💬 SeeTreat's ART.1-US Software is FDA Cleared for clinical use in the USA

Privacy Policy

Introduction

SeeTreat Pty Ltd (ABN 72 616 339 694) of 320 Pitt St, Sydney, NSW 2000, ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you interact with our website or services.

As an Australian business, this Privacy Policy complies with the requirements of the Australian Privacy Principles set out in the Australian Privacy Act 1988 (Cth), as well as other applicable privacy laws.

SeeTreat complies with the:

Our approach to privacy

To protect your privacy, SeeTreat will:

Provide you with access to the information collect about you in accordance with our obligations under privacy laws;
Not disclose your personal information outside SeeTreat except in accordance with this Privacy Policy, unless we are legally authorised or required to do so;
Provide you with an accessible mechanism to notify us of any complaints;
Implement internal procedures to protect your information security and privacy and provide training to our staff to ensure that our privacy processes are followed;
Regularly review and enhance our privacy practices.

Information We Collect

We may collect your personal information when you:

visit our website;
sign up to receive communications from us;
apply to be employed by us, or in the course of your employment with us;
contact us by any method, such as telephone, email, or in person;
interact with us in other notified ways.

The personal information you provide to us will vary depending on the nature of your interaction with us, but may include:

name, date of birth, contact details, educational qualifications, employment history, tax file number, banking and superannuation fund details, and other payroll information;
other personal information contained in any communications you send to us, submit or upload to our website or social media pages, or that we receive from third parties;
with your consent, certain health information, criminal record details, and other sensitive information relevant to employment applications;
anonymised medical data (e.g., images) from clinical partners;
non-identifiable usage data for product improvement and maintenance.

How We Collect Information

We collect:

Contact information when you reach out via email or phone;
Pre-processed anonymised patient medical images and information from clinical partners;
Data under the following legal bases (UK/EU GDPR):
- Consent
- Contract
- Legal obligation
- Legitimate interests

Controller and Processor Roles

SeeTreat Pty Ltd acts as:

a data controller when determining the purposes and means of processing personal data (e.g., employment, customer engagement);
a data processor when handling personal data on behalf of third parties, such as clinical partners or healthcare providers.

This includes scenarios where SeeTreat support personnel may view patient data stored on installed devices solely for the purpose of diagnosing or resolving technical issues. In these cases, SeeTreat acts under the instruction of the healthcare provider and does not retain or store any patient data. This activity is classified as a data processor function under applicable data protection laws.

Cloud-Based Services

When you use our cloud‑based services or trial environments, you may choose to upload data, which may include personal information or health information, depending on your organisation’s configuration and use. In these circumstances, SeeTreat acts strictly in accordance with written agreements with your organisation, such as a Data Processing Agreement (DPA) or equivalent contractual instrument.

These agreements define the parties’ roles, data categories, security requirements, retention periods, and all processor obligations. They apply in priority to this Privacy Policy for any customer‑provided data.

How We Use Your Information

We use personal information to:

Provide products or services;
Track website usage and performance;
Manage account settings;
Conduct marketing and market research;
Respond to inquiries;
Improve product and service quality;
Manage subscriptions;
Train personnel and support continuous education;
Handle complaints and quality assurance.

If you are a job applicant:

We use your data to assess your application and may retain it for future roles.

You may opt out of marketing communications at any time.
We also use de-identified data to:

Develop products and services;
Conduct research and statistical analysis;
Support medical innovation under ethics-approved protocols and patient consent.

We ensure:

All personal identifiers are removed;
De-identification is performed by authorised third parties;
Best practices are followed to minimise re-identification risk.

In certain support scenarios, SeeTreat support personnel may be required to view patient data stored on installed devices solely for the purpose of diagnosing or resolving technical issues. This data is not copied, stored, or retained by SeeTreat. This activity is conducted under the instruction of the healthcare provider and is classified as a data processor function under applicable data protection laws.

Automated Decision-Making and Profiling

We do not use personal data for automated decision-making or profiling that produces legal or significant effects. If this changes, we will update this policy and implement safeguards per Article 22 of the GDPR.

Cloud-Based Services

For cloud-based trials or hosted deployments, SeeTreat processes customer-supplied data solely to provide the service, maintain system functionality, support technical troubleshooting, and ensure product performance and security. We do not use customer-provided data for model development, training, or enhancement unless expressly permitted in a separate written agreement.

Disclosure of Your Information

We may share your personal information:

With service providers under confidentiality obligations;
With your authorised representatives;
With professional advisors (e.g., auditors, legal counsel);
As required by law or regulation;
In legal disputes;
With research bodies, in accordance with applicable ethics and data protection requirements.
With your organisation, under a Data Processing Agreement or similar contract, when we process data on your behalf as part of cloud‑based deployment, hosted services, or evaluation environments.

Data Storage and Security

If we transfer your data outside the UK or EEA, we use:

Standard Contractual Clauses (SCCs),
International Data Transfer Agreements (IDTAs).

We retain data only as long as necessary for legal, regulatory, or business purposes.

This data may be stored outside Australia depending on the tools we use. This data may be outside Australia, due to circumstances which change from time to time. As these are third parties, it is not practicable for us to specify the countries in which such third parties are located.

We protect your data using:

Access controls;
Confidentiality agreements;
Firewalls, encryption, and physical security.

