Terms and Conditions

Updated and Effective date: October 2021

Who we are

CareKernel and its subsidiaries and affiliates (“CareKernel” or “we”) wish to provide you with transparency and accountability on how CareKernel collects and uses your personal information and how you can affect CareKernel’ handling of your personal information.

This notice describes how CareKernel collects, uses, and discloses personal information about you, as set out below.  However, there are some aspects of this privacy notice that only apply to specified jurisdictions, which we have set out below in this notice.

The terms “personal data” and “personal information” mean any information that identifies, relates to, describes, or is reasonably capable of being associated with or linked to an individual or from which an individual can be identified together with other information in our possession or to which we have access. It does not include de-identified or anonymous data where such data is not capable of being used to re-identify any individuals.

CareKernel Support and Services

CareKernel provides software solutions for NDIS and Aged Care Providers/Companies. Our clients (providers) select what information is provided to CareKernel or to which CareKernel is given access. Specifically, in order to provide support/services, it is necessary for businesses that are CareKernel customers to allow CareKernel to have access to relevant data and to share relevant information with CareKernel. While providing cloud services and/or professional services, CareKernel may have visibility to systems where the customer end-users’ data is stored, as such access is required to perform services.

CareKernel has no direct relationship with the individuals whose personal data it processes. CareKernel does not own the information that is submitted to it. CareKernel uses the personal information only in ways compatible with the purpose for which it was uploaded by the provider companies using CareKernel software, to provide support and services and may also use this data in aggregate non-personally identifiable form as identified below.

Who does this policy apply to?

Applications for Employment, Independent Contractors and participants

CareKernel allows collection of personal data in the recruitment and hiring process in facilitating evaluation and management of staff, support workers and participants. Further details are set out below:

Information stored in CareKernel on Staff, Support Worker and participant:

  • The information  provided to providers in your curriculum vitae and covering letter;
  • The information  provided on the application form, such as; name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications; and
  • Any information provided to the providers during an interview/assessment.

CareKernel (through provider(s)) may also collect, store and use the following types of  personal information:

  • Information about criminal convictions and offenses;
  • Information about health, including any medical condition, medical history, health and sickness records; and/or
  • Information about race or ethnicity, religious beliefs, sexual orientation and political opinions.

We collect your personal data from the following sources:

  • You, the Provider
  • You, the staff/support worker.
  • You, the participant
  • Recruitment agencies, credit reference agencies and background check providers that we work with.
  • Your named references.
  • We may also obtained data from third parties when publicly accessible such as social media websites and news outlets source.

How we use your personal data and our purposes

  • Assess your skills, qualifications, and suitability for the role;
  • Carry out background and reference checks, where applicable;
  • Communicate with you about the recruitment process;
  • Keep records related to our hiring processes;
  • Keep records related to participant supports/services; and/or
  • Comply with legal or regulatory requirements.

Clients, Leads, Support Workers, Contractors/Sub-Contractors and Visitors to our website

CareKernel collects personal data in the course of operating its website, conducting marketing activities and discussing our relationship with current and potential customers and support workers. Details of the data processing for such activities are set out below:

Information collected

  • Identity Data includes first name, last name, username or similar identifier, log-in details, title,  affiliation and/or role at an organization.
  • Contact Data includes business address, delivery address, business email address and business telephone numbers.
  • Interaction Data includes data collected when you interact with us by phone, email or in person and may include your preferences, opinions, feedback and survey responses.
  • Technical Data includes internet protocol (IP) address, your login data, language, access times, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  • Usage Data includes information about how you use our website, products and services, and web beacons, customized links or similar technologies to determine whether an e-mail has been opened and which links you click on in order to provide you more focused e-mail communications or other information.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We collect your personal data from the following sources:

  • Direct interactions. You may give us your Identity, Contact, Interaction, Marketing and Communications Data by filling in forms or by corresponding with us by post, phone, email or otherwise:
    • apply for our products or services on behalf of an organization you are affiliated with;
    • request marketing to be sent to you; or
    • give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see the CareKernel Cookie Use Notice, https://www.carekernel.com/cookie-use-notice/, for further details.
  • Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources as set out below:
    • Technical Data from the following parties:
      • analytics providers such as Google;
      • advertising networks; and
      • search information providers.
    • Identity and Contact Data from data brokers or aggregators.
    • Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register.

How we use your personal data and our purposes

We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Purpose/Activity
Type of data
Lawful basis for processing

To register you and provide you with log in details to our products and services

  • (a) Identity
  • (b) Contact
  • (c) Interaction

Legitimate interest in use performing a contract with an organization that you are affiliated with

To manage our relationship with our customers and suppliers (who you may be affiliated with, e.g. an employee), including dealing with concerns or complaints you have raised with us

  • (a) Identity
  • (b) Contact
  • (c) Marketing and Communications
  • (d) Interaction
  • (a) Necessary to comply with a legal obligation
  • (b) Necessary for our legitimate interests, to keep our records updated and to study how customers use our products/services and where we have an agreement with an organization that you are affiliated with
  • (c) Necessary for our legitimate interests, to manage our relationship with our suppliers

To enable us to send you marketing material or for us to contact you to promote our business

  • (a) Identity
  • (b) Contact
  • (c) Usage
  • (d) Interaction
  • (a) Legitimate interests of promoting our business
  • (b) Consent

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

  • (a) Identity
  • (b) Contact
  • (c) Technical
  • (d) Usage
  • (a) Necessary for our legitimate interests, for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise
  • (b) Necessary to comply with a legal obligation

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

  • (a) Technical
  • (b) Usage

Necessary for our legitimate interests, to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy

Marketing

As set out above, from time to time, we may ask you to provide personal information, such as your e-mail address, name, home or work address or telephone number. We may also collect demographic information, such as your post code, age, gender, preferences, interests and favorites. We may also collect Usage and Technical data for the purpose of providing marketing materials to you.

