top of page
  • This Privacy Notice applies only to information that is provided to Data Dissect and its subsidiaries through accessing the website (“the Website”), Data Dissect’s online platform, or through some other digital medium via a Data Dissect product (together “Data Dissect Services”) by a user of the Data Dissect Services (“User/s”).

    In addition to the specific uses outlined herein, Data Dissect may use any User or prospective User information submitted to Data Dissect, excluding personally identifying information, for any lawful purpose.

    This Privacy Notice sets out the types of personal information Data Dissect may collect from you when you visit the Website or use the Data Dissect Services as well as how Data Dissect processes that personal information.

    If you have any questions about this Privacy Notice, please see contact details at the end of this page. Data Dissect may amend this Privacy Notice from time to time, so you should check this page regularly to ensure that you are aware of any changes that have been made. If we make material changes to this Privacy Notice, we will notify you by means of a prominent notice on the Website prior to the change becoming effective.

    If you do not wish to provide personal information or if you do not agree to have us, use the information, it is your responsibility to notify us accordingly and to decline the use of those Data Dissect Services for which the personal information is sought.

    Notice to EU Individuals: this Privacy Notice is also intended to comply with the General Data Protection Regulation 2016/679 (“GDPR”) and provide the requisite protection and care with respect to the treatment of your user information in accordance with GDPR. What Personal Information Is Collected and How.

    We collect information about Users (including your personal information) when you visit our website and use the Data Dissect Services. Most information is collected directly from you, such as when you fill out forms with a name, email address and any other personal information related to you and/or your condition. Some other information is collected about you indirectly, including the device, browser, or location automatically from you when you log into and use our services online. We may also collect some information about you from other sources, such as your physician—this information is only collection if you have previously consented to this.

    If you are participating in one of the Data Dissect Services through a Data Dissect customer, we will also be collecting personal health information (PHI). PHI is a special category of personal information that includes demographic information, medical histories, test and laboratory results, mental health conditions, insurance information, and other data that a healthcare professional collects to identify an individual and determine appropriate care.

    You may be able to access certain portions of the Website without providing us with any personal information, however, once you begin the process of registering for any Data Dissect Services, you acknowledge that you will be required to share certain personal information and PHI with us.

    This Privacy Notice does not apply to the activities of the organization with whom you have separately agreed to provide your information associated with your participation in any study, registry or other initiative. It is however, intended to be complementary to those organizations, but if you have particular questions regarding that organization’s privacy policies and practices, you are encouraged to contact them and to read and review their applicable statements and policies.

    From time to time, the Data Dissect Services may include access to chat areas or bulletin boards (e.g. comments sections, chat sessions, blogs etc.), that your information could be seen and used by others. This may result in unsolicited messages from other users of the Data Dissect Services. We are not responsible for the personally identifiable information or other user information you may choose to submit in these forums. To request removal of your personal information from those areas, please contact us as provided below. In some cases, we may not be able to remove personal information voluntarily disclosed by you in such forums for legal retention purposes or technical limitations (e.g. the data may not be searchable), in which case, we will notify you if we are unable to do so.

  • When personal information (including PHI) is submitted to us, we add it to our database. Personal information may also be disclosed to Data Dissect employees, independent contractors and agents who need to know that information in order to operate, develop or improve the Data Dissect Services or who you have consented to providing personal information.

    We do not access personal information in the normal course of providing Data Dissect Services. As a User of the Data Dissect Services, please never send us any personal information directly. All communications with us should take place through the secure platform tool you have been provided. If you notice an error in any of your information, you should contact the organization with whom you have agreed to provide this information to. We will only process your personal information and/or PHI in accordance with the consent you have provided to the organization.

    Where a Data Dissect customer has submitted personal information to us or facilitated the submission of personal information to us, the Data Dissect customer can request us to review, change, update or delete personal information previously submitted to us. We will take reasonable steps to verify the identity of the customer and its authorization to make any changes before we grant access to personal information and comply with the request. Please be aware that even after such a request is processed, Data Dissect may, for a time, retain residual information about you in our backup and/or archival copies of our database and in accordance with our Records Retention Policy.

    We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

    Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, only where this is required or permitted by law.

  • All personal information (including PHI) that is entered/imported through the Data Dissect Services is stored in an encrypted database in the cloud environment used by Data Dissect (Microsoft Azure). All data transmissions from Users of the Data Dissect Services are encrypted using the latest Internet security practices including TLS 1.2. Registry data is isolated from other registry data and is encrypted at rest. All access to the database systems are restricted to required/key personnel and all actions are logged and monitored real-time by advanced security tools.

    Data Dissect uses a variety of safeguards to protect your personal information and PHI from unauthorized access and against unlawful processing, accidental loss, destruction and damage. No method of transmission over the Internet, or method of physical or electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal information and all PHI is stored in accordance with PHIPA, HIPAA, and GDPR, we cannot ensure or warrant its absolute security. Consequently, when you transmit your personal information to us, you do so at your own risk.

    User accounts are accessible by entering the login information and password that were used to create that User account. We strongly request you do not communicate any confidential information to Data Dissect through email or any other means.

