance purposes; and 
- to assist with customer support and queries.


Data Protection and Security: Where we use service providers who provide AI Technologies to us, we will take reasonable steps to ensure that such service providers handle your personal information according to privacy law, including by ensuring that we have contracts in place requiring the service provider to protect personal information.We may input your personal information into platforms provided by AI Technology service providers which may then be used to train the service provider’s AI Technologies model based on that information. 

Deidentification Measures: Where technically feasible, we may implement deidentification measures to remove direct identifiers from personal information before it is processed by AI Technologies. However, we recognise that deidentification techniques may not eliminate all risks of re-identification. Accordingly, we treat all information processed by AI Technologies as personal information regardless of any deidentification measures applied, and we maintain all privacy protections and your rights as outlined in this Privacy Policy. 

Your Rights and our Commitments: We will treat information generated or inferred by the AI Technologies about individuals as personal information and you maintain all rights over your personal information as outlined in this Privacy Policy, regardless of whether AI Technologies are used in processing. When using AI Technologies with your personal information:

Transparency and control: we will inform you when AI Technologies are being used to make decisions that may significantly affect you. We will implement processes to verify the accuracy of AI-generated outputs and we will take reasonable steps to maintain human oversight and review of significant AI-generated decisions. Our staff are trained to understand the limitations of AI systems and verify outputs before they are relied upon; and 

Security: we implement appropriate technical and organisational measures to ensure that our use of AI Technologies maintains the security and integrity of your personal information. This includes regular testing and monitoring of AI outputs for accuracy and reliability; and

Risk mitigation: we regularly assess and document the risks associated with our use of AI Technologies in processing personal information and implement appropriate mitigation measures. This includes ongoing monitoring of AI Technologies and regular reviews of their performance and impact.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

For any questions or notices, please contact us at:
HCBRK Holding Pty Ltd (ABN 30 666 813 878)

Email: [email protected]

Everlab – Privacy Collection Notice

This Privacy Collection Notice describes how HC Operating Pty Ltd T/A everlab (ACN 664 282 553) (we, us or our) collects and handles your personal information when you make an enquiry with us. We collect personal information from you so that we can respond to your enquiry and for related purposes set out in our Privacy Policy, available on our website (or on request). 

We may disclose this personal information to third parties, including our personnel, related entities, any third parties engaged by us and acting on our behalf and as otherwise set out in our Privacy Policy. 

We store personal information in Australia. Where we disclose your personal information to third parties, those third parties may store, transfer or access personal information outside of Australia.

If you do not provide your personal information to us, it may affect our ability to do business with you.

Please see our Privacy Policy for more information about how we collect, store, use and disclose your personal information, including details about overseas disclosure, access, correction, how you can make a privacy-related complaint and our complaint-handling process. 

If you have questions about our privacy practices, please contact us by email at: [email protected]. By providing your personal information to us, you agree to the collection, use, storage and disclosure of that information as described in this privacy collection notice.

Privacy Policy

Quick Overview

  • We collect information you provide to us and information we gather when we interact with you.
  • We use this information to provide our services and improve your experience.
  • We protect your information using secure systems and processes.
  • You have rights regarding your personal information, including access and correction rights.

The Information We Collect

Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.

The types of personal information we may collect about you include:

  • Basic identifying and contact information, such as your name, email or phone number.
  • Details about payments to you from us and from you to us, and other details of products and services you have purchased from us or we have purchased from you.
  • Information you provide to us when you participate in any interactive features, including surveys, feedback forms, contests, promotions, activities or events.
  • Your preferences in receiving marketing from us and our third parties, and your communication preferences.
  • If we need to verify your identity (for example, because we have a legal obligation to do so), your government-issued identification and proof of address documents.
  • If you access any software or websites we make available to you, details about your use of such platforms, which may include username and password details, your internet protocol (IP) address, your search queries or browsing behaviour (including through the use of cookies, tracking pixels, and other analytics tools).
  • Where you are a worker of ours or applying for a role with us, your professional history such as your previous positions and professional experience, or whether you hold required authorisations or licences (if applicable).

Sensitive information is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.

The types of sensitive information we collect include:

  • Where you apply for a role with us:
    • Results of criminal records checks; and
    • Your professional registrations and associations (where applicable).
  • Where our Platform is used for health services:
    • Health information about patients which is configured by healthcare practitioners each time patients or healthcare practitioners use the Platform (e.g. Medicare details, medicine information, allergies, family health history and potential risk factors) but is not retained by the Platform.
    • Subject to patients' prior consent, if the healthcare practitioner uses the AI Notes software available on the Platform, by taking a recording of health sessions — such recording retained by the Platform and converted into clinical notes for use by the healthcare practitioner.
    • Patient appointment history and/or records.

How We Collect Personal Information

We collect personal information in a variety of ways, including:

  • When you provide it directly to us, including face-to-face, over the phone, over email, online, or via the Platform.
  • When you complete a form, such as registering for any events or newsletters, or responding to surveys.
  • When you use any software or website we operate and make available to you (including from any analytics and cookie providers or marketing providers — see the "Cookies" section below for more detail on the use of cookies).
  • From third parties:
    • Where you are a healthcare practitioner or you use our Platform to access health services, from our analytics providers such as Google Analytics; and Other tracking platforms.
    • Where you are a patient and use our Platform to access health services, health information provided by your healthcare practitioner (subject to your consent).
  • From publicly available sources.

Why We Collect, Hold, Use and Disclose Personal Information

We collect and use your personal information to run our business and provide our services as set out below.

Business Operations

  • To manage our relationship with you as a customer or supplier.
  • To process and deliver our products and services.
  • To handle your inquiries, support requests, and communications.
  • To maintain accurate records for billing and administration.
  • To verify your identity when required or permitted by law.

Communication and Support

  • To respond to your questions and support requests.
  • To communicate important updates about our services.
  • To handle inquiries made through our website or platforms.
  • To manage your participation in surveys, feedback sessions, or events.

Service Improvement

  • To conduct analytics and market research.
  • To improve our business operations and services.
  • To develop and enhance our applications and platforms.
  • To understand how our services are used.

Marketing and Promotions

  • To send you promotional information about our services and events.
  • To inform you about products or services that may interest you.
  • To manage your marketing preferences.
  • To run competitions, promotions, and special offers.
  • To provide additional benefits to our customers.

Employment Purposes

  • To assess employment applications.
  • To evaluate candidate qualifications.
  • To manage professional certifications and licences.
  • To maintain employment records.

Legal and Compliance

  • To comply with our legal obligations.
  • To respond to court orders or legal processes.
  • To maintain required business records.
  • To fulfill regulatory requirements or reporting obligations.
  • To protect our legal rights and interests, or as authorised by law.

Our Disclosures of Personal Information to Third Parties

We may disclose personal information to:

Service Providers

  • IT service providers
  • Data storage providers
  • Web hosting and server providers
  • Payment processors
  • Marketing and advertising providers
  • Analytics providers

Professional Advisers

  • Bankers
  • Auditors
  • Insurers and insurance brokers
  • Legal advisers

Business Partners

  • Our existing or potential agents
  • Our business partners or contractors

Corporate Transactions

If we merge with or are acquired by another company, or sell our business assets:

  • Your information may be disclosed to our advisers.
  • Your information may be disclosed to the potential purchaser's advisers.
  • Your information may be included in the transferred assets.

Legal and Regulatory Bodies

  • Courts and tribunals
  • Regulatory authorities, including as required for reporting obligations
  • Law enforcement officers

Other Parties

  • Third parties you have authorised
  • Emergency services when necessary
  • Any other parties as required or permitted by law

Overseas Disclosure

We may store personal information overseas, including where our providers use sub-processors based in the United States of America. Where we disclose your personal information to third parties, those third parties may also store, transfer or access personal information outside of Australia. We will only disclose your personal information overseas in accordance with the Australian Privacy Principles.

Your Rights and Controlling Your Personal Information

Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to work with you as a customer or supplier of our business.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person's consent to provide the personal information to us.

Restrict and unsubscribe: Every marketing email we send contains a functional unsubscribe link. You can opt out at any time by clicking that link, and we will action your request within 5 business days. You may also contact us using the details below to opt out of all marketing communications.

Access: You may request access to the personal information that we hold about you. An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.

Complaints

Step 1: Contact our privacy officer

Please include: your full name, contact details, clear details about your request or complaint, and any relevant dates or reference numbers.

