Privacy Policy

1. General 

  1. Protecting your Personal Information is our priority. This Privacy Policy applies to Neurotone AI, Inc. (“Neurotone”, “we”, “us” and “our”) and governs our collection, disclosure, storage and usage of your Personal Information when you interact with us or use:
  1. Please read this Policy carefully, because by using the Site and/or Platform, you are acknowledging that you understand and agree to the terms of this Policy, and consent to the types of information and the manner in which we may collect, use and disclose such information. If you do not agree to the terms of this Policy, please do not use the Site or Platform.  Depending on where you're located, additional terms in the appendices may also apply to you.
  2. In certain situations, we may be considered a Business Associate as defined by HIPAA (the USA federal Health Insurance Portability and Accountability Act) of certain Covered Entities (as also defined in HIPAA), and as such we may have certain federal, state and contractual restrictions on how we can use your Protected Health Information (“PHI”).  When acting as a Business Associate, we may only use or disclose your PHI or Personal Information as required by law or as permitted by the Business Associate Agreement (“BAA”) that we have in place with a specific Covered Entity. Please be aware that when you give other individuals access to your PHI or Personal Information, they may be able to use, reproduce, distribute, display, transmit, and/or communicate the data to others and the public.  We shall not have any responsibility for access, use, or disclosure of your PHI or Personal Information by people you authorized to have access to your user account.
  3. If you are using the Site or Platform in coordination with a healthcare provider (“Medical Provider”), you are granting access to and use of your PHI and Personal Information to the Medical Providers and their personnel.  You expressly consent to the access, use and disclosures outlined in this policy.

2. Collection of your Personal Information

  1. In order to better provide you with products and services offered, Neurotone may collect personally identifiable information, such as your:
    • First and Last Name
    • Billing Address
    • E-mail Address
    • Phone Number
  1. If you purchase Neurotone’s products and services, we may collect personal information through our payment processor, Stripe, Inc.  The types of information we may collect include technical metadata, billing and shipping information (where applicable), email addresses, phone numbers and full credit card details (tokenized for security).  All payment information is securely stored by our payment processor.  For more information on how Stripe collects, uses, stores and discloses your personal information, please see their privacy policy available at https://stripe.com/au/privacy.  
  2. We do not collect any Personal Information about you unless you voluntarily provide it to us.  However, you may be required to provide certain Personal Information to us when you elect to use certain products or services. These may include: 
    • registering for an account; 
    • signing up for special offers from selected third parties; 
    • sending us an email message; or 
    • submitting your credit card or other payment information via Stripe when ordering and purchasing products and services. 
  3. To wit, we will use your information for, but not limited to, communicating with you in relation to services and/or products you have requested from us. We also may gather additional Personal or non-Personal Information in the future.

3. Use of your Personal Information

  1. Neurotone collects and uses your Personal Information to register, operate and deliver the Services you have requested.  During registration, a user is required to give certain information (such as name, phone number and email address). This information is used to contact you about the products/services on our Site and/or Platform in which you have expressed interest or subscribed to and allow you to easily update your Personal Information.

4. Sharing Information with Third Parties

  1. If you do not want your information to be shared with our employees, service providers and subcontractors, upon your request, we will not share your information. However, your ability to access and use the Site and the Platform may be limited or interrupted.
  2. Neurotone may share data (including your Personal Information) with trusted partners to help perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your Personal Information except to provide these services to Neurotone, and they are required to maintain the confidentiality of your information.
  3. Please note that with the exception of certain limited information as specified in the Platform, your Medical Providers and clinicians will have access to the information that you input into the Platform. Specifically, your Medical Provider will be able see data related to your use of the Platform. Your Personal Information and PHI may be included by your Medical Provider as part of your health records and use of such information by your Medical Provider will be governed by your Medical Provider’s privacy and other policies.  
  4. Neurotone may disclose your Personal Information, without notice, if authorised or required to do so by law or in the good faith belief that such action is necessary, including to: (a) conform to the edicts of the law or comply with legal process served on Neurotone or the Sites; (b) protect and defend the rights or property of Neurotone; and/or (c) act under exigent circumstances to protect the personal safety of users of Neurotone, or the public.
  5. Neurotone may expand or reduce our business, and this may involve the sale and/or transfer of control of all or part of our business. Personal Information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided.  
  1. Neurotone does not sell, rent or lease its customer lists to third parties. Except as provided herein, unless you ask or provide your consent to do so, we will not share your Personal Information with any third party outside of our organization, except as necessary with our service providers and subcontractors in order to troubleshoot issues you may have with our Site, the Platform or your account. Only employees, service providers and subcontractors who need the Personal Information to perform a specific job are granted access to Personal Information, subject to confidentiality obligations. 
  1. Neurotone may also use your Personal Information to inform you of other products or services available from Neurotone and its affiliates.

