Privacy policy

INNER SMILE NUTRITION & WELLBEING

(also referred to as “we”, “us” or “our”)

Effective Date: 16 September 2022

Under the Australian Privacy Act 1988, personal information is information about a living person which can be used (by itself or together with other information) to reasonably identify that person. In the Health Sector, we take additional precautions with privacy and are governed by the Australian Privacy Principles. We are committed to protecting your privacy and do not sell or rent your details to any third parties.

This Privacy Policy applies to our clients of our practice, as well as all customers, subscribers and visitors of our website.

This Privacy Policy applies to the products and/or services we provide in person, on our website innersmile.net.au (“website”) and our social media channels. It explains how we collect, hold, use and disclose information. We will only use your personal information in compliance with Australian Privacy Laws (Privacy Act (1988 (Cth)), Australian Privacy Principles and to the extent applicable, with the EU General Data Protection Regulation (GDPR) and any replacement legislation.

When and how we collect information

At all times we try to only collect the minimum information we need to provide our services and to keep our records up to date.

We collect personal information about you:

– when you contact us (via email, phone and instant messenger services)

– when you book an appointment (online, in person or over the phone)

– when you fill out a form (online or in person)

– when you subscribe to our newsletter

– when you set up an account on our website

– when you make a purchase on our website

– when you interact with us on social media

– when you participate in events, promotions and giveaways

– when you participate in a customer survey

– when you accept our cookies and other tracking technologies on your device

– when you voluntarily submit your data to us for any reason

– when you talk with us in person

– when you ask for access to information we hold about you

If you provide us with any information relating to a third party, you confirm that you have the right to authorise us to process that information on your behalf in accordance with this Privacy Policy.

Collecting information from third parties

We may also collect personal information that is given to us or made available to us by a third party such as a referring specialist, general practitioner or another health professional. If someone calls on your behalf or provides us with information about you, we may collect the caller’s name and contact details as well.

We may collect information from your insurer or your solicitor.

When you use our website, we may receive data from third parties such as analytics from providers and advertising networks like Google and Facebook.

This information forms part of the personal information described in this Privacy Policy.

What information we collect

To enable us to safely deliver our health services to you, it is necessary for us to collect and store basic and health information about you. It is important that we keep your records up to date and we have processes in place to help with this.

We will collect (as appropriate to your circumstances) the following types of information:

– Your name, address, telephone, email

– You date of birth

– Information relevant to your health (current and historical) including medications

– Family medical history

– Your work history and/or current position

– Medical reports, referral letters, test results

– Financial Information (credit card details when you are making a purchase)

– Data about the products or services you purchase

– Data about your experience with our website and our products and services

– Data relating to your circumstances and such other information that is relevant to the products or services we provide to you

– Data relating to your attendance at seminars or other events held by us (including webinars and podcasts)

– Data that identifies you (your IP address, login, browser type, time zone, browser plugins, geolocation, what operating system and version) – we do not link this with any personal data

– Data on how you use our website (URL clicks, products and services views, how long you are on our pages and other actions)

– Any other information you provide or we receive from third parties

How we use your personal information and who we share it with

We collect and use your personal information primarily to provide you with services, products and information.

Additionally, we use your information as follows:

– for administrative, billing and other purposes involved in the running of our practice

– for operating and improving our website and your experience on our website

– for customer support

– for tracking your purchase history

– for detecting and preventing fraud

– for market research (e.g. we may contact you for feedback about our products and services)

– to provide you with information about events, products, services, or opportunities that may be of interest

– for marketing (with your consent)

– for monitoring your compliance with our website Terms and Conditions

We may disclose your information under the following conditions:

– we will share your information with your carer or representative if you have authorised us to do so or they have provided us with your authority (for example under a Power of Attorney for health decisions)

– if you are under the age of 18, we will share your information with your legal guardian.

– we will share your health information with authorised health practitioners in our practice

– we will share your health information when we are required to do so by law (e.g. if we receive a valid court subpoena to disclose information)

– we will share your information with Medicare or your private health fund to validate your rebate or claim

– we will share your information with Government bodies that require us to report processing activities

– if we refer you to a third party for additional therapy, we will share your information with the third party (with your consent)

– we will use your information for recalls or follow up visits with us

– we will disclose your health information if there is an emergency which we feel warrants disclosing your health or other information

We reserve the right to fully co-operate with any law enforcement authorities or court order requiring or requesting us to disclose the identity or other usage details of any user of our services, or in accordance with a properly executed court order, or as otherwise required to do so by law.

Google Analytics

We use Google Analytics functions. You can find out how your data is collected here and there are instructions here on how to opt-out of Google Analytics data tracking.

Our use of Google Analytics may include but is not limited to display advertising and remarketing. You may see our adverts across the internet, this is due to the use of tracking technologies (cookies) to optimise and serve our adverts based on past visits to our Site. When you log onto our Site, we, with the help of Google Analytics, use your browsing behaviour to connect this with other data that you previously provided to us in accordance with this privacy policy.

Facebook Insights

We use Facebook Insights to track your interaction with our Facebook page https://www.facebook.com/InnerSmileNutrition. This will allow us to track usage and improve the performance of our page. We will use Facebook Analytics to better measure, track and understand customer user experience to enable us to improve our products and services that we offer. You can check out Facebook’s privacy policy here, and if you want to opt out of seeing ads on Facebook based on information we have received, you can control this in your ad preferences here.

Choosing not to provide personal data

You can choose not to provide us with any personal data. If you do this, we will not be able to provide you with any products or services. However, you are welcome to continue to browse the pages of our website.

Marketing

We will always let you know before we collect any data from you, what the intended use is, if we intend to use it for marketing, and if third parties are involved we will obtain your consent (which you can withdraw at any time). You can change your mind about marketing material by opting out by:

– completing the Contact Us form on our Contact page; or

– unsubscribing, if you have previously subscribed to our newsletter.

Opting out of marketing will have your details removed from our marketing list but will not change the way we use other personal information we hold about you. For example, you will still receive reminders about upcoming appointments.

Accessing and correcting your personal information – Your legal rights

You have the right to know what information we hold about you and to ensure the information is accurate and up to date. You will not have to pay a fee to access your personal data. We will provide you with the information within 30 days of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we can’t comply with your request and why.

You can ask us to correct any information we hold about you that you believe is inaccurate.

You can request for your data to be erased. This means we have to delete all information that we hold about you, except to the extent of any information we are required to hold due to our legal obligations.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

If you wish to exercise any of the rights or make a complaint regarding how your data is handled, please contact us in writing using our contact details below. If you are not satisfied with our response to your complaint, you may seek a review by contacting the Office of the Australian Information Commissioner, available at http://www.oaic.gov.au.

Security of the information we collect

We realise that our customers trust us to protect their data and whilst we cannot guarantee the security of any information you transmit to us, or receive from us, we take that task seriously and maintain reasonable and appropriate physical, electronic and procedural safeguards to help protect your data. This includes the following:

– Password access to accounts

– Storing electronic data with reputable third party storage providers who have appropriate security protections

– Limit access to personal information to individuals who need to know.

– Using payment providers who are PCI DSS compliant

– We do not store your payment details

We use an electronic web-based software called Cliniko to make appointments, write treatment notes and store client information. We use Cliniko because it has a very high level of security and encryption to protect you details both at the clinic, while making bookings online and from outside threats on the internet.

We use service providers based in Australia. If we transfer personal data outside of Australia, we will ensure that your privacy rights are adequately protected by ensuring these service providers have the same or similar measures in place to protect data shared.

We will keep your data for as long as we need it, and this period will also depend on your interactions with us. If you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing and tax purposes. When we no longer need to keep your information, we will delete it permanently or anonymise data which is no longer necessary.

Third parties who access your data

We share data with third parties in the following circumstances:

– Other companies in our group of companies, as necessary to operate our Site

– Our suppliers and service providers working for us e.g. payment processors

– Our professional and legal advisors

– Third parties engaged in fraud prevention and detection

– Law enforcement or other government authorities

– Share with third parties who enable us to provide our products and services which may include:

– payment processors such as Stripe, PayPal, Xero, Shopify who may process your payment for any products and services bought from us;

– Social media and analytics such as Facebook, Instagram and Google Adwords for purpose of custom audience generation and the development of targeting criteria;

– Other third parties such as Leadpages, LeadQuizzes, Teachable, Zoom, Active Campaign, MailChimp for processing and holding Data that enables us to ensure you are kept informed of all course information, logins and marketing material, offers, promotions, newsletters, blogs and video training.

– Where we have your consent to do so or otherwise where we are legally permitted to do so.

Payment security

All of our real-time credit card authorisations are handled by secure third party gateway providers and these are secured by the highest level of security. The following measures are taken to protect your data:

  • Payments are fully automated with an immediate response.
  • Your complete credit card number cannot be viewed by us or any outside party.
  • All transaction data is encrypted for storage within our third party gateway suppliers bank-grade data centre, further protecting your credit card data.
  • Our third party gateway provider is an authorised third party processor for all the major Australian banks.
  • Our third party gateway provider will at no time touch your funds, all monies are directly transferred from your credit card to the merchant account held by us.

We use third-party gateway providers that are widely respected for providing secure and reliable online payment solutions. We have chosen to deal with the best so you can feel safe that your personal information is kept safe and secure at all times. While we attempt to protect the information in our possession, no security system is perfect, and we cannot promise that information about you will remain secure in all circumstances.

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for all organisations that handle branded credit cards from major card schemes. PCI DSS is a standard mandated by the card brands like Visa, Mastercard, American Express and Discover and is managed by the PCI Security Standards Council.

PCI-DSS requirements help ensure the secure handling of credit card information through our Site and the service providers.

Age of consent

By using this website, you warrant that you are at least the age of majority in your State or Territory of residence. Our website should not be used by anyone under the age of majority, and we do not knowingly collect data from anyone under the age of majority.

Cookies and how to block them

We use cookies, this helps us improve the products and services we provide. Unfortunately, they are not the edible kind! “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies can also be used to analyse traffic and for advertising and marketing purposes. They do not harm your systems and the HELP function in your browser will tell you how to restrict or block the cookies. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. If you use browser settings to block all cookies, you may not be able to access all or parts of our website.

Web beacons

We may use web beacons (or clear gifs) on our website and in our emails. So basically when we send emails, we can track behaviour such as who opened the emails, who clicked the links and collect information such as your IP address, your browser or email type, we then put this information together to improve the performance of our email campaigns and provide you with better and/or services specific to your needs. You will always have the ability to opt out of any emails we send just click the link in the email that says “unsubscribe”.

Governing law

This Privacy Policy and your use of this Site is governed in all respects by the laws of Australia.

Updates to our Privacy Policy

Please make sure to check in on our Privacy Policy periodically, as we may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. We will always ensure that the current date of the Privacy Policy also known as the “Effective Date” is prominently displayed at the very top of this Privacy Policy, so you know it’s the latest version.

Our details if you need to contact us

Business Name: Alina Zamoshnikova ABN: 21507863277

Trading Name: Inner Smile Nutrition & Wellbeing

Address: Bardon Counselling and Natural Therapies Centre

151 Boundary Rd, Bardon. QLD 4065

Phone: (07) 3368 1300

Fax: (07) 3512 9333

Email: alina.innersmile@gmail.com

Website: innersmile.net.au