1. Introduction
At DermPro, we take your privacy seriously and are committed to handling your personal and health information responsibly. We follow the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, store, use, and share your personal and health information when you use the DermPro app and related services.
If you have any questions, please contact our Privacy Officer using the details provided in Section 12. By using DermPro, you consent to how your information is collected and processed as described here. If you're not in agreement, we advise pausing your use of our Services.
2. Information We Collect
2.1 Information You Share With Us
When you register for an account, you provide essential information, including your full name, date of birth, email address, and optionally, your mobile number. With your consent, we may also collect health information such as photographs of skin lesions, lesion location, skin type, risk assessment data, assessment results, and notes about skin concerns.
If you make purchases within the app, we collect billing details, payment card information (processed securely by our provider), and transaction history. Optional profile details may include a profile picture, gender, preferred language, and location.
2.2 What We Collect Automatically
When you use DermPro, some information is gathered automatically. This includes device details (such as model and operating system), IP address, general location, app usage patterns, performance data (including crashes and response times), and network information.
3. How DermPro Uses Your Information
3.1 Core Purposes
We use your information to provide and improve our services. Key uses include:
- Skin Health Assessment: Analysing skin lesion photographs with our AI to provide risk indications.
- Health Monitoring: Storing images and results to track changes over time and help you manage your skin health.
- Service Communication: Sending assessment results, reminders, notifications, and important service updates.
- Customer Support: Responding to inquiries, resolving issues, and providing technical assistance.
3.2 Additional Purposes
- Service Improvement: Analysing feedback and usage to enhance app functionality and user experience.
- Research & Development: With your consent, anonymised data may be used to improve algorithms, support clinical research, and advance skin cancer detection methods.
- Communication & Education: Sharing service updates, health education, or subscription information. Marketing communications are only sent with your consent, and you may opt out at any time.
- Legal Compliance: Using information as required by Australian law to respond to legal requests, enforce our terms, or protect rights and safety.
3.3 Legal Basis
We process your personal information based on:
- Consent: You provide explicit permission for the collection and use of health information.
- Contractual Necessity: Information is needed to deliver the services you request.
- Legal Obligations: Compliance with privacy and healthcare regulations.
- Legitimate Interests: Protecting our systems, preventing fraud, and improving service delivery.
4. How DermPro Shares Your Information
DermPro works with carefully selected third-party service providers who process data on our behalf under strict confidentiality agreements.
4.1 Service Providers
- Technology & Analytics: Tools like Firebase for performance monitoring and notifications.
- Payment Processing: Providers such as Stripe manage payments securely but do not access health information.
4.2 Legal Disclosures
We may disclose your information if required by Australian law, court order, or to protect health and safety during emergencies. DermPro never sells personal or health information for marketing purposes.
5. Data Security
5.1 Protection Measures
We use industry-standard security measures to safeguard your data:
- Encryption: All data transmitted to our servers is encrypted, and information is encrypted at rest.
- Access Controls: Only authorised personnel can access your data for legitimate purposes.
- Secure Infrastructure: Servers are hosted in secure data centres with firewalls, intrusion detection, and monitoring.
- Database Separation: Health data and account information are stored in separate, protected systems.
- Regular Audits: Security assessments and updates are conducted to address evolving risks.
5.2 Data Storage
Your data is stored primarily in Australia, with backups in other secure facilities that meet equivalent privacy standards. International transfers are governed by contracts ensuring proper safeguards.
6. Data Retention
- Active Accounts: Information is retained while your account is active and required to provide services.
- Deleted Accounts: When you delete your account, information is kept for up to 12 months for recovery and legal compliance. Personal identifiers are removed afterward.
- Research Data: Anonymised skin images may be retained indefinitely for research and algorithm development.
- Pathology Reports: Voluntarily submitted reports are anonymised upon deletion and retained solely for research.
- Legal Retention: Certain data may be retained longer if required by Australian law or to protect legal rights.
7. User Rights and Choices
Under the Privacy Act and APPs, users have the following rights:
- Access and Correction: You can request to view your data and update any inaccuracies. Responses are provided within 30 days, and a reasonable fee may apply.
- Account Management: Update profile details and preferences in the app settings.
- Consent Withdrawal: You can withdraw consent for marketing, analytics, or research, but core health data processing is necessary for assessments.
- Account Deletion: Request deletion of your account and associated data; requests are processed within 30 days.
- Anonymity: Where possible, you may interact anonymously, but skin assessments require personal and health information.
8. Special Considerations
- Age Restrictions: DermPro is for users 18 years and older. Data from children under 18 is deleted promptly if discovered.
- Sensitive Information: Skin photos and assessments are sensitive health information. We collect this only with consent and store it securely.
- Third-Party Restrictions: DermPro is for your personal use; do not assess another person's skin, as this may breach privacy rights.
9. Research and Algorithm Development
- Internal Research: Anonymised photos are used to improve AI accuracy for detecting skin cancer patterns.
- External Research: Aggregated, fully anonymised data may be shared with approved research institutions in Australia.
- Clinical Studies: Separate informed consent is obtained for study participation, and data is used only as specified.
All research complies with the Privacy Act, NHMRC guidelines, and applicable ethical standards.
10. Cookies and Tracking Technologies
Our website uses cookies and similar tools to improve functionality and analyse usage. You can adjust cookie settings in your browser. For more information, see our Cookie Policy.
11. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in practices or law. Material changes will be communicated through the app or via email. We recommend reviewing this policy regularly.
12. Complaints and Contact Information
Privacy Officer:
Email: info@dermpro.com.au
We acknowledge complaints within 7 days and provide a response within 30 days.
Office of the Australian Information Commissioner (OAIC):
Email: enquiries@oaic.gov.au
Website: www.oaic.gov.au