Australia Data Privacy Notice


ComPsych and its partner in Australia, Converge International, are committed to respecting your privacy and wish to ensure that you are not only aware of our Privacy Policy but provide your informed permission for us to collect, use and disclose your personal information for the purpose of us providing you with services. We recognise that your privacy is very important to you and that you have a right to control your personal information. Unless you give us explicit consent to act otherwise, the following policy will govern how we handle your personal information and safeguard your privacy.


We collect personal information about you to help us deliver an EAP service. This may include your name, address, contact details and information relevant to the purpose of providing the services or information, and sensitive information about you including your gender, date of birth, health, ethnic group which are relevant for the proper provision of the EAP services we deliver.

We keep summary information about you electronically on our database. This electronic information is only used to assist us to provide services to you as well as to assist with administration activities such as quality management. Individuals accessing services under an employee assistance program are electronically registered as numbers to ensure anonymity.


We collect, hold and use your personal information so that we can:

A. verify your identity;

B. provide you (or your employer organization, if they have a contract with us) with information, products and services, and manage our relationship with you (or your employer organization);

C. contact you, for example, to respond to your queries or complaints, or if we need to tell you something important;

D. inform you about a potential new product and service development and innovation, as well as for other internal purposes, such as research and data analysis; and

E. comply with our legal obligations and assist government and law enforcement agencies or regulators.

If you do not provide us with your personal information, we may not be able to provide you with our products or services, communicate with you or respond to your enquiries.

We may also use your personal information to create Anonymous Data records by first de-identifying your personal information, which means removing any information that would allow the remaining data to be linked back to you. We may use Anonymous Data for internal purposes, such as analysing overall health patterns and preferences to improve our products and services.

Subject to applicable laws and regulations, we reserve the right to use and disclose Anonymous Data at our sole discretion.


We store most personal information about you in computer systems and databases operated by either us or our external service providers.

We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorized access, modification or disclosure.

These processes and systems include:

  • the use of identity and access management technologies to control access to systems on which information is processed and stored;
  • the encryption of your personal information in transit via Transport Layer Security (TLS) and at rest;
  • requiring all employees to comply with internal information security policies and keep information secure;
  • requiring all employees to complete training about information security; and
  • monitoring and regularly reviewing our practise against our own policies and against industry best practice.


We may disclose personal information for the purposes described in this Policy to:

  • our employees and related bodies corporate;
  • third party suppliers and service providers (in connection with providing our services to you);
  • our existing or potential agents, business partners or professional advisors;
  • another health service provider - if you request that this occur.

We only disclose, or share your personal information with third parties where indicated in this Privacy Policy, or with your consent, or as required or authorized by law.

Where we are permitted to disclose your personal information to other third parties, we will take reasonable steps to make sure such third parties will not breach the Privacy Act 1988 (Cth) and applicable privacy laws in their jurisdiction.


We will take reasonable steps to ensure that personal information collected, used or disclosed is accurate, complete and up to date.


We retain your personal information only for the period necessary to fulfil the purposes set out in this Privacy Policy. When assessing the retention periods for any personal information we collect, we review our need to collect personal information at all and, subject to establishing a relevant need, only retain it for the shortest period possible to realise the purpose of collection, unless a longer retention period is required by law.


We have a procedure in place that allows you to have access to personal information that is collected about you. To gain access to this information, You will need to complete a Release of Information Request Form. However there are limited circumstances in which access to an individual’s personal information will be allowed. If access to information is denied, we will provide reasons for the denial. All requests for access will be acknowledged within 14 days. Access to any information requested will take place within 30 days.


We endeavour to ensure that all information is accurate and kept up to date. Therefore you are encouraged to telephone or write to us to advise us of any change in your personal circumstances.


In case of an actual or suspected personal data breach, we will fulfil our legal obligations to notify of data and / or security breaches without undue delay, including managing the end-to-end process from the recognition of a breach up to notifying you.

We have put in place appropriate procedures to deal with any personal data breach and will notify the supervisory authority and / or data subjects where we are legally required to do so. In the event of a data breach, we will notify the supervisory authority and the affected individuals without undue delay and within 72 hours of becoming aware of the situation.

If you know or suspect that your personal information may have been breached or otherwise compromised, or a personal data breach has occurred, please contact us at to report it and obtain advice, and take all appropriate steps to preserve evidence relating to the breach.


If you have further queries relating to our Privacy Policy, or you have a problem or complaint please contact:
Post: Privacy Officer, Converge International, Level 16, 180 Lonsdale St, Melbourne, Victoria, 3000;
Email:; Phone: 1300 687 327


From time to time, our policies will be reviewed and may be revised. We reserve the right to change this privacy policy at any time. If you would like to access prior versions of this Policy, please contact


For more information, you may approach an independent advisor or contact the Office of the Australian Information Commissioner for more information.


You have the right to understand how we collect, use, and disclose your personal information, to access your information, to request that we delete certain information, and to not be discriminated against for exercising your privacy rights.

  • You may contact to exercise your rights.

If you require further assistance regarding your rights, please contact, and we will consider your request in accordance with applicable laws.