5. Third Party Websites

  1. The Site or Platform may contain links to other websites. Any Personal Information you provide on linked pages or sites is provided directly to that third party and is subject to that third party’s privacy policy. This Policy does not apply to such linked sites, and we are not responsible for the content or privacy and security practices and policies of these websites or any other sites that are linked to or from the Site and/or the Platform. We encourage you to learn about their privacy and security practices and policies before providing them with Personal Information.

6. De-Identified Data

  1. We may also use non-identifiable anonymous data that is based on users’ access or use of the Site and/or Platform to improve the Site and/or the Platform. We may also use anonymized data based on your use of the Platform, including de-identified health data and combine such de-identified data with data or other anonymous data (“Aggregate Data”).  Aggregate Data may include information that describes the habits, usage patterns, survey responses and/or demographic information of users as a group, but does not identify any particular users. We may provide anonymized data and Aggregate Data to our third party collaborators and partners or use such Aggregate Data for future research studies and publications.

7. Tracking User Behavior

  1. Neurotone may keep track of the websites and pages you digitally access within Neurotone, in order to determine what Services are the most popular. This data is used to deliver customized content and advertising within Neurotone to individuals whose behavior indicates that they are interested in a particular subject area.

8. Automatically Collected Information

  1. Information about your computer hardware and software may be automatically collected by Neurotone. This information can include: your IP address, browser type, domain names, access times and referring website addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Neurotone website.

9. Use of Cookies

  1. The Neurotone website may use “cookies” to help you personalize your online experience, including through the use of third party providers. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.
  1. We strive to take appropriate security measures to protect against unauthorized access to or alteration of your Personal Information. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us through our Services cannot be guaranteed.

10. Security of your Personal Information

  1. Neurotone takes reasonable steps to secure your Personal Information from unauthorized access, use, or disclosure. Neurotone uses the following methods for this purpose:
    - SSL Protocol: 
    When Personal Information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Sockets Layer (SSL) protocol.

11. Right to Deletion

  1. Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
    • Delete your Personal Information from our records; and
    • Direct any service providers to delete your Personal Information from their records.
  2. Please note that we may not be able to comply with requests to delete your Personal Information if it is necessary to:
    1. Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
    2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
    3. Debug to identify and repair errors that impair existing intended functionality;
    4. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
    5. Comply with the California Electronic Communications Privacy Act;
    6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the Personal Information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
    7. Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
    8. Comply with an existing legal obligation; or
    9. Otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the Personal Information.

12. Children Under Thirteen

  1. Neurotone does not knowingly collect Personal Information from children under the age of thirteen. If you are under the age of thirteen, you must ask your parent or guardian for permission to use the Services.

13. E-mail and SMS Communications

  1. From time to time, Neurotone may contact you via email for the purpose of providing announcements, promotional offers, alerts, confirmations, surveys, and/or other general communication. In order to improve our Services, we may receive a notification when you open an email from Neurotone or click on a link therein.
  2. If you would like to stop receiving marketing or promotional communications via email from Neurotone, you may opt out of such communications by clicking on the UNSUBSCRIBE button.
  3. We may send you notifications related to your use of the Services via text or SMS messaging. If you do not wish to receive text messages, please follow the instructions provided to you in the text or SMS message.  You may also make a request using the Contract Information provided below.

14. Changes to this Statement

  1. Neurotone reserves the right to change this Privacy Policy from time to time. We will alert you that changes have been made by indicating on the Policy the date it was last revised and we will use commercially reasonable endeavors to notify you about significant changes in the way we treat Personal Information by sending a notice to the primary email address specified in your account, by placing a prominent notice on our Site, and/or by updating any privacy information. 
  2. Your continued use of our Sites and/or Services available after such modifications will constitute your: (a) acknowledgment of the modified Privacy Policy; and (b) agreement to comply with that Policy.

15. Representative

  1. We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:
    • United Kingdom (UK)
  2. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://app.prighter.com/portal/neurotone.

