Last updated: 01/10/2025
PAnellie Pty Ltd ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, store, use, and disclose personal information when you use our website (www.panellie.com), our clinical management platform, mobile applications, and related services (collectively, the "Services").
We comply with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and where applicable, GDPR (European Union/UK), and HIPAA (healthcare data).
By using our Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.
1. What Information We Collect
We may collect the following types of information:
A) Personal Information
Name, email address, phone number
Company/practice name
Account login credentials
Billing address and payment details
B) Client Health Information (Sensitive Data)
When used by allied health professionals, we may process:
Client names and demographics
Clinical notes, diagnoses, and session data
Billing identifiers (e.g., NDIS number, Medicare number)
Sensitive health data is encrypted at rest and in transit.
C) Technical & Usage Information
IP address, browser type, device details
Pages visited and referral source
Login timestamps and activity logs (for security & compliance)
D) Transaction Information
Purchases, subscription details, invoices
E) Tracking & Analytics Data
Collected via:
Cookies
Google Analytics & Google Pixel
Meta Pixel (Facebook/Instagram)
LinkedIn Insight Tag
2. How We Collect Your Information
We collect information through:
Account registration and subscription sign-up
Direct communication (email, forms, customer support)
Use of our Services (data input, uploads, clinical notes)
Automatically, via cookies and tracking technologies
Third-party service providers (e.g., payment processors, hosting providers)
3. Why We Collect and Use Your Information
We collect and use information for purposes including:
Providing, maintaining, and improving our Services
Processing payments and subscriptions
Securely storing client and clinical data
Responding to enquiries and providing customer support
Sending service updates, invoices, and important notifications
Monitoring performance and troubleshooting issues
Marketing and advertising (with user consent, where required)
Compliance with legal, professional, and regulatory requirements
We do not sell personal or client health data.
4. Use of Tracking Technologies (Meta Pixel, LinkedIn Insight Tag & Google Pixel)
Our Services use the following tracking tools:
Meta Pixel (Facebook/Instagram) and LinkedIn Insight Tag:
These collect device, browser, IP address, and page visit data to:
Measure and optimise ad campaigns
Build remarketing audiences
Analyse performance of content and campaigns
Google Pixel & Google Analytics/Ads:
These tools allow us to:
Measure the effectiveness of advertising campaigns
Deliver more relevant ads (remarketing/retargeting)
Track website conversions and user interactions
Important:
We do not place advertising pixels on pages where users enter sensitive health or financial data.
You can control or opt out of personalised ads in your Google, Meta, or LinkedIn account settings, or via browser settings.
5. Legal Basis for Processing (GDPR/UK users)
For users in the EU or UK, processing is based on:
Your consent (Art. 6(1)(a))
Contractual necessity (Art. 6(1)(b))
Legal obligations (Art. 6(1)(c))
Legitimate interests (Art. 6(1)(f))
6. Disclosure of Personal Information
We may share personal information with:
Service providers (e.g., hosting, cloud storage, analytics, payment processors)
Third-party platforms (Meta, Google, LinkedIn) for analytics/advertising
Regulators, law enforcement, or legal authorities when required by law
Business partners, in the event of a merger or acquisition
Some third parties may be located overseas (e.g., USA, EU). We take reasonable steps to ensure data is handled in accordance with the APPs, GDPR, or equivalent standards.
7. Data Storage and Security
We follow industry best practices:
SSL encryption in transit
AES-256 encryption at rest
Role-based access controls
Regular penetration testing and backups
Data is stored on secure servers located in Australia or other jurisdictions with adequate protections.
8. Access, Correction, and Your Rights
You have the right to:
Request access to your personal information
Correct inaccurate data
Request deletion or anonymisation (subject to legal obligations)
Withdraw consent to certain uses
Object to processing for direct marketing
To exercise these rights, contact us (see Section 15).
9. Cookies and Consent
We use cookies to:
Enhance user experience
Track usage and analytics
Enable secure sessions
If you are in the EU/UK, a cookie consent banner will be presented before non-essential cookies are stored.
You may disable cookies in your browser, but some features may not function properly.
10. Data Retention
We retain information:
For the duration of your account
As required by law (e.g., NDIS, Medicare record-keeping obligations)
Up to 7 years after account closure (unless otherwise required)
Data will then be securely deleted or anonymised.
11. Children’s Privacy
PAnellie is intended for use by healthcare professionals, not minors. Any client data involving children must be entered by qualified professionals with proper consent.
12. Third-Party Services
We may integrate with external services (e.g., Stripe, Xero, Medicare APIs). Each has its own privacy policy, which should be reviewed separately.
13. Updates to This Policy
We may update this Privacy Policy from time to time. Updates will be posted on our website and/or communicated by email or in-app notifications. The updated date will always be shown at the top of this page.
14. Contact Us
For any questions about this Privacy Policy or to exercise your privacy rights, please contact:
PAnellie Privacy Officer
Email: support@panellie.com
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.