Privacy Policy

Data Usage

We only use your sensitive health information (with your authorisation) to find and match you with potential treatments and clinical trials.

We will use aggregated and de-identified information for clinical trial research and development. We may share this aggregated and de-identified information with our carefully selected third party partners for the same purpose. This will, for example, help guide research efforts and drug development, progressing life-saving cures onto the market faster.

We will never sell your sensitive health information to target ads or marketing to you and we will not use your sensitive health information for these purposes without your consent.

Effective: April 13, 2021

In this Privacy Policy, ‘us’, ‘we’ or ‘our’ means HealthMatch Pty Ltd (ABN 77 618 446 905) and our related bodies corporate. We are committed to respecting your privacy. Our Privacy Policy sets out how we collect, use, store and disclose your personal information. We are bound by the Australian Privacy Principles contained in the Privacy Act.

By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us. We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

Personal information includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include sensitive information, such as health information and genetic information, that you provide to us.

The HealthMatch Platform

We are a for-profit social enterprise that matches you with clinical trials based on certain attributes that are derived from information which you provide to us through the HealthMatch Platform. We provide de-identified attributes (i.e. information about your medical conditions) to clinical trial providers to determine your suitability for participation in clinical trials. With your permission, we may also provide your personal information to clinical trial providers (including clinical trial sites). We receive a fee from clinical trial providers each time we refer a potential trial participant, but we do not screen or prioritise certain trials based on fee arrangements with clinical trial providers.

By using the HealthMatch Platform, you will be able to control and manage the personal data you input into the Platform in various ways. For example, you will be able to:

  • choose whether we provide your personal information to clinical trial providers; and
  • (to extent permitted by law) delete your profile and we will erase or de-identify any of your personal information that we hold.

Where you use the Platform on behalf of someone else (i.e. a patient), you must ensure you have that person's consent to provide us with their personal information.

What is de-identified information and how do we use and disclose it?

We may use or disclose de-identified information as described in this Privacy Policy. De-identified information is derived from the personal information and sensitive information that you provide to us. Before we use or disclose such information, we will carefully remove certain information or alter the information that we collect about you so you can no longer be identified from that information.

In order to match you with clinical trials, we provide information about your attributes to clinical trial providers such as pharmaceutical companies, clinical trial centres connected to hospitals or other health service providers, and contract research organisations. Where we provide such information, it is in a de-identified format. Clinical trial providers use this information to confirm your suitability to participate in clinical trials, and may also use this information on an aggregated basis for research and development purposes.

We may provide aggregate de-identified information derived from personal and sensitive information to carefully selected non-profit disease-specific advocacy groups for research purposes and to assist in promoting awareness of clinical trials and medical developments.

We may also undertake data analytics on de-identified data related to your use of our Platform, in order to improve the functionality of the Platform.

What personal information do we collect?

We do not seek to collect information relating to your results as part of a clinical trial that you are matched with through use of our Platform.

We may collect the following types of personal information and sensitive information:

  • name;
  • mailing or street address;
  • email address;
  • telephone number and other contact details;
  • age or date of birth;
  • details of your disease type or other medical condition(s);
  • details of your hospital;
  • your medial visits and procedures;
  • your genetic information, including test results which contain genetic information;
  • details about your treatment and side effects;
  • your family history of any related medical conditions;
  • details of clinical trials you have participated in prior to using our matching service;
  • your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;
  • details of the clinical trials we have matched you with and whether we have been notified by clinical trial providers that you meet their criteria to participate in such trials;
  • any additional information relating to you that you provide to us directly through our website or Platform, or indirectly through your use of our website or Platform or online presence or through other websites or accounts from which you permit us to collect information; or
  • any other personal information that may be required in order to facilitate your dealings with us.

We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:

  • register on our website or for our Platform;
  • complete the questionnaire on your medical conditions and history through our Platform;
  • communicate with us through correspondence, chats or email;
  • use the Platform to update your privacy preferences;
  • interact with our sites, services, content and advertising; or
  • invest in our business or enquire as to a potential purchase in our business.