16. California Residents

  1. Pursuant to the California Consumer Privacy Act (“CCPA”), we may collect the following categories of Personal Information:
    1. Identifiers, such as name and government-issued identifier;
    2. Personal Information, as defined in the California safeguards law, such as contact and financial information;
    3. Characteristics of protected classifications under California or federal law, such as age, gender, medical conditions, and marital status;
    4. Commercial information, such as transaction information and purchase history;
    5. Internet or network activity information, such as browsing history and interactions with our Sites;
    6. Geolocation data, such as device location; and
    7. Audio, electronic, visual and similar information, such as call and video recordings  
  2. We may collect this Personal Information directly from California residents themselves, Medical Providers, or caregivers.
  3. We may use this Personal Information for legitimate business purposes to operate, manage, and maintain our business, to provide our products and services, for our employment purposes, and to otherwise accomplish our business purposes and objectives. Our business purposes and objectives include, for example, developing, improving, repairing, and maintaining our products and Services, and marketing our products and Services; conducting research, analytics, and data analysis; maintaining our facilities and infrastructure; undertaking quality and safety assurance measures; conducting risk and security controls and monitoring; detecting and preventing fraud; performing identity verification; performing accounting, audit, and other internal functions, such as internal investigations; complying with law, legal process, and internal policies; maintaining records; and exercising and defending legal claims.
  4. We may disclose the following Personal Information to our affiliates and third parties, such as our service providers, for the operation of our legitimate business purposes:
    1. Identifiers, such as name and government-issued identifier
    2. Personal information, as defined in the California safeguards law, such as contact and financial information
    3. Characteristics of protected classifications under California or federal law, such as age, gender, medical conditions, and marital status
    4. Commercial information, such as transaction information and purchase history
    5. Internet or network activity information, such as browsing history and interactions with our websites
    6. Geolocation data, such as device location
    7. Audio, electronic, visual and similar information, such as call and video recordings  
  5. We have not “sold” Personal Information for purposes of the CCPA. For purposes of this CCPA Notice, “sold” or “sale” means the disclosure of Personal Information for monetary or other valuable consideration but does not include, for example, the transfer of Personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
  6. If you are a California resident, you may request that we:
    1. Disclose to you the following information covering the 12 months preceding your request:
      1. The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information
      2. The specific pieces of Personal Information we collected about you
      3. The business or commercial purpose for collecting Personal Information about you  
      4. The categories of Personal Information about you that we otherwise shared or disclosed and the categories of third parties with whom we shared or to whom we disclosed such Personal Information
    2. Delete Personal Information we collected from you
    3. Correct any inaccurate Personal Information that we have collected
  7. To make a request for the disclosures, deletion, or correction described above, please contact us at using the information provided below.  In some instances, we may decline to honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another California resident.
  8. You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.

17. Contact Information

  1. Neurotone welcomes your questions or comments regarding this Privacy Policy. If you have questions related to this policy or wish to make a request regarding your Personal Information, please contact Neurotone at:

    Neurotone AI, Inc.
    9200 NW 39th Ave,
    Suite 130 #3237
    Gainesville, FL, 32606
    United States
    Email Address: info@neurotone.com

Appendix – Australia 

This Appendix applies to individuals protected by Australian privacy laws.  The information in this appendix supplements the main Privacy Policy and should be read in addition to the main policy, except for the following sections which do not apply to individuals protected by Australian privacy laws:

  1. 1.3 (applicable to USA residents only);
  2. 4.2 (we cannot agree to not disclose your Personal Information with our employees, service providers and subcontractors, as this is necessary for the purposes for which we use and disclose your Personal Information.  If you have any concerns with the way we disclose your Personal Information, or the purposes for the same, please contact us.  Ultimately, if you do not want us to disclose your Personal Information to our employees, service providers, and subcontractors, you will not be able to interact with us);
  3. 11 (the right to deletion is not a right under the Australian Privacy Act 1988 (Cth), although you do have a right to withdraw a consent you have previously provided in some circumstances);
  4. 15 (applicable to UK residents only); and
  5. 16 (applicable to Californian residents only).

1. Application

  1. In this Appendix 2, we use the terms: 
    1. ‘customers’ to refer to individuals who engage us to provide the Services (including via a third party, such as a Medical Provider),  We also refer to customers as ‘users’ in the Privacy Policy where they are a customer of the Platform;
    2. ‘voice contacts’ to refer to individuals who are referred by a customer to record their voices for use in the Platform for the referring customer only; 
    3. ‘clients’ to refer to individuals at businesses (such as Medical Providers) who engage us to provide the Services, or otherwise interact with us about our Services;
    4. ‘suppliers’ to refer to individuals who provide us with goods or services, and individuals at businesses who provide us with goods or services;
    5. ’visitors’ to refer to individuals who engage with us on our Sites, or who enquire about our functions, activities or Services via electronic means; and
    6. ‘applicants’ to refer to individuals who apply for employment or other engagements with us.
  2. In some circumstances, you may belong to more than one of these groups, and multiple sections of this Privacy Policy will then apply to you.