Step 2: Our response

We will:

  • Verify your identity before processing your request.
  • Investigate thoroughly (for complaints) or process your request (for rights).
  • Respond to you in writing within reasonable timeframes.
  • Explain what actions we will take and keep you updated on progress.
  • Not charge you for making a request (except for reasonable access fees if applicable).
  • Help you understand and exercise your rights.

Step 3: If you're not satisfied (complaints only)

If you're not satisfied with our response to your complaint, you can:

  • Ask for a review by our senior management; or
  • Contact external bodies — Australian residents: Office of the Australian Information Commissioner (Phone: 1300 363 992, Website: www.oaic.gov.au).

This is the same process whether you want to access your information, correct mistakes, change marketing preferences, or make a complaint about our privacy practices.

Storage and Security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.

User-Generated Content

We may enable you to post reviews, comments, photos and other user-generated content. Any content you choose to submit will be accessible by anyone, including third parties not associated with us. We have no control over how others may use or misuse information you make publicly available. We are not responsible for the privacy, security or accuracy of any user-generated content you choose to post, or for the use or misuse of that information by any third parties.

Cookies and Analytics

What We Use

We use cookies, tracking pixels, and similar technologies on our website and in our emails to improve your experience and our services.

Cookies

  • Small text files stored on your device.
  • Help remember your preferences.
  • Enable certain website functions.
  • Make your interactions with our website more efficient.

Tracking Pixels

  • Tiny, invisible images in web pages and emails.
  • Help us understand how you interact with our content.
  • Allow us to measure email engagement.
  • Enable more relevant content delivery.

How We Use These Technologies

Essential Functions

  • Remember your login status.
  • Maintain your session security.
  • Store your preferences.
  • Enable core website features.

Analytics and Performance

  • Understand how our website is used.
  • Measure page views and traffic.
  • Analyse user navigation patterns.
  • Identify areas for improvement.

Personalisation

  • Remember your preferences.
  • Tailor content to your interests.
  • Improve your browsing experience.
  • Provide relevant recommendations.

Your Control

You can manage these technologies by:

  • Adjusting your browser settings to block or delete cookies.
  • Using privacy-focused browser extensions.
  • Configuring your email client to block images.
  • Using our cookie preference settings.

Note: Blocking all cookies may affect website functionality and your user experience.

Google Analytics

We use Google Analytics to understand how people use our website. This involves cookies that collect information about your browsing activity. You can opt out of Google's advertising features through your Google account settings, browser add-ons, or your device's privacy settings. Google provides various tools and options to control how your data is used for advertising purposes. You can learn more about how Google uses your data and your available options on Google's privacy pages.

Meta Advertising Tools

We use Meta's advertising tools (such as Meta Pixel) to understand how our ads perform and to show you more relevant advertisements on Meta platforms like Facebook and Instagram when you visit our website or app. You can manage whether we connect information from our website with your Meta account for advertising purposes by adjusting your settings within your Meta account preferences.

Links to Other Websites

Our website may contain links to other party's websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Data Retention

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, including legal and regulatory obligations. As a general guide:

Health and clinical records are retained for a minimum of 7 years from the date of your last consultation with Everlab, or until you turn 25 if you were under 18 at the time of collection, whichever is later. Records may be retained beyond this period where clinically necessary for your ongoing care.

Account, billing and transaction records are retained for 7 years in accordance with our obligations under Australian tax law.

Marketing contact data is retained for as long as you remain an active subscriber. If you unsubscribe, your email address is moved to a suppression list and retained indefinitely solely to ensure your opt-out preference is honoured. All other associated marketing data is deleted or anonymised within 3 years of your last engagement with Everlab.

Where you have not become a patient or customer of Everlab, personal information collected through our website or quiz is retained for no longer than 3 years from collection, after which it is deleted or anonymised.

Use of Artificial Intelligence (AI)

Overview: We may use artificial intelligence and machine learning technologies, including AI Technologies provided by third parties (AI Technologies), in our business operations and the provision of our Services via our Platform. We will only use AI Technologies when legally permitted and necessary for our business operations.

How we use AI Technologies: We may use AI Technologies for the following purposes:

  • Where a patient consents to their healthcare practitioner's use of the Platform, to record your consultations and produce file notes for your healthcare practitioner.
  • To conduct analysis and processing.
  • To generate and modify content and coding.
  • To improve and optimise our services and operations.
  • To automate certain processes and communications, such as routine tasks.
  • To personalise your experience with our services.
  • To respond to general enquiries about our services, pricing, and availability.
  • To assist with appointment scheduling and management.
  • To help process prescription requests and related workflows.
  • To improve the efficiency of our customer support services.
  • For quality assurance purposes.
  • To assist with customer support and queries.

