This policy sets out how K & K BODYCARE PTY LTD ABN 84 650 002 878 (we) collect, hold and disclose personal information. We take privacy seriously and are committed to complying with the Australian Privacy Principles in the Privacy Act 1988 (Cth).
We collect personal information to:
We collect an individual’s name and contact details as well as information about the individual’s relationship with us or our patients, and about the individual’s relationship with our other business contacts.
We also collect information about our patients’ age, health, medications and treatments received, other treating health practitioners and specialists, and other information necessary to provide the patient care and products our patients require. We also collect patient Medicare, healthcare and health fund identifiers and credit card and payment information.
We collect personal information when individual registers as a patient with us, meets with us, communicates with us by letter, telephone, email, social media or fax, gives us a business card, subscribes to our publications, registers for or attends our events or submits information through our websites, blogs or other social media outlets.
We may collect personal information about a patient from that patient or from the patient’s guardian or other responsible people, or from the patient’s other treating health practitioner or specialist, during the course of or in connection with the provision of care to the patient.
Individuals have the right not to identify themselves, or to use a pseudonym when dealing with us. However, if we request personal information and it is not provided, we may not be able to provide the patient care and products our patients require or otherwise assist the relevant individual or another person.
We use and disclose personal information for the primary purpose for which it was collected, related purposes and other purposes authorised by the Privacy Act. In general, we use and disclose personal information for the purposes set out in this policy.
We will only use an individual’s personal information to promote or market our practice, our services or products, or to send invitations to events, where we give that individual an opportunity to request us not to use the information for such purposes.
We will not use personal information to promote or market our practice, our services or our products to a patient, or to send invitations to events to a patient, without that patient’s consent. We will not use any individual’s personal information for the above purposes if the individual requests us not to do so.
We may disclose or allow access to personal information that we collect from our suppliers, contractors and other business contacts that help us in our practice. For example, contractors may provide us with the reception and administrative support services, distribute some of our publications and develop and maintain our computer systems, electronic records, websites, blogs and other social media outlets. Our auditors, insurers, lawyers and other professional advisers may also access our records to protect our interests and to ensure that we comply with our obligations. We may also disclose personal information about a patient to Medicare or to the patient’s health fund or insurer, or to a lawyer engaged by the patient or the patient’s health fund or insurer. We may disclose personal information about an individual to anyone else with the consent of that individual, or as otherwise required or permitted by law.
We will generally not disclose personal information about an individual to overseas recipients without the consent of that individual unless required or authorised by law. Where required in order to provide specific patient care or products our patients require, we may disclose personal information to overseas recipients, however, only to the extent required for such purposes.
We take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. We store hard copies of this information in access-controlled premises, and digital versions on secure servers. We require all persons authorised to access digital information to use logins and passwords to access such information.
We require all our contractors and others to whom we disclose personal information or who may have access to the personal information we collect, to keep such personal information private and to protect such personal information from misuse and loss and from unauthorised access, modification or disclosure.
We do not retain any credit card details. All credit card details provided to us for the purposes of making any payments are destroyed when processing the payment is finalised.
Unless we are prevented to do so by the law, we de-identify or destroy securely all personal information we hold when no longer reasonably required by us.
In the event that we become aware of any actual or potential unauthorised access to or disclosure of personal information about an individual, or any loss of such information which may lead to unauthorised access or disclosure, we will promptly investigate and where appropriate, take remedial action and notify the individual affected in accordance with the Privacy Act.
We try to ensure that the personal information we collect is accurate, up to date and complete and that the personal information we use or disclose is accurate, up to date, complete and relevant, having regard to the purpose of such use or disclosure.
To that end, we encourage individuals to contact us to update or correct any personal information that we hold about them. We will also generally ask patients to confirm or update their details and other personal information that we hold about them when they have an appointment with us.
You may request access to the personal information we hold about you. We may require you to verify your identity and to specify what information you require.
We deal with all requests for access to personal information as required by the Privacy Act. We may charge a fee where we provide access and may refuse to provide access if the Privacy Act allows us to do so.
We take reasonable steps to correct all personal information we hold to ensure that, having regard to the purposes for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
You may request corrections to the personal information we hold about you. We deal with all requests for correction to personal information as required by the Privacy Act. We may refuse to correct personal information if the Privacy Act allows us to do so.
If you are not satisfied with the outcome, then you may make a complaint to the Office of the Australian Information Commissioner (OAIC). For information about how to make such a complaint, please refer to the OAIC website https://kkbodycare.com.au/.
To request access to or correction of personal information, to request not to receive marketing material or invitations from us, or to make a privacy complaint to us, please contact us at firstname.lastname@example.org.
We reserve the right to make changes to this policy from time to time and without notice by publication on our website. We recommend that you regularly review our policy to ensure you are aware of any changes.