- What this Policy deals with
- The kinds of personal information that We collect and hold
- How We collect and hold personal information
- The purposes for which We collect, hold, use and disclose personal information
- How you may access personal information that We hold about you and seek the correction of such information
- How to complain about a breach of the Australian Privacy Principles and how We will deal with such a complaint
- If We disclose personal information to overseas recipients—the countries in which such recipients are likely to be located if it is practicable to specify those countries in the policy.
- Types of personal information We collect
We only collect personal information that is reasonably necessary for one or more of Our functions or activities. The types of personal information that We collect and hold about you could include:
- ID information such as your name, postal address, email address, telephone numbers, date of birth, social media accounts;
- information about your health issues and health history;
- demographic data via a Google Analytics cookie; and
- other information We think is necessary or need to provide you with services.
- How We collect and hold personal information
- We must collect personal information only by lawful and fair means.
- We must collect your personal information from you unless it is unreasonable or impracticable to do so. For example, if We are unable to contact you and We then rely on publicly available information to update your contact details
- We might collect your information face to face, when you fill out a form with Us (either in hard copy or online), when We speak with you on the telephone or via online meeting, when you use Our web site, when you book and pay for services. We may also gather and verify your information via electronic means, such as email and social media.
- Personal information We collect from you may be stored in hard copy, on computer, mobile, tablet or in the cloud.
- We will do all that We can to ensure that the personal information that We collect, use and disclose is accurate, up-to-date, complete and relevant.
- We will take all reasonable steps to ensure that personal information is stored securely and is protected from misuse and loss; and from unauthorised access, modification or disclosure. Measures to ensure the security of personal information includes a range of systems and communication security measures, as well as the secure storage of hard-copy documents.
- Client records will be retained for up to 10 years from initial visit. After this time, if no longer required, they will be securely destroyed.
When We receive personal information from you directly, We will take reasonable steps to notify you how and why we collected your information, who We may disclose it to and outline how you can access it, seek correction of it or make a complaint. Sometimes We collect your personal information from third parties. You may not be aware that We have done so. If We collect information that can be used to identify you, We will take reasonable steps to notify you of that collection.
When an individual visits Our web site, certain information such as the time, date, browser type, operating system, page visited, form completed, web site visited immediately before coming to our site and demographic data such as age group and interests, etc may be collected. Such information may be used for product recommendation purposes (via Google Analytics Demographics and Interest Reporting) or to improve the provision of services to the individual. Such information is usually collected through “cookies” and may be used in an aggregated manner to analyse how people use Our site so that we can improve Our customer service and make the website easier and more efficient to use. You can opt out of Google advertising cookies in your Google Account’s Ads Settings and use Google Analytics’ currently available opt-outs for the web or any other available method.
Our web site has links to other sites, however we are not responsible for external sites nor the consequences of accessing those sites from Our web site.
- The purposes for which We collect, hold, use and disclose personal information
We may collect information about you in orer to provide services to you or because We are required or authorised by law to collect it. For example we may collect health information about you in order to influence treatment and care. You have a right to refuse to share personal information with Us, however this can mean that We are unable to provide you with appropriate treatment. If We collect and hold your personal information for a primary purpose, We will not use or disclose the information for a secondary purpose unless:
- you have consented to the use or disclosure of the information;
- you would reasonably expect Us to use or disclose the information for the other purpose and the other purpose is related to the first particular purpose;
- the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order;
- a permitted general situation exists in relation to the use or disclosure of the information by Us; or
- We reasonably believe that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body (and, if We use or disclose personal information in accordance with this point, We must make a written note of the use or disclosure.).
If We hold personal information about an individual, We must not use or disclose the information for the purpose of direct marketing, unless We collected the information from the individual and the individual would reasonably expect Us to use or disclose the information for that purpose, and We provide a simple means by which the individual may easily request not to receive direct marketing communications from Us and the individual has not made such a request to us.
If an individual ‘opts out’ of receiving marketing materials, individuals may still be contacted for the purpose of providing services, sending accounts and appointment reminders.
We will not give or disclose personal information to third parties without obtaining the individual’s express consent. This includes sharing the personal information with other health practitioners who may be involved in the individual’s care.
In some situations, it may be necessary to share personal information outside the organisation. Such situations include but are not limited to:
- Where We are required by law to disclose the information (e.g. statutary reporting)
- To provide necessary follow-up services and support
- To address liability indemnity arrangements with insurers, medical defence organisations and lawyers
- For the defence of anticipated or existing legal proceedings
- How you can access your personal information that We hold and seek the correction of such information
We will always give you access to your personal information unless there are certain legal reasons why We cannot do so. If we cannot provide your information in the way you have requested, we will tell you why in writing. If you have concerns, you can complain by emailing firstname.lastname@example.org. If you believe there is something wrong with the information, for example if you think that the information We hold is inaccurate, out of date, incomplete, irrelevant or misleading, please email email@example.com so we can update your details. If you are worried that We have given incorrect information to others, you can ask us to tell them about the correction. We will correct this if We can or We will notify you if We are unable to change the details. You can ask us for access to your personal information that We hold by sending us an email to firstname.lastname@example.org. If We cannot resolve any request with you internally, you can make a complaint to the Office of the Australian Information Commissioner (OAIC), see below.
- How you can complain about a breach of the Australian Privacy Principles, or a registered APP code (if any) that binds Us, and how We will deal with such a complaint
If an individual feels that We have breached our obligations in the handling, use or disclosure of their personal information, they may raise a complaint. We encourage individuals to discuss the situation with one of Our representatives in the first instance, before making a complaint. The complaints handling process is as follows: The individual should make the complaint including as much detail about the issue as possible, by emailing email@example.com. We will investigate the circumstances included in the complaint and respond to the individual as soon as possible (and within 30 calendar days) regarding Our findings and actions following this investigation. After considering this response, if the individual is still not satisfied they make escalate their complaint directly to the Information Commissioner for investigation: Office of the Australian Information Commissioner www.oaic.gov.au Phone: 1300 363 992 When investigating a complaint, the OAIC will initially attempt to conciliate the complaint, before considering the exercise of other complaint resolution powers.
- Which overseas recipients and countries are We likely to disclose personal information to
We may need to share some of your information with organisations outside Australia. For example, in the course of our accounting and marketing activities We will generally need to share your details with our accounts, payment, marketing and tracking software providers who are located in the USA and elsewhere. We may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it is not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed. Overseas organisations may be required to disclose information We share with them under a foreign law. In those instances, We will not be responsible for that disclosure.
California Online Privacy Protection Act
Dexrandall.com does not honor “Do Not Track” settings and/or signals and as such there will be no difference in how we collect or use data, even if you set your web browser to send a “Do Not Track” signal when you visit this Site.
A Special Note About Children
Children are not eligible to use our services unsupervised and we ask that children (under the age of 16) do not submit any personal information to us. If you are a minor, you can use this service only in conjunction with permission and guidance from your parents or guardians.
The safety and privacy of children online is important to us and we take great care to comply with the Children’s Online Privacy Protection Act of 1998 (COPPA). Dexrandall.com does not allow this website to be accessed by children under the age of 16 without the supervision of a parent or guardian. We will never knowingly contact or collect personal information from children under 16. Please contact us at the email address below to notify us if you believe your minor child has provided us with personally identifiable information.
Visitors’ GDPR Rights
If you are within the European Union, you are entitled to certain information and have certain rights under the General Data Protection Regulation. Those rights include:
We will retain the any information you choose to provide to us until the earlier of: (a) you asking us to delete the information, (b) our decision to cease using our existing data providers, or (c) the Company decides that the value in retaining the data is outweighed by the costs of retaining it.
You have the right to request access to your data that the Company stores and the rights to either rectify or erase your personal data.
You have the right to seek restrictions on the processing of your data.
You have the right to object to the processing of your data and the right to the portability of your data.
To the extent that you provided consent to the Company’s processing of your personal data, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing based upon consent that occurred prior to your withdrawal of consent.
You have the right to lodge a complaint with a supervisory authority that has jurisdiction over issues related to the General Data Protection Regulation.
We require only the information that is reasonably required to enter into a contract with you. We will not require you to provide consent for any unnecessary processing as a condition of entering into a contract with us.
Contact Us / GDPR Representative
EFFECTIVE AS OF MAY 27, 2021