top of page

Privacy Policy

Last Updated: 29 September 2025

1. Our Commitment to Your Privacy
 
This Privacy Policy outlines how Global Senses Group (ABN 68671734713) ("we", "us", "our") collects, holds, uses, and discloses your personal information. We are committed to protecting your privacy and handling your information in an open and transparent manner, in accordance with the Privacy Act 1988 (Cth) (the "Privacy Act") and the Australian Privacy Principles (APPs).


As a provider of health services, we understand the importance of protecting your personal information, particularly your "sensitive information," which includes "health information." We adhere to the highest standards of privacy and confidentiality as required by Australian law for all health service providers.
 
2. Application of this Policy
 
This Privacy Policy applies to all personal information collected by us through our website located at www.globalsensesgroup.com (the "Website") and any related services, products, or communications (collectively, the "Services").


By accessing our Website or using our Services, you consent to the collection, use, and disclosure of your personal information in accordance with this Privacy Policy. If you do not agree with the terms of this policy, you must not use our Services.
 
3. The Information We Collect and Hold
 
We collect personal information that is reasonably necessary for us to provide our Services to you. The types of information we may collect and hold are defined by the Privacy Act and are categorised below.

  • Personal Information: This is defined in the Privacy Act as information or an opinion about an identified individual, or an individual who is reasonably identifiable.

  • Sensitive Information: This is a subset of personal information that is given a higher level of protection under the law. It includes information about an individual's health, genetics, or racial or ethnic origin.

  • Health Information: This is a type of sensitive information and includes any information or opinion about the health or a disability of an individual, or a health service provided to an individual.


The specific types of information we may collect include:

  • Identity and Contact Information: Your full name, date of birth, gender, email address, telephone number, and residential address.

  • Health Information: Information about your medical conditions, symptoms, medical history, consultation notes, test results, prescribed medications, and other government-related identifiers relevant to health services.

  • Payment Information: Credit or debit card details and billing address. This information is collected and processed by our secure third-party payment gateway provider, Stripe. We do not store your full credit card details on our servers.

  • Technical Information: Your Internet Protocol (IP) address, device type, browser information, geo-location data, and statistics on page views and traffic to and from our Website, often collected automatically through cookies.

  • Communications: Any information you provide when you communicate with us, including records of correspondence, feedback, or responses to surveys.

Summary of Personal Information Handling

Type of Information

Purpose of Collection (Primary Purpose)

Potential Third-Party Disclosures

Identity & Contact Data

To create and manage your account, provide customer support, communicate with you about the Services, and verify your identity.

None, unless required or authorised by law.

Health Information

To provide our core health Services, facilitate consultations, maintain accurate clinical records, and ensure the quality and safety of the Services provided.

Your nominated healthcare professionals (only with your explicit consent); our clinical staff (on a need-to-know basis).

Payment Information

To process payments for our Services and prevent fraudulent transactions.

Our secure payment gateway provider (Stripe); financial institutions.

Technical Data

To operate, secure, and improve our Website and Services; to monitor for security threats; to perform data analytics and understand user engagement.

Our website hosting and cloud service providers (AWS, Google); analytics providers (Google).

Communications & Service Data

To respond to enquiries, provide support, and generate insights or analysis to enhance our Services.

Artificial intelligence and data analysis tool providers under strict confidentiality obligations.

4. How We Collect Your Information
 
We collect your personal information through various methods, always ensuring the collection is fair and lawful.

  • Directly from You: The majority of information we collect is provided directly by you when you register for an account, complete forms on our Website, use our Services, or communicate with us.

  • Automatically: When you visit and interact with our Website, we may automatically collect Technical Information using cookies and similar tracking technologies.

  • From Third Parties: In some circumstances, we may collect personal information about you from a third party, for example, from your treating doctor or another healthcare provider. We will only do this with your explicit consent or where otherwise permitted by law.

 
5. How We Use and Disclose Your Information
 
We use and disclose your personal information in strict accordance with the APPs.

  • Primary Purpose: We will use your personal information for the primary purpose for which it was collected, which is to provide you with our health Services, manage your account, process payments, and communicate with you.

