Privacy Policy and Notice

Privacy Policy

Classification: Public
Version: 12 January 2021

Medikey is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at .

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect include: names, addresses, email addresses, and phone numbers.

This Personal Information is obtained in many ways including from clients, correspondence, by telephone, by email, via our website, from media and publications, from other publicly available sources, from cookies and from third parties. We don’t guarantee website links or the policy of authorised third parties.

We collect your Personal Information for the primary purpose of providing our services to you, providing information to our clients, and marketing. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.

When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

Sensitive information will be used by us only:

  • For the primary purpose for which it was obtained
  • For a secondary purpose that is directly related to the primary purpose
  • With your consent; or where required or authorised by law.
  • Medikey does not handle Individual Healthcare Identifiers (IHI).
  • We meet the obligations of a Health Service Provider under the APPs

Third Parties

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.


Cookies are small pieces of computer code which a web site such as places on a viewer’s computing environment.

  • We use cookies, including from third-party service providers, to manage, monitor and analyse the use of our service.
  • Medikey does not use remarketing services to advertise to you after you have visited our service.

Disclosure of Personal Information

Your Personal Information may be disclosed in a number of circumstances including the following:

  • Third parties where you consent to the use or disclosure; and
  • Where required or authorised by law.
  • We do not sell your Personal Information, otherwise share your Personal Information for commercial purposes, or trade in personal information.
  • We may store your data within or outside Australia. Before storing your data outside Australia, we will take reasonable steps to ensure that the overseas recipient will handle your personal information in a manner that will not breach the Australian Privacy Principles.

Security of Personal Information

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.

When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. You may delete your Mekikey account at any time, in which case we will delete your personal information.

Security of your documents

When you lodge a document on Medikey, this is protected in such a way that only you can read it. If you delete a document from your account then we cannot recover it. We provide facilities to assist you if you lose your access credentials; we will identify any credentials without which your documents will become inaccessible.  If you close your Medikey account, all documents in your account will be deleted and cannot be recovered. While we take precautions to minimise the possibility that you will accidentally delete documents, your ultimate control over your documents is a feature of our service, and your permanent deletion of documents is irreversible and designed to protect your privacy.

Access to your Personal Information

You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.

Medikey will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.

In order to protect your Personal Information, we may require identification from you before releasing the requested information.

Children’s Privacy

Our service is not available to anyone under the age of 18 (“Children”).

Maintaining the Quality of your Personal Information

It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

The right to object or restrict the processing of your personal data

If you have any queries in relation to objecting to or restricting processing of your data, you are encouraged to contact Medikey. Alternatively, you may make a formal written request to Medikey through to object to, or restrict the processing of your personal data by Medikey.

The rights of access to and portability of your personal data

You are able to access most of your personal data through the website and application. If you have any queries in relation to access to your information, you are encouraged to contact Medikey. Alternatively, you may make a formal written request to Medikey through to request access to your personal data held by Medikey. Medikey will provide your personal data to you in a portable format.

Policy Updates

This Policy may change from time to time and is available on our website. This policy was last updated on 12 January 2021.

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy please contact us at:

Privacy Officer, 154 Harts Lane, Kyneton, Victoria.3444

Telephone number 0412 592 050

Office of the Australian Information Commissioner (OAIC):

Alternately you can lodge a complaint directly with the Office of the Australian Information Commissioner (OAIC) if you are unhappy with the outcome of a privacy complaint to us.

Online enquiry form: Enquiry form
Phone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001

Full contact details for the OAIC are located on the “Contact Us” page on their website: