OXFORD CLINIC PRIVACY POLICY (AS AT JUNE 2022)
Oxford Clinic Ltd ABN 58 628 357 175 (we, us or our), understands that protecting your personal information is important and we are committed to safeguarding your personal information. This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or otherwise collected by us, offline or online, including when you access our website, use our online contact form, telephone us, email us, SMS us, complete any questionnaire we provide to you, visit our practice or participate in a telehealth consultation or research undertaken by us (Services).
The information we collect
We may collect personal information about you for the purpose of providing our Services to you. We may collect this information directly from you or from a third party such as your referring doctor, or from a family member, partner or other support person but only with your consent or if required or authorised by law. This may include personal information, sensitive information and health information. We store personal information in a variety of ways, including paper and electronic formats.
Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.
Sensitive information: is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
Health information: is a type of sensitive information and includes any personal information that is collected while providing you a health service. For example, any details you share with us in a consultation about your medical history or mental health will be health information.
The types of personal information we may collect about you include:
When you contact us:
- your name;
- your contact details, including email address, street address and/or telephone number; and
- any other personal information requested by us and/or provided by you or a third party.
When you work with us as a postgraduate student, or in connection with any other research purpose, or are otherwise engaged by us:
- your name;
- particulars of your educational background, including your marks and references;
- your contact details, including email address, street address and/or telephone number; and
- any other personal information requested by us and/or provided by you or a third party.
When you register with us as a client (including when filling out a new patient registration form or administrative paperwork):
- your name;
- your contact details, including email address, street address and/or telephone number;
- your date of birth;
- your Medicare number (if you are referred to us under a mental health plan);
- details of your referring doctor;
- an emergency contact name and telephone number;
- our correspondence with you or with other health professionals about you; and
- any other personal information requested by us and/or provided by you or a third party.
When you have a consultation with us and/or agree to participate in research conducted by us:
- personal details which are necessary and relevant to the assessment and/or treatment of your presenting mental health concern, or which is relevant to our research, and which you choose to share with us. For example, this may include details of your schooling/training/employment status; your marital status; your beliefs and values, and views;
- sensitive information (including health information) which is necessary and relevant to the assessment and/or treatment of your presenting mental health concern, or which is relevant to our research, and which you choose to share with us and any mental health assessment or diagnostic opinion we believe it is necessary or relevant to record. The types of sensitive information you choose to share with us may include:
- detailed information about your current medications, your physical health and detailed information about your psychological health;
- your gender;
- your racial or ethnic origin;
- your religious beliefs;
- your philosophical beliefs;
- your political beliefs or affiliations;
- your sexual orientation or practices; and
- any other sensitive details you choose to share with us;
- any other required personal information requested by us and/or provided by you or a third party.
When you visit our website:
We also may collect personal information about you, directly from you or from a third party, for the purpose of delivering our website to you. The types of personal information which we may collect when delivering our website to you include:
- your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour
- information about your access and use of our Services, including through the use of Internet cookies, your communications with our online Services, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider; and
- additional personal information that you provide to us, directly or indirectly, through your use of our Services, associated applications, associated social media platforms and/or accounts from which you permit us to collect information.
Why we collect, hold, use and disclose personal information
Personal information: We may collect, hold, use and disclose personal information for the following purposes:
- to book an appointment for you whether via email or over the phone;
- to contact and communicate with you about your appointment;
- to enable your referring doctor to refer you to us and/or book an appointment for you;
- to register you as a client;
- to register you as a postgraduate student engaged by us or working with us;
- to check you in at our practice;
- to provide our services;
- for internal record keeping;
- for administrative purposes including invoicing and billing purposes;
- to enable you to access and use our website and trusted associated applications and platforms; and
- to comply with our legal obligations and resolve any disputes that we may have.
Sensitive information: We only collect, hold, use and disclose sensitive information for the following purposes:
- any purposes you consent to, such as:
- to provide a written report to another agency or professional, e.g. a general practitioner or a lawyer;
- to discuss the material with another person, e.g. a parent, postgraduate student, employer, health provider, or third party funder;
- to disclose the information in another way; or
- to disclose to another professional or agency (e.g. your general practitioner or Medicare);
- secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the below listed third parties as reasonably necessary to provide our Services to you;
- to refer you to medical or health service providers, to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
- if otherwise required or authorised by law.
Our disclosures of personal information to third parties
We may disclose personal information to:
- third party service providers for the purpose of enabling them to provide their services to us, including (without limitation) our employees, postgraduate students, contractors and/or related entities;
- supervisors of postgraduate students who are engaged by us or who work with us and the universities which they attend, provided that your personal information is de-identified;
- our existing or potential agents or business partners;
- anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
- courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
- courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
- third parties to collect and process data, such as IT service providers, data storage, web-hosting and server providers, email marketing providers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators, Google Analytics (To find out how Google uses data when you use third party websites or applications, please see www.google.com/policies/privacy/partners/ or any other URL Google may use from time to time), Facebook Pixel or other relevant analytics businesses; and
- any other third parties as required or permitted by law, such as where we receive a subpoena.
Google Analytics: We may have enabled Google Analytics Advertising Features including Remarketing Features, Advertising Reporting Features, Demographics and Interest Reports, Store Visits, Google Display Network Impression reporting. We and third-party vendors may use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.
You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here. To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.
Overseas disclosure
We may store personal information overseas. Where we disclose your personal information to the third parties listed above, these third parties may also store, transfer or access personal information outside of Australia.
Unless we seek and receive your consent to an overseas disclosure of your personal information, we will only disclose your personal information to countries with laws which protect your personal information in a way which is substantially similar to the Australian Privacy Principles and/or we will take such steps as are reasonable in the circumstances to require that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.
Your rights and controlling your personal information
Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to provide our Services to you and your use of our Services.
Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.
Anonymity: Where practicable we will give you the option of not identifying yourself or using a pseudonym in your dealings with us.
Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.
Access: You may request access to the personal information that we hold about you. An administrative fee is payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.
Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. If you are not satisfied with our response, you also have the right to contact the Office of the Australian Information Commissioner.
Storage and security
We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure. These procedures include:
• securing any personal information we hold in an electronic format behind password log ins (typically with multi factor authentication);
• securing any personal information we hold in physical files in a locked cabinet;
• encrypting data, using virus protection software, implementing firewalls; and
• limiting internal access to the personal information we hold about you based on a need-to-know basis.
While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.
Cookies
We may use cookies on our website from time to time. Cookies are text files placed in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally identifiable information. If and when you choose to provide our online website with personal information, this information may be linked to the data stored in the cookie.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
Personal information retention
Your personal information is only kept while it is required for the purpose for which it was collected or as required by law. It will then be securely destroyed or de-identified.
Health records are kept for a minimum of 7 years since the last time you we provided you a health service. Where we provide services to children, we keep your health record at a minimum until you reach the age of 25. When we destroy your health record, we keep a written note of your name, the date we destroyed it, and the time period the record covered.
Links to other websites
Our website may contain links to other party’s websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.
Amendments
We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.
For any questions or notices, please contact us at:
Oxford Clinic Ltd ABN 58 628 357 175
Email: admin@oxfordclinic.com.au
Last update: 28 June 2022
© LegalVision ILP Pty Ltd