Last Updated: August 2018


GDPR

Ausmed is bound by the Australian Privacy Principles contained in the Privacy Act, and observes applicable principles of the GDPR.

What is GDPR and who does it apply to?

The GDPR is EU regulation designed to protect the privacy of EU citizens and impacts all organisations that process the personal data of such citizens, regardless of whether an organisation itself is based in the EU.

The GDPR describes different requirements depending on how an organisation handles data subjects' personal data.

"Data Controllers" are businesses that collect customer data and also decide how, when and why that customer data is processed.

"Data Processors" are businesses that carry out the processing of customer data on behalf of a Data Controller.

Ausmed is a Data Controller in our relationship with our own customers.

Ausmed's GDPR compliance

We are committed to protecting and adhering to the appropriate use of personal data. Ausmed has long exceeded the requirements of the Australian Privacy Principles, by which we are bound, and has further improved its policies and procedures in order to comply with the GDPR.

Below is an overview of several key things we've put in place to ensure such compliance.

Data Inventory

Contained in our Privacy Policy is a matrix identifying all data subject with which Ausmed interacts and the categories of data collected about each of these data subjects. Using this matrix we are able to review and validate the legal basis for collecting and processing personal data and ensure that we have in place the appropriate security and privacy safeguards across our infrastructure and software platform.

Third Party Vendors

We maintain a list of third-party vendors on our website, included in our Cookie Policy. We have reviewed and minimised this list as much as possible.

Internal Data Policy

We maintain an internal Data Policy that outlines the process our team should follow pertaining to data and privacy matters. We have updated this document in response to the GDPR and other relevant data privacy regulations.

Data Subject Rights in our role as Controller

If you are a customer of Ausmed based in the EU, you should be able to access, update, retrieve and remove your own personal data.

You may edit the data you have provided to Ausmed in the Account area, once logged in. If you would like an export of such data or to otherwise discuss the personal data we store, please email us at ausmed@ausmed.com.au. Refer to our Privacy Policy for information regarding the collection, storage and management of personal data provided to us.

Please refer to our Cookie Policy for further details.

We are here to assist

We take data privacy seriously and think the GDPR is a great step forward for data subjects. If you have any questions regarding GDPR or data privacy, please don't hesitate to email us at ausmed@ausmed.com.au.

© 2018 Ausmed Education Pty Ltd. All Rights Reserved.