Privacy Policy

From time to time Sonder is required to collect, hold, use and/or disclose personal information relating to individuals in the performance of its business activities.

Please note, Sonder has changed how information is stored and managed. Sonder has previously used a system called MasterCare to manage client records, as well as a number of other Client Management Systems. You may have previously provided consent for your information to be stored on MasterCare, which was administered by the Adelaide Primary Health Network. Please be advised that all previous client-related personal and clinical information will be migrated to Sonder’s new client management system, CareConnect, and all future information will also be stored in this system. CareConnect is Sonder’s fully integrated client record and is provided by Data Capture Experts. Only Sonder staff and a small number of specialist staff from Data Capture Experts contracted to manage the system, will have access to your records. All personal information collected by Sonder will be stored within Australia and all information is fully protected by the Privacy Act 1988 and the Australian Privacy Principles. If you have any questions related to the privacy of your information or the change advised in this notice, please email Sonder’s privacy officer at privacy@sonder.net.au


Purpose

From time to time Sonder is required to collect, hold, use and/or disclose personal information relating to individuals (including, but not limited to, its customers, contractors, suppliers and employees) in the performance of its business activities.

This webpage sets out Sonder’s policy in relation to the protection of personal information, as under the Privacy Act 1998 (Cth) the (“Act”) and the Australian Privacy Principles (“APPs”). The APPs regulate the handling of personal information. Sonder, as an organisation, is one APP entity for the purposes of privacy and the collection and use of information.

To learn about how Sonder collects and manages personal client information, view our Privacy Collection Notice


Scope

This policy applies to all employees, students, contractors and volunteers of Sonder. This policy does not apply to the collection, holding, use or disclosure of personal information that is an employee record.


Policy

Personal information includes information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

3.1.  Kinds of information that Sonder collects and holds

Sonder collects personal information that is reasonably necessary for one or more of its functions or activities.

The type of information that Sonder collects and holds may depend on your relationship with Sonder. For example:

  1. Candidate: if you are a candidate seeking employment with Sonder, Sonder may collect and hold information including your name, address, email address, contact telephone number, gender, age, employment history, references, resume, medical history, emergency contact, taxation details, qualifications and payment details.
  2. Client/Consumer: if you are a client or consumer of Sonder, Sonder may collect and hold information including your name, address, email address, contact telephone number, gender and age, as well as referral information to access health services delivered by Sonder and client case notes which briefly summarise the interventions provided.
  3. Supplier: if you are a supplier of Sonder, Sonder may collect and hold information including your name, address, email address, contact telephone number, business records, billing information, information about goods and services supplied by you.Referee: if you are a referee of a candidate being considered for employment by Sonder, Sonder may collect and hold information including your name, contact details, current employment information and professional opinion of candidate.
  4. Sensitive information: Sonder will only collect sensitive information where you consent to the collection of the information and the information is reasonably necessary for one or more of Sonder’s functions or activities. Sensitive information includes, but is not limited to, information or an opinion about racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preferences, criminal record, health information or genetic information, and some aspects of biometric information.

3.2.  How Sonder collects and holds personal information

Sonder must collect personal information only by lawful and fair means. Sonder will collect personal information directly from you if it is reasonable or practicable to do so.Sonder may collect personal information in a number of ways, including without limitation:

  • Through application forms, referral forms and relevant summaries of health services provided by others;
  • By email or other written mechanisms;
  • Over a telephone call;
  • In person;
  • Through transactions;
  • Through our website;
  • Through surveillance camera;
  • By technology that is used to support communications between us;
  • Through publicly available information sources (which may include telephone directories, the internet and social media sites);
  • Direct marketing database providers

When Sonder collects personal information about you through publicly available information sources, it will manage such information in accordance with the APPs.

At or before the time or, if it is not reasonably practicable, as soon as practicable after, Sonder collects personal information, Sonder must take such steps as are reasonable in the circumstances to either notify you or otherwise ensure that you are made aware of the following:

  • The identity and contact details of Sonder;
  • That Sonder has collected personal information from someone other than you or if you are unaware that such information has been collected;
  • That collection of personal information is required by Australian law, if it is;
  • The purpose for which Sonder collects the personal information;
  • The consequences if Sonder does not collect some or all of the personal information;
  • Any other third party to which Sonder may disclose the personal information;
  • That Sonder’s privacy policy contains information about how you may access and seek correction of personal information held by Sonder and how you may complain about a breach of the APPs; and
  • Whether Sonder is likely to disclose personal information to overseas recipients, and the countries in which those recipients are likely to be located.

Unsolicited Personal Information

Unsolicited personal information is personal information that Sonder receives which it did not solicit. Unless Sonder determines that it could have collected the personal information in line with the APPs or the information is contained within a Commonwealth record, it must destroy the information or ensure it is de-identified.

