We comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act). We also understand that visitors from the EU may access this site, so we also aim to comply with the General Data Protection Regulations (GDPR).
ARE THERE ANY AGE RESTRICTIONS?
WHAT INFORMATION DO WE COLLECT & HOW DO WE USE IT?
- Our web servers gather your IP address to assist with the diagnosis of problems or support issues with our services. Information is gathered in aggregate only and cannot be traced to an individual user.
- We also use third-party analytic tools like Google Analytics that employ cookies to collect information about your use of our services.
- We use web beacons to track and data for marketing purposes.
This aggregate, non-personal information is collated and provided to us to assist in analysing the usage of the site.
Personal information about visitors to this website is collected only when knowingly and voluntarily submitted. For example, we may need to collect your name, email address, telephone number and other information in order to provide you with further services, to email you a copy of our newsletter, or to answer or forward any requests or enquiries.
WHAT ABOUT SENSITIVE INFORMATION?
We understand that some personal information is particularly sensitive. We will only collect sensitive information by methods that are reasonably secure, such as:
- Via Acuity Client Intake form when you book an appointment
- During a Zoom or in-person consultation
- When you send us information in an email
The reason why we collect this information is:
- So that we can provide you with the services you have contracted us for
- To ensure that we are providing you with the most appropriate advice
The sensitive information we ask you to provide for this purpose may include:
- Your birth date
- Your medical history
- Your family medical history
- Your relationship status
We are committed to securely storing and handling your sensitive information. Sensitive information is stored either in a locked filing cabinet OR on a password protected computer and password protected back-up drive. Only the therapist responsible for your treatment and administrative staff will have access to sensitive material.
Some sensitive information may be stored securely online, or in the cloud through Google Drive. You can find out more about their security provisions here: https://policies.google.com/privacy .
All archived sensitive information is securely destroyed after 7 years.
DO WE DISCLOSE YOUR INFORMATION TO THIRD PARTIES?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, tracking affiliate payments or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
If you have any concerns regarding the disclosure of your personal information, please do not hesitate to get in touch with me to discuss this personally.
HOW DO WE PROTECT YOUR INFORMATION?
I take reasonable physical, technical and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure.
I manage risks to your personal information by:
- Storing files securely
- Ensuring that only key personnel have access to sensitive information
- Conducting regular audits of my security systems
- Using a SSL server.
THIRD PARTY LINKS
As mentioned above, your personal information may also be stored with a third-party provider, where it will be managed under their security policy:
- Mailchimp (newsletters) – https://mailchimp.com/about/security/
- Cliniko (case notes) – https://www.cliniko.com/security
- Acuity Scheduling (appointments)- https://acuityscheduling.com/privacy.php
- Metagenics (questionnaires) – https://www.metagenics.com.au/Privacy
- Bioconcepts (questionnaires) – https://www.bioconcepts.com.au/privacy-policy
- Vital.ly (product orders) – https://www.vital.ly/privacy_policy.html
- BioMedica – https://www.biomedica.com.au/page/30/biomedica-privacy-policy
I may also combine information provided by you with information gathered from:
- Third-party advertising services, like Facebook® and Instagram®
- Analytics services like Google Analytics®
If you do not wish this to occur, please contact me.
Whilst we endeavour to take all reasonable steps to protect the personal information you may transmit to us, no data transmission over the Internet can be guaranteed to be totally secured. As such, we will not be held responsible for events arising from unauthorised access to your personal information.
IF YOU REQUIRE ACCESS TO YOUR INFORMATION
You can contact me to access, correct or update your personal information at any time. Unless I am subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act 1988, and I believe there is a valid reason for doing so, I will endeavour to make your information available you within 30 days.
Please begin the process by sending an email requesting access to your information to me at firstname.lastname@example.org and I will endeavour to respond within 7 days.
IF THERE IS A BREACH
If we have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, we will immediately assess the situation and take appropriate remedial action. If we still believe that you are at risk, we will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.
If you are not satisfied with my response to your complaint you may seek a review by contacting the health ombudsman in your state or territory.
LAST UPDATED SEPT 2018