Privacy Policy

Last Updated - 14 February 2023

Introduction

We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Notice describes the Patient Zero policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.

How we collect and use (process) your personal information

Patient Zero collects personal information about its website visitors and customers. With a few exceptions, this information is generally limited to:

name
job title
location
email
phone number

We use this information to provide prospects and customers with services.

We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.

From time to time, Patient Zero receives personal information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your personal data from a third party website (e.g. LinkedIn)

Use of the Patient Zero Website

As is true of most other websites, Patient Zero’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of Patient Zero’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

Patient Zero has a legitimate interest in understanding how members, customers and potential customers use its website. This assists Patient Zero with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.

Sharing information with third parties

The personal information Patient Zero collects from you is stored in one or more databases hosted by third parties located in the United States or Australia. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, Patient Zero engages third parties to send information to you, including information about our products, services, and events.

We do not otherwise reveal your personal data to non-Patient Zero persons or businesses for their independent use unless: (1) you request or authorize it; (2) it’s in connection with Patient Zero-hosted and Patient Zero co-sponsored conferences as described above; (3) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (4) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (5) to address emergencies or acts of God; or (6) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.

The Patient Zero website connects with third party services such as Facebook, LinkedIn, Twitter and others. If you choose to share information from the Patient Zero website through these services, you should review the privacy policy of that service. If you are a member of a third party service, the aforementioned connections may allow that service to connect your visit to our site to your personal data.

Data storage and retention

Your personal data is stored on the servers of the cloud-based database management services that Patient Zero engages, located in countries the United States or Australia. Patient Zero retains service data for the duration of the customer’s business relationship with Patient Zero and for a period of time thereafter, to analyze the data for Patient Zero’s own operations, and for historical and archiving purposes associated with Patient Zero’s services. Patient Zero retains prospect data until such time as it no longer has business value and is purged from Patient Zero systems. All personal data that Patient Zero controls may be deleted upon verified request from Data Subjects or their authorized agents.

Organisations across Australia turn to Patient Zero design, build and maintain custom software applications. Our Australian based development teams are vendor & technology agnostic and ready to deliver your next project.

We have a proven track record of projects delivered in a diverse range of industries including Education, Insurance, Waste Management, Health/Medtech, Government and even EV Charging.

Quick Links

Our Privacy Policy

Contact Us

1300 714 093

[email protected]

Brisbane

Level GR-109

310 Edward Street
BNE QLD 4000
GPO Box 2056, Brisbane 4001

Sydney

Level 3-104

320 Pitt Street,

Sydney NSW 2000

ABN 98 611 165 498

Latest News

Prompt Injection Capture-the-flag – Red Team x AI

By Joe Cooney • 02 Apr, 2024

Red-team challenges have been a fun activity for PZ team members in the past, so we recently conducted a small challenge at our fortnightly brown-bag session, focusing on the burgeoning topic of prompt injection. Injection vulnerabilities all follow the same basic pattern – un-trusted input is inadvertently treated as executable code, causing the security of the system to be compromised. SQL injection (SQLi) and cross-site scripting (XSS) are probably two of the best-known variants, but other technologies are also susceptible. Does anyone remember XPath injection? As generative models get incorporated into more products, user input can be used to subvert the model. This can lead to the model revealing its system prompt or other trade secrets, reveal information about the model itself which may be commercially valuable, subvert or waste computation resources, perform unintended actions if the model is hooked up to APIs, or cause reputational damage to the company if the model can be coerced into doing amusing or inappropriate things. As an example, entrepreneur and technologist Chris Bakke was recently able to trick a Chevy dealership’s ChatGPT-powered bot into agreeing to sell him a Chevy Tahoe for $1 . Although the U.S. supreme court has yet to rule on the legal validity of a “no takesies backsies” contract (as an employee of X Chris is probably legally obligated to drive a Tesla anyway) it is not hard to imagine a future scenario with steeper financial consequences.