Home
privacy

Oqea Privacy Policy

User Agreement

Oqea

Privacy Policy & Terms

Version: 11.0
Last Updated: Oct 2025

Privacy Policy

We care about you and your privacy.

At Oqea, we’re committed to protecting your personal and sensitive information, which is why we’ve put together this policy. We want to ensure we provide a safe, trusted and secure environment to streamline the care coordination journey for all our users. In this policy, we may refer to Oqea Pty Ltd (ABN 50 628 016 491) and its subsidiaries collectively as “Oqea”, “we”, “us” and “our”.  

Oqea is a technology and mental health services company that is reshaping the standard of care for mental wellbeing, making support easier to manage and access. We connect individuals (our “Members”) with professionals who provide psychology, allied health, psychiatry and mental health general practitioner (MH GP) services (our “Services”).  For clarity, we may also refer to Members as patients or clients from time to time.  

We have designed this policy with careful reference to the Australian Privacy Principles and the Privacy Act 1998 (Cth) (“Privacy Act”). We may also reference to related, third-party service providers’ relevant privacy policies and associated documents.

How to read this policy

The way that we collect, store and use the personal information and sensitive information of a Member is different from how we collect, store and use personal information of other individuals who interact with us. As such, we have divided this privacy policy into three parts:

  • Part A which relates to our treatment of personal information generally;
  • Part B which relates to our treatment of Member personal information; and
  • Part C which relates to our treatment of personal information when people interact with us other than as Members.

By choosing to use our Services, visit our websites (including https://oqeacares.au/) (“Sites”), or otherwise interacting with us, you consent and agree to this privacy policy (“Privacy Policy”).  We may also ask for your express consent to this Privacy Policy before or during your interactions with us.

The Australian Privacy Principles

We respect and uphold your right to privacy protection in accordance with the Australian Privacy Principles and Privacy Act.  Please feel welcome to find out more about the Australian Privacy Principles and the Privacy Act by calling the Office of the Australian Information Commissioner on 1300 363 992 or through their website at www.oaic.gov.au.

We are also bound by the Australian Psychological Society – Code of Ethics, which is relevant to how we handle personal information.

Part A – General Management of personal information

How to Access, Correct or Update Your Personal Information

If you:

  • have any complaints, questions or concerns about the personal information we hold, or the accuracy of that information;
  • would like to access the information that we hold about you; or
  • are seeking to complain about a possible breach of the Australian Privacy Principles,

please contact our Privacy Officer using the details provided at the bottom of this Part A. Where the information relates to your health information, please speak with your medical professional in the first instance.

We will respond to your complaint or endeavour to give you access to the information requested within two weeks. To maintain the confidentiality of your personal information, we may ask you to meet with us so we can review your specific identification documents before we give you access. If it is not practical for you to meet us in person, we will arrange to check your identification before we mail the information out to you.

If the information that we hold about you is incorrect or not up-to-date, we will update it as soon as possible after you have shown us how and why it is incorrect.

In the unlikely event that we are unable to provide you with access to your personal information for legal reasons as specified in the Privacy Act, we will provide you with reasons for denying access.

If you are not satisfied with our response to your complaint, question or concern, you may wish to lodge a complaint with the Office of the Australian Information Commissioner. Further information can be found on the Commissioner’s Site or by calling 1300 363 992.

How we keep your Personal Information secure

Our IT systems are password protected, and we conduct regular audit and data integrity checks.  

We frequently update and review our IT security software to protect our systems (and the data contained in those systems) from cyber security threats. In addition, all our employees are required, as a condition of employment, to treat personal information held by Oqea as confidential.

We utilise secure cloud infrastructure for the storage of personal information. These cloud servers are situated in Australia and held to the highest standard of security. The cloud server providers are required to keep all information stored confidential, and we exclusively control access and management of all stored data.

Destroying personal information

We will destroy or de-identify personal information provided by you once we no longer need it for the purposes it was collected. That being said, we may be permitted to retain personal information after our Services have been completed as required by law or by the terms of the policy.  

In such cases, your personal information will continue to be protected in accordance with the terms of this Privacy Policy.

In any case, if we destroy or de-identify personal information, we will do so by taking reasonable steps and using up-to-date techniques and processes.

What do we do when we get information we did not ask for?

People sometimes share information with us we have not sought out (referred to as ‘unsolicited information’).

Where we receive unsolicited personal information about you, we will check whether that information is reasonably necessary for our Services, functions or activities, and whether we could reasonably have obtained the information from you. If so, we will attempt to notify you immediately, and handle this information the same way we do with other information we seek from you. If not, we will ensure we do the right thing and destroy or de-identify it.

When will we notify you that we have received your information?

When we receive Personal Information from you directly, we either have already taken or we will take reasonable steps to notify you how and why we collected your information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint.

Sometimes we collect your personal information from third parties in accordance with this Privacy Policy. In some cases, you may not be aware that we have done so. If we collect personal information in this way, and the information can be used to identify you, we will take reasonable steps to notify you of that collection and the terms of this Privacy Policy will continue to apply.

When the Law authorises or requires us to collect information

We may collect information about you because we are required or authorised by law to collect it. There are laws that affect financial institutions which may require us to collect personal information, like the National Consumer Credit Protection Act 2009 (Cth) and The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).

Cookie Policy

Our Sites may use ‘cookies’ to:

  • improve your experience on our Sites;
  • display content more relevant to you within the Sites; and
  • display items added while using online facilities.

If you are concerned about the use of these cookies, your browser can be configured to notify you when you receive a cookie, and provide you with the opportunity to accept or reject it. You may refuse all cookies from our Sites, however some functions may be unavailable if you choose to do so.

Our Sites may use statistical information collection tools (such as Google Analytics) to track site visits, navigation and performance within our Site for the purpose of monitoring and improving the site. If you are concerned about the use of these tools, you can configure your browser to send a “Do Not Track” request with your browsing traffic.

Our Sites may also use third party cookies and Google Analytics Advertising Features including:

  • Remarketing with Google Analytics; and
  • Google Analytics Demographics and Interest Reporting.

Visitors can opt-out of behavioural advertising using their browser settings, or the settings provided by the specific advertising service provider. For example, visitors may opt-out of Google Analytics for Display Advertising, or customise Google Display Network ads, using the Ads Settings linked here. Further information regarding behavioural advertising, including ways to manage your online privacy, is available at https://www.staysmartonline.gov.au/.

Our Sites may contain links to other sites of interest.  We do not control, and are not responsible for, the content or privacy practices of those sites. Please check the privacy policies on other sites before you provide your personal information to them.

Our Site’s Security

We regularly review and update our physical and data security measures in light of current technologies. However, it is an unfortunate reality that no data transmission over electronic, mobile data and communication services can be guaranteed to be totally secure.

We will do everything reasonably within our power and control to prevent unauthorised use or disclosure of your personal information. However, we will not be held responsible for events arising from any unauthorised use or access to your personal information.

Certain sections of our Site are secured using industry-standard SSL/TLS technology to encrypt data between your browser and the Site.

By using our Sites and Services, you acknowledge and agree that the internet is inherently insecure and that you use the internet at your own risk.  You acknowledge that, to the maximum extent permitted by law, Oqea and its directors, representatives, employees, contractors, suppliers or clients shall not be held liable for any security breaches, viruses or other malicious software that may infect your computer or other internet browsing device, or any loss of data, revenue or otherwise that may occur as a result of using our Sites.

Spam Act

We adhere to the Spam Act 2003 (Cth). The Spam Act prohibits the sending of unsolicited emails, SMS and MMS messages for commercial purposes from or within Australia or to people in Australia. The Spam Act also bans the supply and use of software designed to harvest email addresses.

Changes to our Privacy Policy

We may, without notice, amend or modify this Privacy Policy by posting the amended Privacy Notice to our Site or our Services. We will make all reasonable attempts to notify you of these updates by email where necessary, or where we are required to obtain your express consent.

Privacy Officer’s contact details

Oqea’s Privacy Officer can be contacted by:

Privacy Officer
Oqea Pty Ltd

Email: privacy@oqea.com

Postal Address: 230 Rokeby Road, Subiaco WA 6008

Part B – management of personal information of Members

Where an individual interacts with us to receive our Services, they do so as a Member.

When we collect, hold, use, or disclose information from an individual as a Member, this Part B applies.

What Personal Information do We Collect?

We collect and hold only the personal information strictly required to provide our Services to our Members at a high standard.  The categories of information that we collect for this purpose include our Members’:

  • name (first and last);
  • contact details (email, phone number, and postal address);
  • gender; and
  • date of birth.

As a health service provider, we are also required to collect sensitive information of our Members to provide our Services.  We only collect the sensitive information of our Members with their consent, and to the extent that we require the sensitive information to provide our Services to them.

The sensitive information that we collect includes, but is not limited to:

  • health information;
  • racial or ethnic origin;
  • religious beliefs or affiliations;
  • sexual orientation or practices;
  • criminal record; or
  • other sensitive information within medical records or provided during Member sessions.

why do we collect, hold, use and disclose personal information?