Data Protection and Security: Where we use service providers who provide AI Technologies to us, we will take reasonable steps to ensure that such service providers handle your personal information according to privacy law, including by ensuring that we have contracts in place requiring the service provider to protect personal information.

We may input your personal information into platforms provided by AI Technology service providers which may then be used to train the service provider's AI Technologies model based on that information. We use third-party AI service providers to deliver these services. This may include providers based overseas, including in the United States. When we use these services, your personal information may be processed or stored overseas.

Deidentification Measures: Where technically feasible, we may implement deidentification measures to remove direct identifiers from personal information before it is processed by AI Technologies. However, we recognise that deidentification techniques may not eliminate all risks of re-identification. Accordingly, we treat all information processed by AI Technologies as personal information regardless of any deidentification measures applied, and we maintain all privacy protections and your rights as outlined in this Privacy Policy.

Your Rights and Our Commitments: We will treat information generated or inferred by the AI Technologies about individuals as personal information, and you maintain all rights over your personal information as outlined in this Privacy Policy, regardless of whether AI Technologies are used in processing. When using AI Technologies with your personal information:

  • Transparency and control: We will inform you when AI Technologies are being used to make decisions that may significantly affect you. We will implement processes to verify the accuracy of AI-generated outputs and we will take reasonable steps to maintain human oversight and review of significant AI-generated decisions. Our staff are trained to understand the limitations of AI systems and verify outputs before they are relied upon.
  • Security: We implement appropriate technical and organisational measures to ensure that our use of AI Technologies maintains the security and integrity of your personal information. This includes regular testing and monitoring of AI outputs for accuracy and reliability.
  • Risk mitigation: We regularly assess and document the risks associated with our use of AI Technologies in processing personal information and implement appropriate mitigation measures. This includes ongoing monitoring of AI Technologies and regular reviews of their performance and impact.

Data Deletion and Erasure Rights: You have the right to request that we delete your personal information in certain circumstances, including when:

  • The information is no longer necessary for the purposes for which it was collected.
  • You withdraw your consent.
  • The information has been unlawfully processed.
  • Deletion is required for legal compliance.

To request deletion, please contact our privacy officer using the details provided in this Privacy Policy with sufficient detail to identify you and the specific information you want deleted. We will verify your identity, assess whether we are legally permitted to delete the information, and delete the requested information within a reasonable timeframe (typically within 30 days), notifying you in writing once complete.

In some circumstances, we may not be able to delete your personal information if we are required or permitted by law to retain it for:

  • Compliance with legal obligations (such as taxation, corporate, or health records requirements).
  • Establishing or defending legal claims.
  • Protecting vital interests.
  • Legitimate business purposes where retention is necessary and proportionate.

Where we cannot delete all information due to legal retention requirements, we will delete what we can and inform you of what remains and why it must be retained, or may offer to de-identify your information so it can no longer be linked to you personally.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

For any questions or notices, please contact us at:

HCBRK Holding Pty Ltd (ABN 30 666 813 878)
Email: [email protected]

Everlab – Privacy Collection Notice

This Privacy Collection Notice describes how HC Operating Pty Ltd T/A everlab (ACN 664 282 553) (we, us or our) collects and handles your personal information when you make an enquiry with us. We collect personal information from you so that we can respond to your enquiry and for related purposes set out in our Privacy Policy, available on our website (or on request). 

We may disclose this personal information to third parties, including our personnel, related entities, any third parties engaged by us and acting on our behalf and as otherwise set out in our Privacy Policy. 

We store personal information in Australia. Where we disclose your personal information to third parties, those third parties may store, transfer or access personal information outside of Australia.

If you do not provide your personal information to us, it may affect our ability to do business with you.

Please see our Privacy Policy for more information about how we collect, store, use and disclose your personal information, including details about overseas disclosure, access, correction, how you can make a privacy-related complaint and our complaint-handling process. 

If you have questions about our privacy practices, please contact us by email at: [email protected]. By providing your personal information to us, you agree to the collection, use, storage and disclosure of that information as described in this privacy collection notice.