Envigor Health Management Pty Ltd Privacy Policy

  1. Scope and context

This is the privacy policy of Envigor Health Management Pty Ltd (ABN 38 613 918 835) trading as “GRIT Health”.  

This privacy policy explains:

  • how we manage the personal information that we collect, use and disclose; and
  • how persons to who this privacy policy applies may contact us if you:
    • have any questions about our management of your personal information;
    • would like to access or correct the personal information we hold about you; or
    • would like to lodge a complaint with us regarding our compliance with Privacy Laws.
  1. Meaning of terms

In this document:

  • References to ‘us’, ‘we’ or ‘our’ mean Envigor Health Management Pty Ltd (ABN 38 613 918 835), including where it trades under the name of “GRIT Health” or under the name of  “Envigor Health Management” as the context requires;
  • “Envigor Group Companies” means Envigor Pty Ltd ACN 147 108 870 and any associated entity of that company as defined by section 50AAA of the Corporations Act 2001(Cth).
  • “GRIT Health” as the context requires, refers to the home care system owned and operated by Envigor Health Management Pty Ltd (ABN 38 613 918 835) that provides monitoring and analysis of health and medical data to assist individuals to control and improve their health.
  • ‘Personal information’ generally means any kind of information in any form about a person that identifies that person and includes sensitive information such as health information.

3.    Who are we?

Envigor Health Management Pty Ltd ABN 38 613 918 835 carries on business under the business names of “GRIT Health” and “Envigor Health Management”and is a wholly owned subsidiary of Envigor Pty Ltd ACN 147 108 870. 

4.    Who does this policy apply to?

This privacy policy applies to all persons who have access to personal information collected by us and all persons about whom personal information is collected, including:

  • All current and past members of GRIT Health whose personal information we have collected, including those persons who have subscribed to use and receive the Envigor Health Management system services and those persons who have downloaded and used the GRIT Health App;
  • All individuals whose personal information is collected in relation to the products and services offered by GRIT Health and Envigor Health Management;
  • All individuals whose personal information is collected by us in the course of our functions and activities such as service providers, contractors and prospective employees .

Compliance with this privacy policy is mandatory.

5.    Protecting your privacy

We are committed to protecting your personal information and complying with our obligations under the Privacy Act 1988 (Cth), including the Australian Privacy Principles (Privacy Act) and other State and Territory laws governing the use of personal information (collectively, Privacy Laws) which regulate how personal information is handled from collection to use and disclosure, storage, access and disposal.

All of our employees, all persons who provide services to us or on our behalf, all persons who have access to personal information  collected by us and all persons about whom personal information is collected are required to comply with the Privacy Laws.

6.    What kind of personal information do we collect?

The types of personal information we may collect include:

  • sensitive information, including information about your health, health services provided to you and your claims;
  • identifying information such as name, date of birth and employment details;
  • contact information such as home address, home and mobile phone numbers and email address;
  • government-issued identifiers including Medicare numbers;
  • financial information, such as bank account and credit card details;
  • biometric information and templates, such as voice recognition information;
  • information about your activities, including sporting and other lifestyle interests; and
  • information about involvement in other programs you participate in or memberships you may have.

You have the option not to identify yourself or to use a pseudonym when dealing with us provided it is lawful and practicable for us to allow you to do so. However, on many occasions we will not be able to do this.

For example, we will need your name and residential address in order to provide you with the monitoring services provided by GRIT Health.

If you do not provide or authorise the provision of personal information we request, we may be unable to provide you with some or all of our products and services or the product and services of our partners.

With respect to health information, we will:

  • only collect health information necessary for our functions or activities;
  • collect health information directly from an individual where it is reasonable and practicable to do so;
  • only collect heath information with the express or implied consent of the individual concerned (see below).

Consent to collection of personal information (including health information)

By becoming or remaining a member of the GRIT Health system  (including by way of on-line subscription for membership to GRIT Health) or by otherwise providing personal information (including health information)  to us, you confirm that you consent to us collecting, using and disclosing your  personal (including sensitive) information, however collected by us, in accordance with this privacy policy.

7.    How do we collect and hold your personal information?

We will only collect personal information about you by lawful and fair means and not in an unreasonably intrusive manner.

We may collect your personal information from:

  • you (including by your use of the GRIT Health App) or from a person authorised to provide us this information on your behalf;
  • a third party such as a GP, hospital or other health service provider who has treated you;
  • Envigor Group Companies who have provided you with services including health-related services;
  • a service provider engaged by us or a third party who partners with us.

We take all reasonable steps to protect your personal information from misuse and loss and from unauthorised access, modification or disclosure.

We store your information securely and have a range of security controls in place to ensure that your information and documents are protected. Our employees are trained on privacy and access to personal information is restricted to individuals properly authorised to do so.