We may collect, hold, use and disclose your personal information (including sensitive information) as a Member to:

  • maintain your contact details;
  • process payments;
  • comply with your other reasonable requests;
  • deliver and improve our Services and our Sites;
  • provide updates on our Services, policies, and content to your email address, mobile phone, portable computing and other digital technology devices;
  • compile analytics in sizing or quantifying market opportunity;
  • predict market opportunity forecasting and resource allocation; and
  • disclose to other businesses who assist us or our users in providing services, or who perform functions on our customers’ behalf.

For personal information not including sensitive information, we may also use, collect, hold, and disclose it to:

  • send you information about our Services;
  • send you marketing communications about our Services, with each communication providing you with a simple way to “opt out” of receiving similar communications in the future;
  • allow us to run our business and perform administrative and operational tasks, such as:
    • training staff;
    • developing and marketing products and services;
    • conducting risk management;
    • performing systems development and testing, including for our Sites, Services, proprietary artificial intelligence (“AI”) decision support and clinical reason tool, and other online channels;
    • undertaking planning, research and statistical analysis; and
    • preventing or investigating any fraud or crime, or any suspected fraud or crime;
  • comply with laws, regulations or codes binding us;
  • manage our relationship with our Members;
  • investigate and deal with suspected or actual unlawful activity;
  • assist with recovering amounts owing to us; or
  • fulfill any other purposes for which you have given your consent.

How do We Collect Your Personal Information?

As a Member, we generally collect your personal information directly from you:

  • when you visit our Sites, or use our Services and platforms (including Oqea.me, Oqea.net and Oqea.health and any other platforms introduced by Oqea from time to time);
  • as authorised or consented to by you providing us with your personal information; or
  • by your family, carers, guardians, friends and peer supporters, in which case we ask them to obtain your consent prior to disclosing it to us.

Sometimes we will also be required to collect information about you from other sources. We do this only if it is necessary to do so, such as where we:

  • are provided with or request sensitive information about you, such as medical reports, referrals, medication, health history and other important health information where you consent, and such information is reasonably necessary to provide our Services to you;
  • cannot readily contact you and we rely on publicly available information to update your contact details; and
  • at your request, receive information with your medical, accounting, legal or financial advisors or other representatives.

Also:

  • we may ask for other information from you from time to time to enable us to improve the Services, though please note you are under no obligation to provide us with this information.

In some cases, you might provide personal information to us by entering it into forms which store the information in our cloud-based servers.  

How do we use and disclose your Personal Information?

Using and disclosing your Personal Information as a Member

Your personal information and sensitive information will generally only be used and disclosed for the purpose it was collected, as outlined above. We may otherwise disclose your personal information to third parties or contractors who are integral to the provision of our Services, in accordance with the terms of this Privacy Policy.

We may also provide Member health information to other medical service providers, such as your general practitioner or specialist medical practitioners. We will only disclose health information this way with your consent, or in circumstances where it is required for the delivery of health services, such as for referral to another health service provider, billing and liaising with government offices regarding entitlements and payments, where it is necessary to prevent or lessen an identified significant and imminent  threat to a person’s life, health or safety, or other reason as permitted by law.

Use of Technology

In addition to our own proprietary technologies and systems, we use various third-party software and technologies, each of which may have their own privacy policies and terms of use.

Owing to the ever-changing nature of technology, and so that we are always providing optimal support to you, we may use alternative third-party support software and platforms from time to time.  To that end, any personal information stored or processed by these alternatives will also be subject to the privacy policies of the relevant third parties, and may vary. We will, however, take all reasonable steps to ensure that your personal information is sufficiently protected in any case.

Our partner clinicians may, at their discretion, use AI-powered tools including but not limited to Heidi Health, Lyrebird Health, NovoNote (NovoPsych), or Oqea Frame, to:

  • help generate accurate and timely clinical notes during sessions; and
  • provide decision support and clinical reasoning assistance.

Oqea Frame

We have developed a new clinical decision-support tool that uses AI to help clinicians generate a diagnostic medical report for the assessment and treatment various mental health criteria (for example ADHD) called Oqea Frame. Oqea Frame utilises several different sources of information in treatment of each Member, and uses AI to analyse the degree to which the Member meets each ADHD diagnostic criteria.

If your clinician elects to use Oqea Frame, your personal information may be used to assist our clinicians in providing better, more efficient patient care, with more time spent focusing on you. Additionally, your personal information may be used to train or fine-tune Oqea Frame, for example, by optimising prompts, or providing relevant context to clinician feedback.