    If Data Dissect learns of a breach, we will act in accordance with our standard breach notification policy. We may attempt to notify you electronically so that you can take appropriate protective steps or alternatively, we may contact the organization with whom you are a participating patient. By using the Data Dissect Services or providing personal information, you agree that we can communicate with you electronically regarding security and privacy issues related to the Data Dissect Services. Data Dissect will endeavour to provide notice to you of any security systems breach and efforts to restore the integrity of the Data Dissect Services in accordance with applicable law. If you become aware of any breach of data security or have any other questions about the security of the Data Dissect Services, please contact us here.

    For Users from the European Union:

    In addition to the terms provided in this Privacy Notice, the following additional GDPR data subject rights and obligations shall apply to Users in the EEA (European Economic Area).

    Right of Access: This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security, and processing of that information.

    Right to Correction: You have the right to request the correction of inaccurate personal information.

    Right to Erasure: This includes your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession. This is also commonly known as the “right to be forgotten”. Please note that there are exceptions to this rule, and we may be required to retain the information for legal purposes, which may include research purposes, if erasure could be deemed to compromise the nature of the research. You will be notified if applicable as soon as possible following your request.

    Right to Complain: You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.

    Right to Restrict Processing: You have the right to request restriction of how and why your personal information is used or processed.

    Right to Object: You have the right, in certain situations, to object to how or why your personal information is processed. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

    Right to Portability: You have the right to receive the personal information we have about you and the right to transmit it to another party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

    Right to Not Be Subject to Automated Decision-Making: You have the right to object and prevent any decision that could have a legal, or similarly significant effect on you from being made solely based on an automated process. This right is limited however, if the decision is necessary for the execution of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.

    Right to Unsubscribe from Our Communications: You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located at the bottom of all of our email communications, by updating your communication preferences, or by sending us an email here or by mail to Data Dissect Pty Ltd 14 Burlington Street Walkerville South Australia 5081 Attn: Compliance Officer.

    Other: By using and or accessing Data Dissect Services, you: acknowledge that your personal information will be processed as described in this Privacy Notice; and consent to having your information transferred to our affiliates and facilities in Canada or elsewhere and to the facilities of the parties with whom we share it as described in your specific consent, the End User License Agreements or this Privacy Notice.

  • Aggregate Data is information that does not personally identify you such as demographic information, frequency of visits to the Data Dissect Site, page views, Data Dissect Services most frequently accessed, your Internet Protocol (IP) address, referrer addresses, where your computer is routing from, your browser type and version, or your operating system and platform. It also includes all PHI and personal information from the Data Dissect Services that are de-identified and aggregated together with all other PHI and personal information (“Aggregate Data”). We use Aggregate Data to help us develop and improve the Data Dissect Services overall as well as assist our customers in achieving their research objectives and in accordance with any consent you have signed. We also use Aggregate Data to further the mission of Data Dissect realising a future where data drives the best healthcare decisions.

  • Users are given the choice to opt-out of certain optional communications from us and our affiliates and marketing partners. To “opt-out” you may send an opt-out request to us here with the word “unsubscribe” in the email subject line. Users should allow a reasonable amount of time for the opt-out request to be processed. Please be aware that you opt-out choice may mean that certain features and functions of the Data Dissect Services will no longer be available to you.

  • Users are given the choice to opt-out of certain optional communications from us and our affiliates and marketing partners. To “opt-out” you may send an opt-out request to us here with the word “unsubscribe” in the email subject line. Users should allow a reasonable amount of time for the opt-out request to be processed. Please be aware that you opt-out choice may mean that certain features and functions of the Data Dissect Services will no longer be available to you.

  • It is possible that we may need to disclose personal information or PHI when required by law, such as responses to civil or criminal subpoenas, or other requests by law enforcement personnel, to establish or exercise our legal rights or, defend against legal claims and if in our judgment in such circumstances disclosure is required or appropriate.

    We may also share personal information or PHI if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms, or as otherwise required by law.

    Such information will only be disclosed in accordance with our legal obligations, our policies and under the guidance and direction of counsel.

  • We may disclose personal information, PHI, and Aggregate Data to a third party as part of a reorganization or a sale of the assets of Data Dissect but only as necessary. Any third party to which we transfer or sell Data Dissect assets in these circumstances will have the right to continue to use the personal information and Aggregate Data that you provide to us, subject to this Privacy Notice as may be amended.

  • The Internet is a global environment. Using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis. This means that your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. By using Data Dissect Services and/or communicating electronically with us, you acknowledge and agree to our processing of your personal information in this manner, and agree to be bound by the applicable privacy laws that Data Dissect is governed by as well as the jurisdiction and venue provisions of the Data Dissect terms.

    Notwithstanding the same, any PHI will be stored in accordance with the laws under which it was originally shared and will only be transferred to another jurisdiction in accordance with the laws or the consent you have provided.

  • The Data Dissect Website may contain links to websites operated by other people or companies. The Privacy Notice does not apply to the practices of third-party sites, which may have their own privacy policies or no privacy notice at all. While we try to link only to sites that share our high standards and respect for privacy, Data Dissect does not control the content of third-party sites and takes no responsibility for their content, nor should it be implied that Data Dissect endorses or otherwise recommends such sites or the products or services offered. We encourage you to review the privacy policies and terms of use of any third-party sites or services before providing any of them with any of your personally identifiable information. This Privacy Notice applies only to Data Dissect Services.

  • If you have questions regarding this Privacy Notice or the information collection and dissemination practices of Data Dissect, please contact us at

bottom of page