Records are held securely for future retrieval in accordance with applicable laws and good business practice. If SeeTreat no longer needs, or is no longer required, to retain personal information, SeeTreat will take reasonable steps to destroy the information or will ensure that the information is de-identified.

Cloud-Based Services

SeeTreat offers both on‑premise and cloud‑based service options. When using our cloud‑based environments, customer data may be processed in secure cloud infrastructure operated by third‑party providers under strict contractual and technical safeguards.

The location of data storage may vary depending on the customer’s selected region or service configuration. Data residency obligations, cross‑border transfer mechanisms, and retention periods are defined in the relevant Data Processing Agreement (DPA) or equivalent contract with the customer.

In cloud‑based scenarios where SeeTreat processes data on behalf of a customer, SeeTreat acts as a data processor, and the customer acts as the data controller for such data. Access to customer content is strictly limited to authorised personnel and only for the purposes of providing support, maintenance, and security of the service.

Your Rights

Under the General Data Protection Regulation (GDPR), Australian Privacy Act, and other applicable data protection laws, you have certain rights regarding your personal information:

Right to access: You can request a copy of the personal information we hold about you.
Right to rectification: You can ask us to correct any inaccurate or incomplete personal information.
Right to erasure: You can request that we delete your personal information in certain circumstances.
Right to restrict processing: You can ask us to restrict the processing of your personal information in certain circumstances.
Right to data portability: You can request a copy of your personal information in a machine-readable format.
Right to object: You can object to our processing of your personal information in certain circumstances.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section.

Children's Privacy

Our services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted with a revised “Last updated” date.

Contact Us

SeeTreat Pty Ltd takes the protection of personal data seriously and has appointed DataRep as our data protection representative in the EU and UK.

Outside EU/UK: Contact our DPO at privacy@seetreatmedical.com

For EU/UK inquiries contact DataRep by:

Email: via datarequest@datarep.com quoting <SeeTreat Pty Ltd> in the subject line
Webform: www.datarep.com/data-request,
Mail: Your inquiry to DataRep at the most convenient of the addresses below.

Please note: when mailing inquiries, it is essential that you mark the letters for ‘DataRep’ and not SeeTreat Pty Ltd.

🇦🇹 Austria DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria
🇧🇪 Belgium DataRep, Rue des Colonies 11, Brussels, 1000, Belgium
🇧🇬 Bulgaria DataRep, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria
🇭🇷 Croatia DataRep, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia
🇨🇾 Cyprus DataRep, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus
🇨🇿 Czech Republic DataRep, Platan Office, 28. Října 205/45, Floor 3&4, Ostrava, 70200, Czech Republic
🇩🇰 Denmark DataRep, Lautruphøj 1-3, Ballerup, 2750, Denmark
🇪🇪 Estonia DataRep, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia
🇫🇮 Finland DataRep, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland
🇫🇷 France DataRep, 72 rue de Lessard, Rouen, 76100, France
🇩🇪 Germany DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany
🇬🇷 Greece DataRep, Ippodamias Sq. 8, 4th floor, Piraeus, Attica, Greece
🇭🇺 Hungary DataRep, President Centre, Kálmán Imre utca 1, Budapest, 1054, Hungary
🇮🇸 Iceland DataRep, Laugavegur 13, 101 Reykjavik, Iceland
🇮🇪 Ireland DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland
🇮🇹 Italy DataRep, Viale Giorgio Ribotta 11, Piano 1, Rome, Lazio, 00144, Italy
🇱🇻 Latvia DataRep, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia
🇱🇮 Liechtenstein DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria
🇱🇹 Lithuania DataRep, 44A Gedimino Avenue, 01110 Vilnius, Lithuania
🇱🇺 Luxembourg DataRep, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg
🇲🇹 Malta DataRep, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta
🇳🇱 Netherlands DataRep, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands
🇳🇴 Norway DataRep, C.J. Hambros Plass 2c, Oslo, 0164, Norway
🇵🇱 Poland DataRep, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland
🇵🇹 Portugal DataRep, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal
🇷🇴 Romania DataRep, 15 Piaţa Charles de Gaulle, nr. 1-T, Bucureşti, Sectorul 1, 011857, Romania
🇸🇰 Slovakia DataRep, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia
🇸🇮 Slovenia DataRep, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia
🇪🇸 Spain DataRep, Calle de Manzanares 4, Madrid, 28005, Spain
🇸🇪 Sweden DataRep, S:t Johannesgatan 2, 4th floor, Malmo, SE - 211 46, Sweden
🇬🇧 United Kingdom DataRep, 107-111 Fleet Street, London, EC4A 2AB, United Kingdom

The representative acts as a contact point for data subjects and supervisory authorities in accordance with Article 27 of the EU and UK GDPR.

If you are outside the EU and UK and have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer at: privacy@seetreatmedical.com

Complaints

If you have a complaint about how we handle your personal information, please contact us first. If you are not satisfied with our response, you can contact the local regulatory authorities.

Australia - the Australian Information Commissioner (OAIC) at www.oaic.gov.au
UK - the Information Commissioner’s Office (ICO) at www.ico.org.uk
EU - you may contact your local Data Protection Authority (DPA) for assistance.