2. Collection of your Personal Information:

  1. Personal Information is any information or opinion about you which personally identifies you or may reasonably be used to personally identify you, even if the information is not true, and whether or not it is in physical form. This may include any Personal Information or opinion about you that is sensitive and requires a higher level of privacy protection, including PHI (Sensitive Information).
  2. The kinds of Personal Information we collect about you depends on our relationship with you, and we limit the information we collect to what is reasonably necessary for one or more of our functions or activities.
  3. In addition to the Personal Information specified in section 2 of the Privacy Policy, Neurotone will generally collect commentary or opinion about you, and other information relevant to providing you with the information, goods and services (as applicable) you or someone on your behalf is seeking.
  4. If you are a customer, we will collect your username, profile picture, IP address, other unique ID numbers or account registration details, address or locational attributes, demographic information (such as your age or gender), information about your preferences (including marketing and communications), and sensitive information (i.e. health information) you provide in connection with the Services.  We will also collect the full name and contact details of any voice contact you refer to us in relation to the Services. .
  5. If you are a voice contact, we will collect your full name, contact details and any further information you provide us directly to complete your registration as a voice contact in our Services for the customer who referred you to us. 
  6. If you are a client, we may collect your business name and registration numbers (for sole traders and partnerships), information about your role, marketing and communications preferences, information related to your Platform interactions with us, feedback you provide us, your IP address, other unique ID numbers.
  7. If you are a supplier, we will also collect your business name and registration number (for sole traders and partnerships), bank account details (for payment of your invoices), and information about your role. 
  8. If you are a visitor, we will also collect information about your use of our Sites (including competing any online forms on the Sites, your browser type, domain names, access times and referring website addresses) and the device you are using (including numbers that identify your device, IP address, geographic location of your IP address and user preferences).
  9. If you are an applicant, depending on your potential or actual position with us, we will also generally collect your Personal Information contained within an application and CV/resume, employment history, a reference, derived from an interview or through testing (including psychometric or aptitude testing, as applicable), licences and other certificates and qualifications, and information included in a passport, birth certificate, visa or other documentation demonstrating your right to work for us.
  10. We support your ability to make decisions about the Personal Information you provide to us, however if you choose not to provide us with the information requested, or it’s incomplete or inaccurate, we may not be able to provide you with the information, goods, and services you are seeking.  If you are an applicant, refusal to provide Personal Information may mean we are unable to process your application.
  11. Except as otherwise permitted or required by applicable privacy laws, we only collect Sensitive Information about you if you consent to the collection of the information and if it is reasonably necessary for the performance of our functions and activities.  Consent may be implied by the circumstances existing at the time of collection.  There may also be circumstances under which we may collect Sensitive Information without your consent, as required or authorised by applicable Australian laws.

3. How we collect your Personal Information

  1. We generally collect Personal Information about you directly from you when you interact with us, such as in-person, by phone, by enquiry or feedback form, via our Sites, social media channels, interviews (via any method), any of our standard forms (including applications), contract negotiations, employment or engagement process, and surveys (where applicable).
  2. We may also need to collect Personal Information about you from third parties from time to time where it is necessary for us to do so and it is unreasonable or impractical to collect directly from you, where you have consented to us doing so, or where we are otherwise required to or authorised to by law.  Those third parties include:
    1. if you are a customer, any Medical Provider that you have engaged to manage your health information and treatment via the Platform, and third parties with whom you have signed up to receive a special offer from Neurotone; 
    2. if you are a voice contact, any customer that refers you to us in relation to the Services, and the third party service provider we use to process your voice recordings; 
    3. if you are a client, any person that engages with us to purchase goods or services (as applicable) on your behalf, including any account creation on our Websites and information through our payment processor;
    4. if you are a supplier, publicly available records such as local or state company records, for example, the Australian Securities Investment Commission (as applicable) and from the relevant business with whom you are engaged (as applicable);
    5. if you are a visitor, technology service providers and social media platforms; and 
    6. if you are an applicant, referees when they provide references, academic institutions or training and certification providers, providers of licences and background-checking services, recruiters and other service providers who assist in the engagement process, and other publicly available sources such as social media platforms (as applicable).
  3. If you provide us with Personal Information about someone else, you represent to us that you are authorised to disclose that information to us and that, without us taking any further steps required by applicable Privacy Laws, we may collect, store, use and disclose such information for the purposes described in this Privacy Policy.  Where we request you to do so, you must assist us with any requests by the individual to access or update the Personal Information you have collected from them and provided to us.