In addition, when you apply for a job or position with us we may collect certain information from you (including your name, contact details, working history and relevant records checks), from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. The Privacy Act contains certain exemptions regarding certain acts undertaken in relation to employee records. Where appropriate, we make use of relevant exemptions under the Privacy Act.

Why do we collect, use and disclose personal information?

We may collect, hold, use and disclose your personal information for the following purposes:

  • to match you with (and allow you to enrol in) clinical trials relevant to your disease type or medical condition(s);
  • to enable you to access and use our Platform and to manage your privacy preferences;
  • to enable you to access and use other components of our website;
  • to operate, protect, improve and optimise our Platform, business and our users’ experience;
  • to send you notifications of trial matches and where a trial provider notifies us that you meet their trial criteria;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
  • to send you our electronic newsletter;
  • to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and
  • to consider your employment application.

Do we use your personal information for direct marketing?

When you use our Platform, we may:

  • use your personal information to send you direct marketing communications and information about our services and products, in accordance with the Spam Act 2003 (Cth) and the Privacy Act; or
  • de-identify your personal information before disclosing it to third parties to facilitate our general marketing or promotional activities.

We engage third party service providers to assist us with delivering direct marketing via various channels, including through social media and other digital platforms. We take all reasonable steps to ensure that your personal information is protected when disclosing information to such third parties.

You can always opt-out of receiving direct marketing communications by contacting us using the details set out below, by using an unsubscribe link or by telling us through your profile settings via our Platform.

If you are not yet a registered user of our Platform, then we may market our services to you generally – including via social media, advertising through our website or through third party websites and other digital or non-digital platforms. We will always do this in accordance with our legal requirements and if we use a third party to do so, we will only do so with our trusted partners.

To whom do we disclose your personal information?

We will always seek your consent before providing your name and contact details to a clinical trial provider (or to a clinical trial site that has been contracted by the relevant clinical trial provider), so that they can contact you to participate in a trial. Where you give us your consent to do so, any further personal information that you then provide to a clinical trial provider (including to a relevant clinical trial site) will be subject to that trial provider's privacy policy and any other arrangements between you and them.

We may also disclose personal information for the purposes described in this privacy policy, where necessary for our legitimate business purposes and on a need to know basis, to:

  • our employees and related bodies corporate;
  • third party suppliers and service providers (including information technology providers for the operation of our website, Platform and/or our business);
  • professional advisers;
  • anyone to whom our assets or businesses (or any part of them) are transferred;
  • specific third parties authorised by you to receive information held by us; and/or
  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Disclosure of personal information outside Australia

We may disclose your personal information outside of Australia to our third party service providers located in the United States and Japan. We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.

We may disclose de-identified information outside of Australia to clinical trial providers located in the United States, China, Singapore, New Zealand and Europe (including the European Union), for the purposes of matching you with clinical trials. We will always seek your consent before providing your name and contact details to any such clinical trial provider so that you can participate in a trial.

Using our website and cookies

We may collect personal information about you when you use and access our website or Platform.

While we do not use browsing information to identify you personally, we may record certain information about your use of our website and Platform, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use ‘cookies’ or other similar tracking technologies on our website and Platform that help us track your website or Platform usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.

We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.


We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. For example, we:

  • use secure communications between your browser and our servers;
  • store your information in encrypted form; and
  • have processes in place to ensure that all data requests are authenticated and authorised.

We also restrict access to personal information within our organisation to those personnel who need it to operate our service.

However, we cannot guarantee the security of your personal information.


Our website, Platform or electronic newsletter may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Accessing or correcting your personal information

You can access and update the personal information we hold about you by logging into your profile on our Platform.

Where we hold other personal information about you, you can contact us using the information below or the contact us function on our website to access or correct this information.

Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information. If you contact us about inaccurate information, we will take reasonable steps to ensure that it is corrected.

Making a complaint

If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below or the contact us function on our website. Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.

Contact Us

For further information about our Privacy Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below or the contact us function on our website:

Privacy Officer
HealthMatch L4
10-14 Waterloo Street
Surry Hills, NSW