We also take reasonable steps to make sure that the personal information that we collect, use and disclose is accurate, complete, up to date and relevant.

We keep your personal information for only as long as it is required in order to provide you with products and services and to comply with our legal obligations.

When it is no longer needed for these purposes, we take reasonable steps to destroy or permanently de-identify this personal information.

8.    Why do we collect, use and disclose yourpersonal information?


We collect your personal information to enable GRIT Health and our third party suppliers and partners to provide you with products and services including health-related services, partner offerings and information on other products and services (collectively Health and Monitoring Products and Services). We may also be required by law to collect some personal information.


We may use your personal information for these purposes, including to:

  • process your membership application and manage your membership;
  • manage our relationship with you;
  • process and audit payments;
  • analyse, investigate, pursue and prevent suspected fraudulent activities;
  • manage and develop Health and Monitoring Products and Services;
  • assess your suitability for and contact you about Health and Monitoring Products and Services that we believe may be of benefit to you;
  • partner or work with third parties to improve our membership offering and value;
  • manage and develop our business and operational processes and systems;
  • conduct marketing, feedback and research activities;
  • manage and resolve any legal or commercial complaints or issues;
  • perform other functions and activities relating to our business; and
  • comply with our legal obligations.


In doing so we may disclose your personal information to persons or organisations in Australia and overseas including:

  • our subsidiaries;
  • our agents and service providers;
  • our professional advisors;
  • health service providers;
  • potential or actual buyers of our assets, business or of shares in Envigor Group Companies;
  • payment system operators and financial institutions;
  • your agents and advisors or other persons authorised by, or responsible for, you;
  • government agencies;;
  • third parties with whom GRIT Health works with to improve its membership offering and value;
  • other service providers or other third parties who assist us in the detection and investigation of fraud;
  • your employer (or their authorised representatives) if you have a corporate health monitoring product; and
  • other parties to whom we are authorised or required by law to disclose information.
  1. How we communicate with you

From time to time, we may also collect and use your personal information so that we and other Envigor Group Companies can promote and offer our services to you and keep you informed of special offers, including by direct mail, SMS and MMS messages, by phone and email.

You can choose not to receive these communications by calling us, sending a request through the GRIT Health website, or responding to the unsubscribe message in any marketing email you receive.

  1. Do we disclose your personal information overseas?

We may need to disclose your personal information to organisations located outside of Australia from time to time in the ordinary course of our business.  Most of these overseas organisations are service-providers or related entities which provide support and assistance to us in delivering our products and services to you. 

Where we do, we take reasonable steps to ensure that your information is given the same type of protection as it is afforded within Australia. This may be through satisfying ourselves that the overseas organisation has controls in place to comply with Australian privacy laws, ensuring that the overseas organisation is located in a country which we believe has a similar privacy regime to Australia or through contractually or otherwise mandating the adequate management of the information.

On occasion, we may also disclose your personal information to overseas organisations where you instruct us or expressly consent to us doing so. In such cases, we may not take the above steps in relation to the management of your information.

  • You can access or correct your personal information. How do you contact us to do so?

GRIT Health will generally provide you with access to your personal information if practicable (although an administration fee may be charged) and will take reasonable steps to amend any personal information about you which is inaccurate or out of date. 

In some circumstances, for example where prescribed in the Privacy Laws, we may not permit access to your personal information, or may refuse to correct your personal information.  Where this happens, we will provide you with reasons for this decision, seek alternatives and take any further legally required steps.

If you would like to access or correct personal information we hold about you, please contact the GRIT Health Privacy Officer whose details are provided below.

  • Do you have any concerns over the way we have collected, used or disclosed your personal information?

If you have any concerns or queries about the way your personal information has been handled, please contact the GRIT Health Privacy Officer whose contact details are provided below.

If you wish to make a formal complaint, please provide your complaint in writing to the GRIT Health Privacy Officer.  We will consider your complaint promptly and contact you to seek to resolve the matter.

Generally, we will contact you to acknowledge receipt of your complaint and let you know who is managing your query within three business days. We will attend promptly to your complaint and will aim to respond to your concerns or otherwise keep you informed of our progress within 30 days.

If we have not responded to you within a reasonable time or if your complaint is not resolved to your satisfaction, you are entitled under the Privacy Act to make a complaint to the Office of the Australian Information Commissioner.

GRIT Health Privacy Officer contact details:

GRIT Health Privacy Officer
GRIT Health

Envigor Health Management Pty Ltd ABN 38 613 918 835

PO Box 6028
Brendale Qld 4500

e-mail: privacy@grithealth.com.au

Further information

Further information about the application of the Privacy Act can be found at the website of the Office of the Australian Information Commissioner at www.privacy.gov.au

© 2018 Grit Health | Website Design & Development by DigiMedia Worx Pty Ltd