To meet your expectations about privacy and confidentiality BeautyFULL Cosmetic Medical Clinic has operational processes and procedures to comply with:
- Australian Privacy Principles (APPs) contained in the Privacy Act 1988;
- Australian Direct Marketing Association (ADMA) Code of Practice in relation to how we market to our customers;
- Spam Act 2003 in relation to electronic marketing;
- Do Not Call Register Act 2006 where we engage in telemarketing; and
- Telecommunications Industry Standard 2007where we engage in telemarketing.
Collection of personal information
‘Personal information’ means information we hold about you from which your identity is either clear or can be reasonably determined. When you give us your personal information, it imposes a serious responsibility on us. Protecting your privacy when handling your personal information is very important to us and is fundamental to the way we serve you.
Generally, we will collect personal information directly from you, and only to the extent necessary to provide the service you requested or to carry out our internal administrative operations.
We may collect personal information from you when:
- You fill in our ‘Patient Register Form’;
- Deal with us over the telephone;
- Email us;
- Contact us through our website; and
- Create an account with us (Vagaro)
We will collect personal information from you by lawful and fair means and not in an unreasonably intrusive way.
“Unsolicited” personal information is personal information about an individual that an organisation has unintentionally received. This is an uncommon occurrence for BeautyFULL Cosmetic Medical Clinic, but when it does happen, we will protect your personal information with the same rigour as we treat personal information that we intended to collect. If we could not have collected this information through our normal processes, we will de-identify that information as soon as we can.
Uses and sharing
We use the personal information you provide only for purposes consistent with the reason you provided it, or for a directly related purpose. We may also use your personal information where required or permitted by law. We may also use your information where you have provided us with your express or implied consent.
We do not share your personal information with other organisations unless:
- You give us your express consent, or
- Sharing is otherwise required or permitted by law, or
- This is necessary on a temporary basis to enable our contractors to perform specific functions.
When we temporarily provide personal information to companies who perform services for us, such as specialist information technology companies, mail houses or other contractors to BeautyFULL Cosmetic Medical Clinic we require those companies to protect your personal information as diligently as we do. Strict contractual and other quality assurance measures are used to ensure your personal information is protected.
BeautyFULL Cosmetic Medical Clinic may transfer personal information to countries outside Australia. We will only do so in compliance with all applicable Australian data protection and privacy laws. We will take reasonable steps to protect personal information no matter what country it is stored in or transferred to. We have documents and procedures as appropriate to help ensure this.
From time to time we may use the personal information we collect from you to identify particular products and services which we believe may be of interest to you. We may then contact you to let you know about these products and services and how they may benefit you. We will generally only do this with your prior consent (where practical) and we will always give you a choice to opt out of receiving such information in future. Direct Marketing from us generally takes the form of Direct Mail, Electronic Marketing (email) or Short Message Services (SMS).
Accessing your personal information
You have the right to request access to the personal information we hold about you. This right is subject to certain exceptions allowed by law.
Upon your request, and subject to applicable privacy laws, provide you with access to your personal information that is held by us. However, we ask that you identify, as clearly as possible, the type (or types) of information requested. We will deal with your request in a reasonable time – usually within 30 days.