Privacy Policy
Overview
Centaur Institute (Ci) operates the Cordi platform. This Privacy Policy explains how we handle your personal and health information in accordance with the Privacy Act 1988 (Cth) and the Health Records Act 2001 (Vic).
What We Collect
When you use Cordi, we may collect:
- Your name, email address, and date of birth
- Health information and survey responses you submit through the platform
- Consent records and account activity
How We Use Your Information
- To manage your participation in a Centaur Institute programme
- To allow your clinical team to monitor your progress
- To meet our legal and regulatory obligations
Who Can See Your Data
Your information is accessible only to:
- Your treating clinical team (surgeons, physiotherapists, coaches) within your programme
- Authorised Centaur Institute staff for support and compliance purposes
Your data is stored on AWS cloud infrastructure in Sydney, NSW, under binding data processing agreements.
How We Protect It
Cordi uses industry-standard security measures including encrypted storage, role-based access controls, and full audit logging of all access and edits.
Your Rights
You have the right to:
- Access the personal information we hold about you
- Request correction of information that is inaccurate or out of date
- Lodge a complaint if you believe we have mishandled your information
To exercise these rights, contact our Privacy Officer:
- Email: cordi@centaur.com.au
- Mail: Privacy Officer, Centaur Institute, 132A Bridge Road Richmond, VIC 3121
We will respond to all written requests within 30 days. If you are not satisfied with our response, you may escalate to:
- Office of the Australian Information Commissioner (OAIC): oaic.gov.au / 1300 363 992
- Health Complaints Commissioner (Vic): hcc.vic.gov.au / 1300 582 113
Contact
For all privacy enquiries:
- Email: cordi@centaur.com.au
- Website: centaur.com.au