This page provides important information about how PainChek collects and uses personal information.
1. Who is this Privacy Statement for?
This Privacy Statement only applies to your interactions with PainChek as a client or prospective client.
-
If you are a user of the PainChek App at your workplace:
Contact your employer to understand how they handle your personal information when used for the PainChek App or in connection with their interactions with PainChek. -
If you are a patient or resident in a facility that uses the PainChek App for your care, or a family member of a patient or resident looking to understand how your family member’s personal information is handled:
Contact the facility where you or your family member is located to understand how it handles this personal information. Also read our Privacy Information for Patients and Residents which provides a summary of how the PainChek App uses personal information.
2. How do we use your personal information?
How PainChek uses your personal information, that you provide or which we collect from you, from publicly available sources (such as LinkedIn or on-line publications) or from third parties (like business data providers), is described here:
2.1 Individual business contact details (email, telephone number, address, role in prospective client, location)
What it’s used for and why we collect it:
-
Promoting the services of PainChek – Contacting you about, or send you information and materials on, PainChek’s products and services.
-
Enquiries – Responding to your enquiries and engaging with you in your capacity as an employee or representative of the business you represent or work for.
-
Using our services – Providing our services to the business you represent or work for.
-
Other uses – Protecting our legal rights; administration, quality, and training; and system and product development.
2.2 Information created as part of communications between us or during the provision of our services.
What it’s used for and why we collect it:
-
Promoting the services of PainChek – Contacting you about, or send you information and materials on, PainChek’s products and services.
-
Enquiries – Responding to your enquiries and engaging with you in your capacity as an employee or representative of the business you represent or work for.
-
Using our services – Providing our services to the business you represent or work for.
-
Other uses – Protecting our legal rights; administration, quality, and training; and system and product development.
2.3 IP address and other information relating to your interactions with the PainChek website
What it’s used for and why we collect it:
-
Cookies – Cookies are used for the operation of our website, detection and prevention of unlawful activity on our website, website analytics, and marketing activity, as described in our cookie policy.
3. What do we use your personal information for?
3.1 Promoting the services of PainChek
We may have obtained your individual business contact details (such as email, telephone number, address, position) from you, or from publicly available sources (like LinkedIn) or from third parties (like business directories). If you have attended an event, we may also receive these details from the event organiser.
Where we are permitted to do so, we will use your personal information to contact you about, or send you information and materials on, PainChek and its products and services. This may be because you have specifically requested them or because we feel our services may be of interest to the business you represent or work for.
We always comply with applicable direct marketing rules. If you no longer wish us to promote our services to you, please let us know. You can also opt-out of receiving our direct marketing emails at any time.
If you sign up to attend one of our webinars, we will also use your information to administer your participation in the webinar.
3.2 Enquiries
You may make an enquiry about our services (for example, through our contact page or through the download of a whitepaper or other content on our website). If you do, we use information you give us as part of that enquiry, or in related communications, to provide you with information about our services and respond to and manage your enquiries and requests.
We will also use your personal information in connection with the management of any pre-contract discussions between PainChek and the business you represent.
3.3 Using our services
When we provide our services, we will collect and use your personal information. Any personal information you provide to us, or which we obtain when providing our services, will be used for:
-
providing our services in accordance with our contract with our client (the business you represent); and
-
managing our relationship with our client.
3.4 Other uses of your personal information
3.4.1 Enforcing legal rights
We will use your personal information for the enforcement or protection of our legal rights.
3.4.2 Administration, quality, and training
To help administer our business (including in accordance with legal or other obligations we must meet), and our relationship with you, we will use your personal information. It will also be used in connection with the maintenance of our quality standards and the provision of internal training.
3.4.3 System and product development
Your personal information is also used by us to support the development and improvement of our systems and products. This can include using it for the purposes of surveys and providing your personal information to third parties to deliver system and product development or improvement, but they will only be able to use your personal information in accordance with our instructions.
3.5 Cookies
Refer to our cookie policy for further information on the cookies we use and the purposes they are used for.
4. When do we share your personal information with others?
PainChek does not share or disclose your personal information for a business purpose except as set out in this Privacy Statement. Your personal information is never sold to third parties.
The personal information described above is shared with third parties who provide services to us, including:
-
information technology and information services providers;
-
other third-party service providers; and
-
professional and other third-party advisers.
These third parties can only access the personal information we share with them to provide their services to us or to support our delivery of our services to you, not for their own purposes.
Your personal information is not shared with anyone else. In certain circumstances, we may be obliged to disclose your personal information to a public authority in response to a lawful request or to respond to legal process. We will only make such disclosure to the extent it is lawful.
If you do not wish us to disclose your information to a third party or use it for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorised by you, you can inform us by using the mechanisms detailed in “Your rights” below.
5. How long do we keep your personal information?
We will only keep your personal information for as long as we are legally required, or if longer, for the period the personal information is needed for the purposes we have collected it.
6. How do we ensure the use of your personal information is lawful?
We only use your personal information if lawfully we can do so, for example because we have your express or implied consent.
6.1 European Union, United Kingdom and Switzerland
As our client will be the business you represent or work for, our use of your personal information is in all cases necessary in PainChek’s legitimate interest in conducting and managing our business (as described above) and enforcing our legal rights.
You do have the right to object to this processing and can do so by writing to us at our address or emailing us at [email protected]. If you do object, this may affect our ability to provide our services and solutions to the business you work for. In some cases, we may ask for your consent to send you information and materials about PainChek’s services (like when you subscribe for our newsletter). In this case, our lawful use of your personal information for this purpose remains PainChek’s legitimate interest (as described above), but your consent is provided for the purposes of meeting the requirements of direct marketing laws.
7. Transfers of personal information
PainChek is a group of companies with locations globally. Personal information collected or processed by PainChek may be stored and processed in any other country where PainChek, its affiliates, or service providers operate facilities. PainChek processes personal information in accordance with this privacy statement and the requirements of applicable law.
PainChek uses a number of information technology and other service providers as described in When do we share your personal information with others? Some of these providers may be located outside the country or jurisdiction whose laws apply to our collection and use of your personal information. This may mean your personal information is subject to the laws of foreign jurisdictions, including laws permitting or requiring disclosure of the information to the government, government agencies, courts and law enforcement in that jurisdiction. In these cases, we ensure your personal information is protected by appropriate safeguards as required by data protection law. Where applicable, this includes using contracts that incorporate standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914.
If you wish to receive further information on these transfers and the safeguards in place, please contact us at [email protected]
8. Your rights
8.1 Accessing, deleting, rectifying and moving your personal information
In addition to the right to object to the processing of your personal information, depending on the country or state laws that apply, you may also have the right to:
-
access your personal information and have disclosed to you what personal information we have collected, used, shared or sold about you, and why;
-
require us to delete your personal information;
-
opt-out of the sale of your personal information
-
rectify any personal information we hold that is incorrect; and/or
-
have your personal information transmitted to another data controller.
Where applicable, if you want to exercise these rights please let us know. You will need to provide sufficient information to verify and complete your request. We will complete your request within thirty days, subject to any legal or other requirements that means we cannot complete your request, in which case we shall inform you of this where we are permitted to do so.
9. How can you exercise your rights or make a complaint?
9.1 If you live in Australia or New Zealand, contact:
PainChek Limited
Suite 401, 35 Lime Street, Sydney, New South Wales, 2000, Australia
You can contact PainChek’s Privacy Officer by emailing: [email protected]
In Australia, you can make a complaint to the Office of the Australian Information Commissioner at oaic.gov.au. In New Zealand, contact the New Zealand Privacy Commissioner at privacy.org.nz
8.2 If you live in the UK, the data controllers are:
PainChek UK Limited
10 John Street, London, WC1N 2EB, United Kingdom
PainChek Limited
Suite 401, 35 Lime Street, Sydney, New South Wales, 2000, Australia
PainChek Limited’s UK Representative is PainChek UK Limited.
You can contact PainChek’s designated Data Protection Officer by emailing: [email protected]
You can make a complaint to the UK’s Information Commissioner’s Office at ico.org.uk
8.3 If you live in the European Union, the data controller is:
PainChek Limited
Suite 401, 35 Lime Street, Sydney, New South Wales, 2000, Australia
PainChek Limited’s EU Representative is Data Protection Representative Limited (trading as DataRep).
You can contact our EU Representative by sending an email to [email protected] with “PainChek” in the subject line or by their online webform at www.datarep.com/data-request
You can contact PainChek’s designated Data Protection Officer by emailing: [email protected]
The supervisory authority where you may make a complaint depends on where you live: edpb.europa.eu/about-edpb/about-edpb/members_en
8.4 If you live in the United States, contact:
PainCheck Inc.
3500 South DuPont Highway Dover, DE 19901 United States
You can contact PainChek’s Privacy Officer by emailing: [email protected]
8.5 If you live in Canada, contact:
PainChek Canada Limited
2205–10020 100 St
NW Edmonton, AB T5J 0N3 Canada
You can contact PainChek’s Privacy Officer by emailing: [email protected]
You can make a complaint to the Office of the Privacy Commissioner of Canada at priv.gc.ca
9. Our processing of personal information on behalf of clients
The services provided by PainChek to its clients primarily involve the processing of personal information on their behalf. When we do this, we only use your personal information under their instruction and never for our own purposes. For example, this means we are not:
-
the controller of this personal information for the purposes of the EU or UK GDPR;
-
the APP entity (for the purposes of the Australian Privacy Act 1998, or the Australian Privacy Principles);
-
the agency (for the purposes of New Zealand’s Privacy Act 2020);
-
the covered entity (for the purposes of the United States’ Health Insurance Portability and Accountability Act (HIPAA)); or
-
the regulated entity (for the purposes of the Washington My Health My Data Act),
and our client always remains responsible for your personal information.
If you have questions about our processing of your personal information on behalf of one of our clients or wish to exercise your rights to access that personal information, please contact that client or review their privacy notice. However, the information in the section: “Transfers of personal information” is also relevant to you.
This Privacy Statement was published on 13th February 2026.