4. Use of your Personal Information

  1. In addition to the purposes set out in section 3 of the Privacy Policy, generally, Neurotone collects, holds uses and discloses your Personal Information if it is reasonably necessary for or directly related to the performance of our functions and activities, and for:
    1. operating, managing and maintaining our business, including to:
      1. provide our Services;
      2. contact you about the Services on our Site and/or Platform in which you have expressed interest or have subscribed to;
      3. maintain our facilities and ensure sufficient infrastructure to support requests for the Services, from time to time;
      4. maintain records;
      5. detect and prevent fraud;
      6. perform identity verification through two-factor authentication (as required);
      7. perform accounting, audit, and other internal functions, such as internal investigations;
      8. record, transcribe and otherwise document your audio, including converting your audio into summaries or key decisions for the Platform (see section 10 below: AI Systems); 
      9. allow you to easily update your Personal Information, including destroying or de-identifying it when it is no longer relevant (to the extent permitted); 
      10. analyse and develop, improve, repair, and maintain our Services;
      11. conduct research, analytics, and data analysis, and monitor use of our Services;
      12. undertake quality and safety assurance measures, and conduct risk and security controls and monitoring;
    2. if you are a supplier, purchasing goods or services from you, and enquiring about your goods and services;
    3. if you are a visitor, streamlining and personalizing your experience with our Sites. and tailoring our information, goods and services for you; 
    4. if you are an applicant, considering your application with us; 
    5. fulfilling our legal requirements, both at law and under our contractual arrangements with you and others, and exercising and defending legal claims
    6. contacting you to ask for your feedback or a testimonial; and
    7. informing you of other products or services available from Neurotone and its affiliates that may be of interest to you.  You may unsubscribe from our mailing/marketing lists at any time by using the unsubscribe feature on any emails we send, or otherwise by contacting us in writing.  We do not use your Sensitive Information for direct marketing purposes.
  2. For the avoidance of doubt, we may use or disclose Personal Information for secondary purposes where it would be reasonable to expect us to do so, and that secondary purpose is related (or directly related in the case of Sensitive Information) to the primary purpose set out above.

5. Who we disclose Personal Information to

  1. We generally disclose your Personal Information for the purposes for which it was collected.  We may disclose Personal Information about you to:
    1. our related entities;
    2. our employees, contractors, consultants and other parties who require the information to assist us with the purposes for which it was collected, and with establishing, maintaining or terminating our relationship with you;
    3. if you are a customer: your Medical Provider, HubSpot Inc;
    4. if you are a voice contact, ElevenLabs; 
    5. government departments and agencies where required by law;
    6. third party service providers who assist us in operating our business and providing information, resources, Services to you or someone else on your behalf (including third party medical service providers, insurers, IT and technology service providers, recruitment providers, and professional advisers such as lawyers, accountants, and auditors); 
    7. third parties to whom you have agreed we may disclose your information and where the information was collected from you (or from a third party on your behalf) for the purposes of passing it on to the third party; and
    8. any other entity as otherwise required or authorised by law, including regulatory bodies.

6. Overseas Disclosure

  1. We are assisted by a variety of external service providers to operate our business and to provide you or someone else on your behalf with the information and Services sought.  Some of these service providers may be located overseas, including (amongst others) ElevenLabs located in London, and Microsoft Corporation, Google LLC, and Meta Platforms Inc, HubSpot Inc and Stripe Inc, located in the USA. 
  2. We take reasonable steps to ensure these service providers have appropriate security for your Personal Information and use it only for the purposes for which it was collected.

