CARISA APP PRIVACY and USAGE POLICY

As the makers of CARISA, CCS Corporation Pty Ltd respects your right to privacy and is committed to safeguarding the privacy of our customers and CARISA users. We adhere to the Australian Privacy Principles established by the Privacy Act 1988 (Cth). This policy sets out how and why we collect and how we treat CARISA Account Holder information.

What information does the CARISA App collect?

Personal information

CARISA uses an Account Holder's first and last names and a unique CARISA ID, identify, grant access to their CARISA Account and to keep the information and stories accumulated during CARISA activities.

Other than their first and last names and their unique CARISA ID, no other personal identifiable information ("personal information") is required for the application to operate.

Other information

As they use the App in regular interactions with the Account Holder (usually an aged-care resident), their family members, friends, and carers will typically add other general information about the Account Holder's experience during an activity, and about their present and past life experiences (“other information”). This other information will also be readable by anyone with access to the particular CARISA Account.

As such, to protect the privacy of the Account Holder it is always recommended that deeply personal, private, or confidential information about that person should not be entered into any of the activities.

As a general rule, if a user would be happy for the information entered into an activity to be displayed on a pin-board in the Account Holder's room or read aloud in a letter by a carer, or talked about in a social gathering, then it’s probably safe to let it be added to their CARISA Account.

As part of the normal functioning and monitoring of the CARISA application with its residents in its facilities, a Care Home implementing the CARISA application will be able to view individual Account Holder's data or aggregated data from selected or all Accounts within the Care Home's Administrative Account.

How is the information used?

As stated above, the personal information is used to create and identify a unique CARISA Account in combination with a unique ID and to store information accumulated during CARISA activities – either entered directly in input boxes or surveys or automatically such as the recording of date, time and duration of an interaction.

The CARISA App is designed to support and enhance care experiences and to be a source of communication with and between family members, friends, carers and other residents. It is also an easy way to establish an ongoing record of an Account Holder's interactions with others that can be used as personalised prompts, conversation starters, reminiscence sources and connectors, by all caregivers.

Disclosure of information: We may disclose your information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Policy. Information is only supplied to a third party when it is required for the delivery of our services.

Information from a CARISA Account's activities may from time to time be accessed by CCS Corporation for use in research and development both to assist understanding of ways to facilitate healthy ageing and to improve the efficacy of the CARISA application -- data will be anonymised for research purposes.

We may from time to time need to disclose information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.

We may also use your information to protect the copyright, trademarks, legal rights, property or safety of CCS Corporation Pty Ltd, its application, website and customers or third parties.

Information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia. These may include, but are not limited to the United States of America.

If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and other information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.

By providing us with personal or other information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this Policy. Where we disclose your personal information to third parties, we will request that the third party follow this Policy regarding handling your personal information.

Storage and Security

Account Holder information will be stored in a secure digital platform with standard security measures in place. CCS Corporation is committed to ensuring that information is secure and accessible only to Account Holders their carers, family, friends and other authorised personnel.

We are committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

While effort and care will be taken to ensure no loss of Account Holder data, CCS Corporation cannot be held responsible or liable for damages or grievance or inconvenience that may arise from a data loss incident.

Storage location: CARISA mobile applications are approved by and available from Google Play and the App Store for free download and abide by both these supplier’s security and data App integrity regulations to ensure they are safe to run on modern mobile devices. Updates are made to these applications as required and as new features are added. Information entered into CARISA Accounts is currently stored on servers in the USA. CCS Corporation is in the process of moving to Microsoft Azure servers based in Australia. An update to this policy will be posted once this is implemented.

Access and Corrections

Account Holders with a current valid CARISA subscription have the right to access their personal information and correct any inaccuracies. Most information entered into your CARISA account is editable within the app. Where it is not, Account Holders can request that we erase any personal data held about them. This does not include any information we are obliged to keep for administrative, legal, or security purposes.

Retention of information

Account Holder information will be retained for access and normal functioning of an account as stated above for the duration of the Account Holder's subscription or, in the case of a trial or research project, the period required to fulfill such purposes.

Ownership of information

Any information entered into a CARISA Account by users is deemed to be owned by, and entered with, the Account Holder's consent. Should such information subsequently be found to be infringing third party copyright or be considered defamatory, CCS Corporation will not be held liable to any third party and may request or require removal of the information.

Information will remain accessible to an Account Holder so long as a valid subscription is in place. When a CARISA Account is closed or withdrawn or not renewed, the information in the Account will no longer be accessible by the Account Holder. By entering information into their CARISA Account, an Account Holder (or an authorised agent) understands and agrees that CCS Corporation reserves the right to retain all information and use and provide to its research partners, anonymised Account data for research and statistical purposes to improve understanding of healthy ageing, better aged care techniques, and the efficacy of the CARISA application. Information will never be disclosed or sold by CCS Corporation to third parties for use in advertising or marketing.

Account Holders or an authorised agent may request a digital copy of Account data upon closing their Account (a fee may apply for this service in some circumstances).

Similarly a Care Home implementing the CARISA application within its facilities will be able to access individual Account Holder's data or aggregated data from selected or all Accounts within the Care Home's Administrative Account as long as a valid subscription is in place.

Consent

By using the CARISA App, an individual is deemed to be giving consent to the Australian company, CCS Corporation Pty Ltd (221 Pringles Rd, Martinsville, NSW, 2265 ACN062305784), developer of the CARISA App, to collect, store, and apply Account Holder's "personal" and "other information" as described above.

Changes to the App Privacy Practice

If there are any changes to our privacy practices, we will seek to communicate these changes to Account Holders and update this document and ensure that they are in line with legal and ethical standards as required by the Australian Privacy Principles.

Our Contact

Any enquiries about this policy should be directed to privacy@ccscorporation.com.au or by contacting CCS Corporation Pty Ltd on t: +610249771211.

WEBSITE USAGE POLICY

Who we are

Our website address is: https://carisa.care. Our parent company, the makers of CARISA, is the Australian company CCS Corporation Pty Ltd https://ccs.cards

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.