Skip to main content
Privacy Policy

What we do to protect your privacy

Tate Johnson avatar
Written by Tate Johnson
Updated over a year ago

The Lookout Way recognise the privilege you give us when you entrust us with your data. We are committed to protecting your privacy and developing technology that gives you the most powerful and safe online experience.

You are encouraged to provide feedback about this policy or make a complaint if you become aware of a breach. We will notify you if we become aware of breach that includes your data and what we have done to remediate it.

Collection

We collect data directly from you when you join our platform, or from your care organisation when they enter you in to our platform. We also collect data from you when you use our apps or website, or from the people supporting you when they use our apps or app website.

We collect different kinds of data about you depending on your role in the platform and the capabilities you have. For example, we'll collect sensitive information about a customer receiving services, but we wouldn't collect sensitive information about a customer's family member who is not receiving services. Typical examples of the kinds of data we collect are:

If you are a customer receiving services:

  • Contact information such as name, preferred name, email, telephone, and address

  • Data of birth

  • Government agency identifiers such as My Aged Care account number, NDIS number (Only if you participate in a Government scheme)

  • Billing information such as bank account or credit card numbers (Only if you are paying privately or making contributions)

  • Financial information such as subsidies received (Only if you participate in a Government scheme)

  • Sensitive health and medical information such as care plans, progress notes, observations, surveys, and the services you're receiving

  • Metrics from devices such as Umps (Only if you choose to connect these devices to our platform)

If you are a family member or trusted person supporting a customer receiving services:

  • Contact information such as name, preferred name, email, telephone, and address

  • Billing information such as bank account or credit card numbers (If you are paying privately or making contributions)

If you are a support worker or health professional providing services, or an office worker supporting the provision of services:

  • Contact information such as name, preferred name, email, telephone, and address

  • Background checks such as National Police Check, NDIS Worker Screening Check, Working with Children Check, Driver's license

  • Qualifications such as proof of enrolment, proof of attainment

  • Immunisation information such as history and exemptions

If you use our apps, app website, or marketing website:

  • Cookies

  • IP address

  • User agent and diagnostics (E.g. App version, browser version, exception reporting)

  • Pages/screens visited and the date and time they were visited

We will not collect any other data from you or about you, unless you consent to the collection of this data.

Use and disclosure

We use your data to:

  • Provide your care organisation with a platform to plan, deliver, coordinate, monitor, and measure your support if you are a customer receiving services (or a family member or trusted person supporting the customer receiving services)

  • Allow you to provide services if you are a support worker or health professional

  • Assist you with queries, feedback, complaints, or devices you have connected to us

  • Comply with legal or regulatory obligations imposed on us

  • To improve our platform, conduct internal audits, compile internal performance reports, and measure our marketing campaigns from time-to-time

We do not use or disclose your data for any other purposes unless you have consented to the use or disclosure; or we believe on reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to your life, health or safety, or a serious threat to public health or public safety; or the use or disclosure is otherwise required by law. We will notify you when this happens unless we are prevented from doing so. We do not sell, rent, or lease your data.

Access and correction

In most cases you can gain access to your data held by us, including your health and medical information. You can use our apps or app website to access some of your data, or you can make a request to access all of your data. We will take reasonable steps to amend or correct your data to keep it accurate and current.

Security and storage

We encrypt all your data via Transport Security Layer (TLS) when it's transmitted from your app (or browser) to our servers, or when your data is transmitted between our servers (and sub-processors) to operate our platform.

We encrypt some of your sensitive data (e.g. date of birth) live in our platform, but most data is not encrypted while it's live in our platform. We encrypt all your data in our file storage and database backups.

Our employees (and contractors) are bound by a code of conduct to uphold the confidentiality of your data. We follow best practices such as using a password manager with long and unguessable passwords, securing accounts with a second factor of authentication, and limiting access to systems on a per role basis.

We log the last 15 days of access to our systems by user (or IP address) so we can verify that no unauthorised access has happened. We store your data in controlled facilities in Australia and the United States of America which means your data may be transferred outside of Australia.

Website cookies

We use first-party cookies in our apps and app website to keep you logged in between sessions. We use third party cookies in our marketing website to measure the effectiveness of campaigns we run from time-to-time.

App permissions

We prompt you to turn on push notifications so we can notify you when someone comments, or you can get reminded upcoming service. You can opt out of these per device, or you can control whether you get these as push notifications, emails, or not at all.

Emails and pixels

We send you emails so we can notify you when someone comments, or when you get reminded about an upcoming service. You can opt out of these, or control whether you get them as push notifications, emails, or not at all. We do not use pixels in emails sent from our app or app website.

We send you marketing emails if you opt-in to hearing more from us. We always include a link to opt-out and we embed pixels in marketing emails to measure the effectiveness of campaigns from time-to-time.

Making a request for your data

You can make a request about the data we hold about you by sending an email to [email protected].

Giving feedback or making a complaint

You are encouraged to provide feedback about this policy or make a complaint if you know of a breach to this policy by sending an email to [email protected].

Did this answer your question?