PRIVACY POLICY

CBR Podiatry Pty Ltd

This policy sets out how CBR Podiatry Pty Ltd (ACN 656 195 265) (we) collect, hold and disclose personal information. We take privacy seriously and are committed to complying with the Australian Privacy Principles in the Privacy Act 1988 (Cth).

Why do we collect personal information?

We collect personal information to:

  • provide professional podiatry services and products to our patients
  • communicate with our patients, suppliers and other business contacts
  • manage and account for our services and products
  • manage credit provided to our patients
  • inform our patients and other business contacts about issues which may be of interest to them
  • market our services
  • manage our employees and contractors
  • generally carry on our practice

What personal information do we collect?

We collect an individual’s name and contact details, and information about the individual’s relationship with us or our patients, and about the individual’s relationship with our employees, potential employees and other business contacts.

We also collect the information necessary to provide the specific professional podiatry services and products our patients require, as well as credit card and payment information.

How we collect personal information

We collect personal information direct from an individual when that individual meets with us, communicates with us by letter, telephone, email or fax, gives us a business card, subscribes to our publications, registers for or attends our events or submits information through our websites, blogs or other social media outlets.

We may also collect personal information about an individual from that individual’s family   or friends who accompany the individual when meeting with us, or who contact us on   behalf of the individual. We may also collect personal information about an individual from another health practitioner who refers that individual as a patient to us or who provides us with specialist or other medical reports about that individual on that individual’s request.

We also collect personal information about an individual’s employer and from publicly available records or a third party eg a provider of an employment or other reference for someone who is seeking employment with us.

Cookies

We may ask other people to analyse traffic on our websites, blogs and other social media outlets and they may use cookies to do so. Cookies are small text files that are transferred to a user’s hard drive by a website for the purpose of collecting information about a user’s identity, browser type or website visiting patterns.

Anonymity and pseudonyms

Individuals have the right not to identify themselves, or to use a pseudonym when dealing with us.

However, if we request personal information and it is not provided, we may not be able to assist the relevant individual. If that individual is a patient of ours, we may not be able to provide appropriate care to the individual or to claim rebates or other payments from third parties in respect of that individual such as health funds, Medicare and accident and  worker’s compensation authorities.

General use and disclosure

We use and  disclose personal information for the primary purpose for which it  was  collected, related purposes and other purposes authorised by the Privacy Act. In general, we use and disclose personal information for the purposes set out above.

Use and disclosure for direct marketing

We will only use an individual’s personal information to market our services or products or   to send invitations to events where that individual has consented to us doing so. In such  cases we will regularly give that individual an opportunity to withdraw that consent and will not use that information for those purposes after that consent is withdrawn.

To whom do we disclose personal information?

We may disclose personal information about an individual:

  • to our employees
  • to the individual’s family, friends and other health practitioners (with the relevant individual’s authority)
  • to our suppliers who provide us with products or services required by the individual
  • to anyone else whom the individual authorises us to disclose the information
  • as otherwise authorised by the Privacy Act

Who else can access this information?

Our contractors and other third parties may have access to some personal information we hold while assisting us to carry on our practice. For example, contractors may provide reception and other administrative support to our practice. They may also distribute some

of our publications and develop and maintain our computer systems, electronic records, websites, blogs and other social media outlets.

Our auditors, insurers and legal and other professional advisers may also access personal information we hold to assist us in protecting our interests, and to ensure that we comply with our obligations.

Disclosure to overseas recipients

Unless required or authorised to do so by law, we will not disclose personal information about an individual to overseas recipients without the authority of that individual. Where required in order to provide specific services or products our patients require, we may disclose personal information to overseas recipients however, only to the extent required for such purposes.

How do we keep personal information secure?

We take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. We store hard copies of this information in access controlled premises, and digital versions  on  secure  servers.  We require all persons authorised to access digital information to use logins and passwords to access such information.

We require all our contractors and others to whom we disclose personal information or whom may have access to personal information we collect, to keep such personal information private and to protect such personal information from misuse and loss and from unauthorised access, modification or disclosure.

Any credit card details provided to us for the purposes of making any payment are destroyed when processing the payment is finalised. All transactions are fully encrypted.

Unless we are prevented from doing so by law, we de-identify or destroy securely all personal information we hold when no longer reasonably required by us.

Security breaches

In the event that we become aware of any actual or potential unauthorised access to or disclosure of personal information about an individual, or any loss of such information which may lead to unauthorised access or disclosure, we will promptly investigate and where appropriate, take remedial action and notify the individual affected in accordance with the Privacy Act.

Integrity of personal information

We take reasonable steps to ensure that the personal information we collect is accurate, up  to date and complete and that the personal information we use or disclose is accurate, up to date, complete and relevant, having regard to the purpose of such use or disclosure.

To that end, we encourage you to contact us to update or correct any personal information we hold about you.

Accessing your personal information

You may request access to personal information we hold about you. We may require you to verify your identity and to specify what information you require.

We deal with all requests for access to personal information as required by the Privacy Act. We may charge a fee where we provide access and may refuse to provide access if the Privacy Act allows us to do so.

Correction of personal information

We take reasonable steps to correct all personal information we hold to ensure that, having regard to the purposes for which it is held, the information is accurate, up to date,    complete, relevant and not misleading.

You may request corrections to personal information we hold about you. We deal with all requests for correction to personal information as required by the Privacy Act. We may refuse to correct personal information if the Privacy Act allows us to do so.

Complaints

If you wish to make a complaint about this Privacy Policy or our collection, use or disclosure of personal information, please contact us in the first instance. We will investigate your complaint and try to promptly resolve your complaint directly with you.

If you are not satisfied with the outcome, then you may make a complaint to the Office of   the Australian Information Commissioner (OAIC). For information about how to make such a complaint, please refer to the OAIC website http://www.oaic.gov.au/.

Contact us

To request access to or correction of personal information, to request not to receive marketing material or invitations from us, or to make a privacy complaint to us, please contact us.

Changes to Privacy Policy

We reserve the right to make changes to this Privacy Policy from time to time and without notice by publication on our website.

We recommend that you regularly review our Privacy Policy to ensure you are aware of any changes.