The security of your personal information is our number one priority, so we have taken all necessary steps to ensure that your personal information is protected from unauthorised access, use and disclosure.

We otherwise note that while the personal information we collect is always stored within Australia, it may be used or processed (but never disclosed) overseas in trusted, secure data centres which are held to the highest standard of data security.  We will always retain full control over the personal information used or processed overseas.

If you have any questions or concerns about our use of technology in patient care, please feel welcome to contact us using the details provided at the end of this policy.

If you would prefer your clinician not to use AI-powered tools when providing Services to you, please let us know at any stage by contacting our Privacy Officer using their details in Part A. Otherwise, please feel welcome to let your clinician know and they will happily oblige. In any case, our provision of Services to you will not be materially affected by your decision to allow or disallow our use of AI-powered tools.

Part C – management of personal information of individuals other than as Members

Where an individual interacts with us other than for the provision of Services, they do so not as a Member.  For example, where we deal with suppliers, contractors, or employees. In such cases, this Part C will apply.

To note, where a Member interacts with us other than for the provision of Services (such as by visiting the website for purposes other than to book a session), they do not do so as a Member, and this Part C will apply to the information collected, used, disclosed, or held as a result of that interaction. The Member’s sensitive information in any case remains confidential.

What Personal Information do We Collect?

The categories of information that we collect from individuals other than as Members include their:

  • name (first and last);
  • contact details (email, phone number, and postal address);
  • gender;
  • date of birth;
  • job titles;
  • government identifiers such as Tax File Number, drivers’ license, passport and Medicare numbers and visa/work permit status;
  • social media handles;
  • credit information such as details relating to credit history, credit capacity and eligibility for credit;
  • details of superannuation and insurance arrangements;  
  • educational qualifications, employment history and salary; and
  • personal information about your spouse and dependents.

We will not collect sensitive information under this Part C without consent.  In any case, we will always collect such information in a non-intrusive, lawful and fair manner.

Your personal information and sensitive information is only collected as is necessary for us to carry out our work and deliver our Services to our Members.

How do We Collect Your Personal Information?

For individuals other than as Members, we collect personal information directly from you:

  • when you provide it to us, including through our Sites;
  • by your voluntary completion of questionnaires on our Sites;
  • from your disclosure on the public domain;
  • from authorised third-party data sources and data lists for the purposes of providing our Services;
  • from your personal or business, health and medical professionals, advisors, partners, associates, employers, recruiters, and potential employers at your direction; and
  • by your usage of the Sites e.g. the pages that you visit, what links you click by contacting us by post, telephone, email, or other electronic methods.

Sometimes we will also be required to collect information about you from other sources. We do this only if it is necessary to do so, such as where:

  • we cannot readily contact you and we rely on publicly available information to update your contact details;
  • we, at your request, receive information with your accounting, legal or financial advisors or other representatives;
  • you consent to us collecting personal information from a third party;
  • we are authorised to do so under the law, or a court or tribunal order; or
  • it is unreasonable or impracticable for us to collect personal information only from you.

Also:

  • we may ask for other information from you from time to time to enable us to improve the Services, though please note you are under no obligation to provide us with this information.

In some cases, you might provide personal information to us by entering it into forms which store the information in our cloud-based servers. Alternatively, your information may be disclosed to us by an organisation with whom you interact, with your consent or at your direction.

why do we collect, hold, and use your Personal Information?

Using personal information other than as a Member

The purposes that we collect, hold and use your personal information include to:

  • provide or administer our Services to our Members:
  • consider whether you may be suitable for a particular role;
  • compile a report for our Members;
  • send you marketing communications about our Services, with each communication providing you with a simple way to “opt out” of receiving similar communications in the future;
  • assist in facilitating arrangements with other organisations in relation to a service we may may available in future;
  • allow us to run our business and perform administrative and operational tasks, such as:
    • training staff;
    • developing and marketing products and services;
    • conducting risk management;
    • performing systems development and testing, including for our Sites and other online channels;
    • undertaking planning, research and statistical analysis; and
    • preventing or investigating any fraud or crime, or any suspected fraud or crime;
  • comply with laws, regulations or codes binding us;
  • manage our relationship with our Members;
  • investigate and deal with suspected or actual unlawful activity;
  • assist with recovering amounts owing to us;
  • fulfill any purpose for which you have given your consent;
  • deliver and improve our Services and our Sites;
  • provide personalised and direct marketing content to your email address, mobile phone, portable computing and other digital technology devices;
  • compile analytics in sizing or quantifying market opportunity;
  • predict market opportunity forecasting and resource allocation;
  • disclose to other businesses who assist us or our customers in providing services or who perform functions on our customers’ behalf; or
  • conduct credit checks (if and where necessary).