  • Secondary Purposes: We will not use or disclose your sensitive health information for a secondary purpose unless you have provided explicit consent, it is directly related to the primary purpose, or an exception under Australian law applies (e.g., to prevent a serious threat to life or health).

  • Disclosure to Third Parties: We may disclose your personal information to the following categories of third parties:

    • Our employees, contractors, or related entities who require the information to assist us in providing the Services.

    • Third-party service providers who perform functions on our behalf, such as:

      • Payment Processing: Stripe.

      • IT & Cloud Services: Amazon Web Services (AWS), Google.

      • Data Analytics & AI: Google

    • Your nominated healthcare professionals, but only with your explicit consent.

    • Government agencies, regulatory bodies, or law enforcement agencies, where required or authorised by law.

 
6. Direct Marketing
 
We will only use your personal information for direct marketing purposes if you have consented or have a reasonable expectation that we will use your information for this purpose. We will not use your sensitive health information for direct marketing without your explicit consent. Every marketing communication will include a clear method for you to opt-out.
 
7. Cookies and Analytics
 
Our Website uses cookies to ensure proper functioning, remember your preferences, and gather aggregated data about website traffic to improve our Services. We use third-party services, such as Google Analytics, for this purpose. This information is typically de-identified and does not include sensitive health information.
 
8. Cross-Border Disclosure of Information
 
We are committed to keeping your data secure and local. To the greatest extent possible, your personal and sensitive health information is stored on secure servers located within Australia.


However, to provide our full range of Services, we rely on certain third-party service providers whose servers may be located internationally. These providers include Stripe (for payment processing), Google (for data analysis), and AWS and Google (for cloud infrastructure and IT services). The use of these services may constitute a "cross-border disclosure" under APP 8 of the Privacy Act.


Whenever we disclose personal information to an overseas recipient, we take reasonable steps to ensure that the recipient handles your information in a manner consistent with the Australian Privacy Principles. This includes entering into data processing agreements that enforce compliance with Australian data protection standards. By using our Services, you consent to the potential disclosure of your personal information to these overseas recipients for the limited purposes of enabling their services.
 
9. Data Security and Retention
 
We take our data security obligations under APP 11 very seriously. We implement reasonable steps to protect the personal information we hold from misuse, interference, loss, and from unauthorised access, modification, or disclosure. These steps include:

  • Technical Measures: We use industry-standard security protocols such as SSL to encrypt data in transit and at rest. We employ firewalls, access control mechanisms, and other measures to prevent unauthorised access.

  • Administrative Measures: Access to personal information, particularly health information, is restricted to authorised personnel on a strict "need-to-know" basis. All staff receive regular training on their privacy and security obligations.

  • Data Retention: We retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by Australian law (such as health records retention requirements). Once no longer needed, we take reasonable steps to securely destroy or permanently de-identify it.

 
10. Your Rights: Accessing and Correcting Your Information
 
You have a right to access and correct the personal information we hold about you under APP 12 and APP 13.

  • Access: You may request access to your personal information by contacting our Privacy Officer. We will respond within a reasonable period (typically 30 days) and will require you to verify your identity.

  • Correction: If you believe that any personal information, we hold about you is inaccurate, out-of-date, or incomplete, you may request that we correct it.

 
11. Data Breach Response Plan
 
We have a comprehensive data breach response plan to ensure we comply with the Notifiable Data Breaches (NDB) scheme. In the event of a data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable.
 
12. How to Make a Complaint
 
If you have a complaint about how we have handled your personal information, please direct it in writing to our Privacy Officer. We will investigate and provide a formal response within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
 
13. Contacting Us
 
For any questions, concerns, or requests relating to this Privacy Policy, please contact our Privacy Officer:

  • Title: Privacy Officer

  • Email: info@getgsg.com

  • Mailing Address: PO Box 5227 Middle Park VIC 3206

 
14. Policy Updates
 
We may update this Privacy Policy from time to time. The latest version will always be available on our Website. We will notify you of any material changes by posting a notice on our Website or by sending you an email.

bottom of page