7. Tracking User Behaviour and Use of Cookies

  1. If you are a visitor, our Sites may use pixels and web beacons, including through the use of third party providers, to track your digital access.  A pixel or web beacon is a JavaScript code snippet embedded on a web page or email that collects data about user interactions and behaviour.  Pixels are often used for remarketing (that is, serving targeted ads on social media platforms or other websites).
  2. Use of your Personal Information by third party providers of pixels and web beacons is also subject to their own privacy policies. For details on how each provider uses information collected through these tools, please refer to their respective websites.  The third party services we use include:
    1. Google Analytics and Google Tag Manager, for audience measurement and website optimisation; and 
    2. Meta Pixel for advertising analytics and remarketing on Meta platforms such as Facebook and Instagram; and 
    3. LinkedIn Insights tag, for advertising analytics and remarketing on LinkedIn. 
  3. If you are a visitor, then in addition to the purposes set out in section 9.2 of the Privacy Policy, we may also use cookies to monitor the use of our Sites and digital services, like the numbers and frequency of visitors to our Sites, to help us improve our Services and identify any problems that need fixing.  The Personal Information that is disclosed about you in relation to third party cookies is:
    1. information about your use of our Sites, your IP address, browser type, ISP, and referring/exit pages;
    2. pseudonymous identifiers such as cookie, browser and session IDs; 
    3. session metrics such as your session start time, duration, pages per session and engagement time; and
    4. website engagement metrics such as clicks, time spent on pages and scroll behaviour.

8. E-mail and SMS Marketing

  1. Our direct marketing messages are designed to be compliant with anti-spam laws, including Australia’s Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth).
  2. If you believe you have received marketing in violation of these laws or any other anti-spam law, please contact us using the contact information in this Privacy Policy.
  3. You may unsubscribe from our mailing/marketing lists at any time by using the unsubscribe feature on any emails we send, or otherwise by contacting us in writing.  We do not use or sell your Sensitive Information for direct marketing purposes.

9. Security of your Personal Information

  1. Neurotone takes reasonable steps to secure your Personal Information from misuse, interference, loss, unauthorised access, unauthorised modification, and unauthorised disclosure.
  2. In addition to the steps set out in section 10 of the Privacy Policy, Neurotone:
    1. limits access to the Personal Information we collect about you;
    2. only provides access to Personal Information once proper identification has been given; 
    3. requires third party providers to have acceptable security measures to keep Personal Information secure; and
    4. maintains layered website and server protections such as network security controls, website firewalls, access obfuscation and multi-factor authentication. 
  3. When we no longer need your Personal Information for the purpose for which we collected it, we will take reasonable steps to destroy or permanently de-identify your Personal Information.  We generally keep Personal Information for a minimum of seven years, or any longer period as required by law.  For example, in accordance with health information legislation in Australia, where the information is health information, we retain it for 7 years from the date we last provided you with health services (or if you are a minor on the date we last provide you with health services, until you are 25).  However, these retention periods may change where other legislation requires us to keep, destroy or de-identify the information earlier or later.

10. Accessing or correcting your Personal Information

  1. You may access the Personal Information we hold about you, subject to certain exceptions. If you wish to access your Personal Information, please contact us via the contact details in the main body of the Privacy Policy.
  2. There are no charges for requesting access to or the correction of your Personal Information, however we reserve our rights to charge you any reasonable administration fees associated with your request (subject to restrictions under relevant health records legislation). We will notify you in advance of any applicable fees.
  3. We endeavour to respond to those requests within 30 days, but will otherwise respond within a reasonable period. We may decline a request for access to Personal Information in circumstances prescribed by the Australian Privacy Acts (as applicable).  If we decline a request for access, where reasonable, we will provide you our reasons and information about your ability to complain about such refusal.
  4. If you are a client user, we may not be able to provide you with the requested information and in those circumstances will recommend that you contact the client who has engaged you.
  5. In order to protect the confidentiality of your Personal Information, details of your information will only ever be passed on to you where we are satisfied that the information relates to you.  Accordingly, we may request documentation from you which confirms your identity before passing on any Personal Information which relates to you.
  6. If you believe the information we hold about you is incomplete, not up to date, or is inaccurate, please advise us as soon as practicable. We will take reasonable steps to correct the information if we agree that it is incomplete, out of date, or inaccurate.  We will strive to process any request within 30 days.

11. Privacy Regulators

  1. Complaints about our Privacy Policy or the way we handle your Personal Information should first be directed to us at the details set out in section 17 of the Privacy Policy.
  2. We will investigate and attempt to resolve your complaint in accordance with the Privacy Act.  If you are not satisfied with the outcome of this process, then you may contact the Office of the Information Commissioner, Australia using the details below:

    Office of the Australian Information Commissioner (OAIC)
    Address:     GPO Box 5288, Sydney NSW 2001
    Phone:     1300 363 992
    Email:     enquiries@oaic.gov.au
    Website:     www.oaic.gov.au