Under the Privacy Act, ‘personal information’ is defined as any information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
‘Sensitive information’ is defined as information or an opinion (that is also personal information) about an individual’s racial or ethnic origin, political opinions, member of a political associations, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, or criminal record, health information, genetic information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.
Types of information collected
We may collect and hold personal information about you, that is information that can identify you, and is relevant to providing you with the services you are seeking. The kinds of information we typically collect include name, gender, address, phone number, facsimile number, email address, credit card details, place and type of business or other information that is relevant to providing you with the services you, or someone else you know, are seeking. We may also collect sensitive information about you, including information about your health, with your consent. Information pertaining to HIV/Hepatitis infection status is strictly confidential and can only be disclosed, including internally, with written consent to do so.
Method of collection
Personal information will generally be collected directly from you through the use of any of our standard forms, over the internet, via email, in a face to face meeting or through a telephone conversation with you. We may also collect personal information about you from third parties acting on your behalf. There may however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
Purpose of collection
The personal information that we collect and hold about you, depends on your interaction with us. Generally, we collect, use and hold your personal information for the purposes of:
- + assessing your needs and providing services and community allied health and wellness services to you or someone else you know;
- + providing you with training and development opportunities;
- + responding to your queries and managing bookings;
- + providing you with information about other services that we offer that may be of interest to you;
- + providing you with information relevant to your area of expertise or interest;
- + facilitating our internal business operations, including the fulfilment of any legal requirements;
- + analysing our services and customer needs with a view to improving those services; and
- + contacting you to provide a testimonial for us.
Failure to provide information
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
If you access our website, we may collect additional personal information about you in the form of your IP address or domain name. Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and any linked websites are not subject to our privacy policies and procedures.
Use and disclosure
Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above). We may disclose personal information about you to:
- + our related entities to facilitate our and their internal business processes;
- + our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about other services, products and various promotions;
- + your referrer or other healthcare professionals involved in your care, with your permission.
We are likely to disclose personal information overseas. For instance, our infrastructure and that of our service providers or other recipients may be based outside Australia, including New Zealand.
In some circumstances, the law may permit or require us to use or disclose personal information for other purposes (for instance, where you would reasonably expect us to and the purpose is related to the purpose of collection). Except as otherwise permitted by law, we only disclose sensitive information about you with your consent.
We store your personal information in different ways, including in paper and electronic form. The security of your personal information is important to us. We take reasonable measures, including electronic and physical security measures to ensure that your personal information is stored safely to protect it from misuse, loss, unauthorised access, interference, modification or disclosure.
Mandatory breach reporting
We aim to ensure that your personal information is handled in strict compliance with the Commonwealth Privacy Act 1988 and we will take all reasonable steps to mitigate the risk of a breach of privacy.
Where we believe that a breach of privacy may have occurred, we will take reasonable steps to manage the situation. We will comply with any applicable breach notification requirements of the Privacy Act, including the requirement to notify you and the Office of the Australian Information Commissioner.
Access and correction
You may request access to personal information we hold about you, by making a written request. We will respond to your request within a reasonable period. We may charge you a fee for processing your request (but not for making a request for access).
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).
If upon receiving access to your personal information, or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
If we refuse to correct your personal information, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint.
Complaints and feedback
If you wish to make a complaint about a breach of the Privacy Act, Australian Privacy Principles or a privacy code that applies to us, please contact us as set out below and we will take reasonable steps to investigate the complaint and respond to you. If you are not happy with our response, you may complain directly to the Australian Privacy Commissioner.
Address: Unit 3b / 32 Billabong Street, Stafford, Queensland, 4053
Postal address: PO Box 192, Grange, Queensland, 4051
Telephone: 1300 363 483
Facsimile: 07 3856 5430
For more information about privacy in general, you can visit the Australian Privacy Commissioner’s website.