3.3.  Purposes for which Sonder collects, holds, uses and/or discloses personal information

Sonder will collect personal information if it is reasonably necessary for one or more of its functions or activities. The main purposes for which Sonder may collect, hold, use and/or disclose personal information may include but are not limited to:

  • Recruitment functions;
  • Customer service management;
  • Training and events;
  • Surveys and general research
  • Business relationship management; and
  • Service delivery.

Sonder may also collect, hold, use and/or disclose personal information if you consent or if required or authorised under law.

Direct marketing

Sonder may use or disclose personal information (other than sensitive information) about you for the purpose of direct marketing (for example, advising you of new goods and/or services being offered by Sonder).

Sonder may use or disclose sensitive information about you for the purpose of direct marketing if you have consented to the use or disclosure of the information for that purpose.

You can opt out of receiving direct marketing communications from Sonder by contacting the Privacy Officer in writing or if permissible accessing Sonder’s website and unsubscribing appropriately.

3.4. Disclosure of Personal Information

Sonder may disclose your personal information for any of the purposes for which it is was collected, as indicated under clause 6 of this policy, or where it is under a legal duty to do so.

Before Sonder discloses personal information about you to a third party, Sonder will take steps as are reasonable in the circumstances to ensure that the third party does not breach the APPs in relation to the information.

3.5. Access to personal information

If Sonder holds personal information about you, you may request access to that information by putting the request in writing and sending it to the Privacy Officer. Sonder will respond to any request within a reasonable period, and a charge may apply for giving access to the personal information.

There are certain circumstances in which Sonder may refuse to grant you access to the personal information. In such situations, Sonder will give you written notice that sets out:

  1. the reasons for the refusal; and
  2. the mechanisms available to you to make a complaint.

3.6. Correction of personal information

If Sonder holds personal information that is inaccurate, out-of-date, incomplete, irrelevant or misleading, it must take steps as are reasonable to correct the information.

If Sonder holds your personal information and you make a request in writing addressed to the Privacy Officer to correct the information, Sonder must take steps as are reasonable to correct the information and Sonder will respond to any request within a reasonable period.

There are certain circumstances in which Sonder may refuse to correct the personal information. In such situations Sonder will give you written notice that sets out:

  1. The reasons for the refusal; and
  2. The mechanisms available to you to make a complaint.

If Sonder corrects personal information that it has previously supplied to a third party and you request us to notify the third party of the correction, Sonder will take such steps as are reasonable to give that notification unless impracticable or unlawful to do so.

3.7. Integrity and security of personal information

Sonder will take such steps (if any) as are reasonable in the circumstances to ensure that the personal information that it:

  1. Collects is accurate, up-to-date and complete; and
  2. Uses or discloses is, having regard to the purpose of the use or disclose, accurate, up-to-date and complete.

Sonder will take steps as are reasonable in the circumstances to protect the personal information from misuse, interference, loss and from unauthorised access, modification or disclosure.

If Sonder holds personal information that it no longer needs for any purpose for which the information may be used or disclosed, the information is not contained in any Commonwealth record and Sonder is not required by law to retain the information, it will take such steps as are reasonable in the circumstances to destroy the information or to ensure it is de-identified.

3.8. Anonymity and Pseudonymity

You have the option of not identifying yourself, or using a pseudonym, when dealing with Sonder in relation to a particular matter. This does not apply:

  1. Where Sonder is required or authorised by or under an Australian law, or a court/tribunal order, to deal with individuals who have identified themselves; or where it is impracticable for Sonder to deal with individuals who have not identified themselves or who have used a pseudonym.
  2. In most circumstances involving health or social care, it is impracticable for Sonder to deal with a person who has not identified themselves or provided a pseudonym.
  3. Pseudonymity requires that an individual may deal with Sonder by using a name, term or descriptor that is different to the person’s actual name. The use of a pseudonym does not necessarily mean that an individual cannot be identified. The individual may choose to divulge their identity, or to volunteer personal information necessary to implement a particular transaction, such as credit information or an address. Personal information should only be linked to a pseudonym if this is required or authorised by law, it is impracticable to act differently, or the individual has consented to providing or linking the additional personal information. Sonder may also restrict access to personal information that is linked to your pseudonym to authorised personnel.

In certain circumstances if you do not provide Sonder with your personal information when requested, Sonder may not be able to respond to your request or provide you with the goods or services that you are requesting.

3.9. Complaints

You have a right to complain about Sonder’s handling of your personal information if you believe Sonder has breached the APPs. If you wish to make such a complaint to Sonder, you should first contact the Privacy Officer in writing. Your complaint will be dealt with in accordance with Sonder’s Feedback and Complaints Policy and Sonder will provide a response within a reasonable period. If you are unhappy with Sonder’s response to your complaint, you may refer your complaint to the Office of the Australian Information Commissioner.

3.10. Privacy Office Contact Details

Sonder’s Privacy Officer can be contacted in the following ways: