Privacy Statement

This page provides important information about how PainChek collects and uses the personal data of the people who work for our clients in the European Union and UK.

Who is this Privacy Statement for?

This Privacy Statement only applies to you if deal with PainChek as a client or prospective client.

This Privacy Statement is not for you, if:

  • You are a user of the PainChek App at your workplace.

Contact your employer to understand how they handle your personal data when used for the PainChek App.

  • You are a patient or resident in a facility that uses the PainChek App for your care, or a family member of a patient or resident looking to understand how your family member’s personal data is handled.

Contact the facility where you or your family member is located to understand how it handles this personal data.

How do we use your personal data?

How PainChek uses your personal data is described here:

Personal Data 3

What do we use your personal data for?

Promoting the services of PainChek
We may have obtained your individual business contact details (such as email, telephone number, address, position) from you, or from publicly available sources (like LinkedIn) or from third parties (like business directories). If you have attended an event, we may also receive these details from the event organiser where that is permitted.

Where we are permitted to do so, we will use your personal data to contact you about, or send you information and materials on, PainChek and its products and services. This may be because you have specifically requested them or because we feel our services may be of interest to the business you represent or work for.

We always comply with applicable direct marketing rules. If you no longer wish us to promote our services to you, please let us know. You can also opt-out of receiving our direct marketing emails at any time.

If you sign-up to attend one of our webinars we will also use your information to administer your participation in the webinar.

You may make an enquiry about our services (for example, through our contact page or through download of a whitepaper or other content on our website). If you do, we use information you provide as part of that enquiry, or in related communications, to provide you with information about our services and respond to and manage your enquiries and requests.

We will also use your personal data in connection with the management of any pre-contract discussions between PainChek and the business you represent.

Using our services
When we provide our services, we will collect and use your personal data. Any personal data you provide to us, or which we obtain, when providing our services will be used for:

  • providing our services in accordance with our contract with our client (the business you represent); and
  • managing our relationship with our client.

Other uses of your personal data

Enforcing legal rights
We will use your personal data for the enforcement or protection of our legal rights.

Administration, quality, and training
To help administer our business (including in accordance with legal or other obligations we must meet), and our relationship with you, we will use your personal data. It will also be used in connection with the maintenance of our quality standards and the provision of internal training.

System and product development
Your personal data is also used by us to support the development and improvement of our systems and products. This can include using your information for the purposes of surveys, and providing your personal data to third parties so they can provide services to us in respect of system and product development or improvement, but they will only be able to use your personal data in accordance with our instructions.

When do we share your personal data with others?

PainChek does not share or disclose your personal data for a business purpose except as set out in this Privacy Statement. Your personal data is never sold to third parties.

The personal data described above is shared with third parties who provide services to us, including:

  • information technology and information services providers;
  • other third-party service providers; and
  • professional and other third-party advisers.

These third parties can only access the personal data we share with them to provide their services to us or to support our delivery of our services to you, not for their own purposes.

Your personal data is not shared with anyone else.

How long do we keep your personal data?

We will only keep your personal data for as long as we are legally required, or if longer, for the period the personal data is needed for the purposes we have collected it.

How do we ensure the use of your personal data is lawful?

We only use your personal data if lawfully we can do so.

As our client will be the business you represent or work for, our use of your personal data is in all cases necessary in PainChek’s legitimate interest in conducting and managing our business (as described above) and enforcing our legal rights.

You do have the right to object to this processing and can do so by writing to us at our address or emailing us at [email protected]. If you do object, this may affect our ability to provide our services and solutions to the business you work for. In some cases, we may ask for your consent to send you information and materials about PainChek’s services (like when you subscribe for our newsletter). In this case, our lawful use of your personal data is consent.

When do we transfer your personal data outside of the EEA/UK?

PainChek is a group of companies with locations in the Australia and the United Kingdom. Your personal data will be transferred to these locations, but only for use by PainChek for the purposes described in this Privacy Statement.

PainChek also uses a number of information technology and other service providers as described in When do we share your personal data with others?. Some of these providers are located outside of the European Economic Area (EEA) and UK, and in each case are protected by an adequacy decision or appropriate safeguards as required by data protection law.

If you wish to receive further information on these transfers and the safeguards in place, please contact us at [email protected]

What are your rights?

Accessing, deleting, rectifying and moving your personal data
In addition to the right to object to the processing of your personal data, depending on the country that apply, you may also have the right to:

  • access your personal data and have disclosed to you what personal data we have collected, used, shared or sold about you, and why;
  • require us to delete your personal data;
  • opt-out of the sale of your personal data
  • rectify any personal data we hold that is incorrect; and/or
  • have your personal data transmitted to another data controller.

Where applicable, if you want to exercise these rights please let us know. You will need to provide sufficient information to verify and complete your request. We will complete your request within thirty days, subject to any legal or other requirements that means we cannot complete your request, in which case we shall inform you of this where we are permitted to do so.

How can you exercise your rights or make a complaint?

If you live in the UK the data controllers are:

PainChek UK Limited
10 John Street, London, WC1N 2EB, United Kingdom

PainChek Limited
Suite 401, 35 Lime Street, Sydney, New South Wales, 2000, Australia

PainChek Limited’s UK Representative is PainChek UK Limited.

You can contact PainChek’s designated Data Protection Officer by emailing: [email protected]

The UK data supervisory authority where you may make a complaint:

Information Commissioner’s Office

You can obtain contact details at:

If you live in the European Union, the data controller is:

PainChek Limited
Suite 401, 35 Lime Street, Sydney, New South Wales, 2000, Australia

PainChek Limited’s EU Representative is Data Protection Representative Limited (trading as DataRep). You can contact our EU Representative by sending an email to [email protected] with “PainChek” in the subject line or by their online webform at

You can contact PainChek’s designated Data Protection Officer by emailing: [email protected]

The Irish data supervisory authority where you may make a complaint:
The Irish Data Protection Commission
You can obtain contact details at:

This Privacy Statement was last updated on 9th April 2024. If you wish to see prior versions of this statement, please contact us at [email protected]