Use of Technology other than as a Member

We use, in addition to our own proprietary technologies and systems, various third-party software and technologies, each of which may have their own privacy policies and terms of use.

Please also note, owing to the ever-changing nature of technology and so that we are always providing optimal support to you, we may use different third-party support software and platforms from time to time.  To that end, any such personal information data stored or processed will also be subject to the privacy policies of the relevant third parties and may vary. We will, however, take all reasonable steps to ensure that your personal information is sufficiently protected in any case

We otherwise note that while the personal information we collect is always stored within Australia, it may be used or processed (but never disclosed) overseas in trusted, secure data centres which are held to the highest standard of data security.  We will always retain full control over the personal information used or processed overseas.

If you have any questions or concerns about our use of technology in patient care, please feel welcome to contact us using the details provided at the end of this policy.

Aggregated and Statistical Information

We may de-identify or anonymise personal information (such that it is no longer personal information) and use it in aggregate. This aggregated information may be disclosed to third parties, including researchers, regulators and industry bodies.

When you visit our Sites or use our Services, we automatically collect the following information:  

  • Usage Information. We collect information about your activity through our Sites. For example, we may collect information about how you purchase or interact with our Sites or which queries you submit.
  • Content Information. We collect content, queries and responses that you engage with via our Services and Sites, such as custom content, and information about the content you create or provide, such as if the recipient has viewed the content and the metadata that is provided with the content.
  • Information Collected by Cookies and Other Technologies. Like most online services and mobile applications, we may use cookies and other technologies, such as web beacons, web storage, and unique advertising identifiers, to collect information about your activity, browser, and device. We may also use these technologies to collect information when you interact with our Sites we may offer through one of our partners, such as advertising and commerce features.
  • Log Information. We also collect log information when you use our Sites. That information includes, among other things:
    • details about how you have purchased or used our Sites;  
    • device information, such as your web browser type and language;
    • access times;
    • pages viewed;  
    • IP address;
    • identifiers associated with cookies or other technologies that may uniquely identify your device or browser; and pages you visited before or after navigating to our Sites.

Most web browsers are set to accept cookies by default. To learn more about how we use cookies and your choices, please refer to the “Cookie Policy” section of Part A.

How and why do we Disclose your Personal Information?

We may disclose your personal information to third parties, other than as a Member, to:

  • report to government agencies;
  • obtain professional or insurance advice;
  • comply with training requirements;
  • comply with regulatory or legal requirements;
  • perform credit reporting and checks; and
  • comply with laws or court orders.

When we disclose your personal information to a third party, we will require the third party to handle your personal information in accordance this Privacy Policy and the Australian Privacy Principles.

We may sometimes use third party service providers to conduct surveys and facilitate information collection.  Some of these service providers conduct all or part of their business overseas and so your personal information may be transferred overseas as a result.  

We will conduct a due diligence process before entering into an agreement with these service providers and will take all reasonable steps to ensure that your information is protected in a manner that is at least substantially similar to the way in which the Australian Privacy Principles protect information.

Web traffic information is disclosed to Google Analytics or similar tracking tool when you visit any of our Sites. Google stores information across multiple countries.  When you communicate with us through a social network service such as Facebook or X/Twitter, the social network provider and its partners may collect and hold your personal information overseas.

Version: 11.0
Last Updated: October 2025

Source:

Welcome to the Oqea Family

We're excited to meet you!
An app that empowers you to safely and securely connect with the people and information you need to maintain your wellbeing.
Terms and LegalPrivacyContact UsBlogResourcesFAQ's

Questions about your privacy and security?
Get in touch at info@oqea.com

Subscribe to our newsletter
Privacy Statement
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Ⓒ 2022 Oqea. All rights reserved.
Privacy
Terms and Legal

We acknowledge Aboriginal and Torres Strait Islander peoples as the Traditional Custodians of our State and its waters. Oqea wishes to pay its respects to Elders both past and present and extend this to all Aboriginal and Torres Strait Islander peoples seeing this message. 

We acknowledge the individual and collective expertise of those with a living or lived experience of mental health, alcohol and other drug issues. We recognise their vital contribution at all levels and value the courage of those who share this unique perspective for the purpose of learning and growing together to achieve better outcomes for all.