When you receive newsletters or promotional e-mails from CareKernel, we may use web beacons, customized links or similar technologies to determine whether the e-mail has been opened and which links you click in order to provide you more focused e-mail communications or other information.

You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you by contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

Information sharing and International Transfer

We may share your information, including personal information:

  • within our corporate group of companies that are related by common ownership or control; and
  • with external third parties such as; companies that provide services to us, professional advisers, regulators, official authorities and law enforcement.

These companies are authorized to use your personal information only as necessary to provide these services to CareKernel(or under their own responsibilities in the case of regulators, official authorities and law enforcement). CareKernel is responsible for the processing of personal data it receives, and subsequently, transfers to a third party acting as an agent on its behalf. CareKernel may also use transfer personal data outside of Australia to countries that have been deemed to provide an adequate level of protection for personal data.

CareKernel is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). CareKernel may be required to disclose personal information in response to lawful requests by the FTC and other public authorities, including to meet national security and/or law enforcement requirements. In addition, CareKernel may share information as required by law, such as to comply with a subpoena, legal proceedings, or similar legal process or when CareKernel has reason to believe that disclosure is necessary to protect our rights, your safety and the safety of others or to investigate fraud.

Failure to provide personal data

If you fail to provide information when requested, this may impact our ability to take certain action. For example if you fail to provide information which is necessary for us to consider your employment application (such as evidence of qualifications or work history), we will not be able to process your application successfully.

Automated Decision-Making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

Retention

For support and services, we will retain your information for as long as the relevant customer’s account is active or as reasonably needed to provide services. For other data processing activities, we will retain and use your information only as reasonably necessary to utilize your information for our legitimate purposes, comply with our legal obligations, resolve disputes, enforce our agreements, and for disaster recovery purposes.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Deletion

You, as Staff/Support Worker and Client can request your provider to delete any information provided by you and stored on CareKernel.

If for any reason, you as Staff/Support Worker want to delete your account due to any reason(s), the account deletion can be initiated from the Mobile App and Web UI.

Legal basis for processing

In relation to applications for employment and independent contractors, the “How we use your personal data and our purposes” sections above correspond to the following legal bases for processing under applicable law:

  • where we need to perform the contract we have entered into with you, or in in anticipation of entering into a contract with you;
  • where we need to comply with a legal obligation; or
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interest.

Special Categories of Personal Data

We need to have further justification for collecting, storing and using this type of personal information. We may process special categories of personal information in limited circumstances, with your explicit written consent. We may also process special category information in the following circumstances:

  1. where CareKernel needs to carry out our legal obligations or exercise rights in relation to your employment or contract with us. This is our appropriate policy document explaining safeguards which we are required by law to maintain when processing such data and this processing is justified on the basis of paragraph 1 (Employment, social security and social protection); and/or
  1. where it is needed due to substantial public interest, such as for ensuring equal opportunities or in relation to our occupational pension scheme or preventing or detecting an unlawful act. This is our appropriate policy document explaining safeguards which we are required by law to maintain when processing such data and this processing is justified on the basis of paragraphs 8 (Equal opportunity of treatment), 9 (Racial and ethnic diversity at senior levels of organizations) and/or 10 (Preventing or detecting unlawful acts)

Less commonly, CareKernel may process this type of information where:

  • it is needed in relation to legal claims; or
  • you have already made the information manifestly public.

If your application is unsuccessful CareKernel may retain your special category information for up to 2 years after CareKernel has communicated to you our decision about whether to appoint you to the role for which you have applied to ensure that we can establish, exercise or defend any legal claims.  Access to such personal information will be restricted from the point at which we have communicated to you our decision about whether to appoint you to the role for which you have applied.

Change of Purpose

When CareKernel acts as a controller of personal data, we will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. We will inform you if we intend to use your personal data in a materially different way than is disclosed in this Privacy Policy.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Changes to this Policy

CareKernel may revise or update this privacy policy from time to time to reflect changes to our practices. If we make any material changes we will provide notification through the company’s website prior to the change taking effect. You should refer to this page for the latest information and the effective date of any changes.

Links to third party websites

Our site links to other websites whose privacy practices may differ from those of CareKernel. If you submit personal information on any of those sites, your information is governed by their privacy policies. We do not control these third-party websites and are not responsible for their privacy statements.

Independent recourse mechanism and right to make a complaint

Any Questions or concerns about how CareKernel handles personal data should be directed to the Legal Team:

info@carekernel.com

If you believe that we have breached this policy, then you should make a complaint to us in the first instance. Please address your complaint in writing to the email address provided in the “Contact Us” section below and provide as much detail as possible about the circumstances that you believe amount to a breach. On receiving a complaint we will undertake an internal investigation and we may contact you if we need to obtain any further information in relation to your complaint. We will provide a written response to your complaint as soon as practical and within 30 days of receiving your compliant.

If you are unhappy with our response, you have the right to make a complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted by telephone on 1300 363 992. Full contact details for the OAIC can be found on its website at www.oaic.gov.au.

Streamline your NDIS operations with CareKernel automating admin, optimising care.

Quick Links
About UsFAQsContact Us
Features
Compliance ManagementCRMBilling and InvoicingCollaborationClient Lifecycle ManagementMany more...
Enquiries
info@carekernel.com
1800 953 066
Level 14, 275 Alfred Street,
 North Sydney, NSW 2060
Copyright © by The Trustee for Eminent Group, trading as CareKernel. ABN 65719323765. All Rights Reserved.
Terms & conditionsPrivacy🍪 Cookies

Scan QR to download the app

Scan to Download from
Scan to Download from