Privacy Statement: City Laser Clinic
(ABN 59 109 998 996) This is the City Laser Clinic Privacy Statement developed and published in accordance with requirements including the Privacy Act 1988, and the National Privacy Principles. Our Privacy Statement and relevant practices and procedures have been developed into a “Privacy Plan” in accordance with guidelines published by the Privacy Commissioner (A Guide to Privacy for Small Business). Protecting your privacy and your personal information is important to City Laser Clinic.
1. Security of Information
The only electronic record maintained by City Laser Clinic is for diary and contact purposes and includes your name, contact details and appointment dates and times. This electronic diary is secured using commercial security measures appropriate for the nature of the information. Laser treatment records are only stored in the form of written notes. Paper records are securely stored and can only be accessed by authorised employees of City Laser Clinic.
2. Collection of Information
City Laser Clinic only collects personal information from you with your consent, as regards information provided by you to City Laser Clinic; your consent is implied by your completing our personal particulars form and answering other relevant questions. These questions seek your name, current address, date of birth, telephone number/s, e-mail address/es, gender, and relevant health information. We will make notes of our assessment of your skin type and hair type because this information is essential to safely and effectively treat you with our laser technology, we will also make other notes including the areas treated and the progress of your laser treatments, as well as date, time and duration of sessions. These notes are made by our laser therapists for your safety and to better determine the progress of laser treatment and to determine best safe future laser treatment. We claim proprietary and intellectual property rights over some parts of these laser therapy notes. City Laser Clinic gathers and retains personal information for the following purposes:
- For proper assessment of your skin and hair type for reasons including your safe and effective laser treatment;
- Providing you with laser treatments that you request;
- Advising you about other services and relevant products that you may need, [you may request us to not make such advice or offers to you and we will act promptly on any such request];
- Contacting you for proper reasons such as confirming laser appointments; and
- Statistical and/or research analysis, which does not identify individuals.
3. Disclosure of Information
City Laser Clinic does not and will not sell or otherwise distribute personal information including but not limited to your name, address, telephone number/s and/or email address, other than as follows: • In accordance with this Privacy Statement and the National Privacy Principles we will allow you to access and inspect your personal information other than where that access or inspection may breach the privacy of other parties or is not personal information such as commercial information that we are not required to release and do not release. We may charge a fee for this service. • On presentation of your signed valid authority to release information we will provide a copy of your relevant personal information to the person you nominate at the address that you nominate. We will charge a fee for this service. • In response to a valid subpoena or summons to produce documents issued and stamped by a Court registry we will provide the information specified. We will charge a fee for this service.
4. What is included in your personal information record?
The personal information that City Laser Clinic collects and retains for each client contains information that you have a right to access as well as commercial information that we claim privilege over. Personal information may be categorised as follows:
1. Contact Details: your name, address, phone number, and email;
2. Relevant Personal History: details as provided by you on your personal particulars form including your date of birth, age, gender, area (of your body) that you are requesting treatment of, previous history of hair removal, recent exposure to sun or sun bed, information about relevant medical treatment, as well as relevant conditions and whether you are taking any medication. The information provided by you on the form may be supplemented by notes by our laser therapists clarifying your response and/or adding further information.
3. History of your Laser Appointments with us: including date and time of the laser appointment and the duration of the appointment and the area/s treated during the laser appointment. This information is also required for billing purposes, as well as a record of progress of the Laser Hair Removal treatments and Q-switched laser treatments. Information gathered and retained and records created by City Laser Clinic are not Health Information within the meaning of the HEALTH RECORDS AND INFORMATION PRIVACY ACT 2002. Some of the information that we retain about each client is not personal information, but commercial information about the service provided to you that allows us to provide you with the quality service that we strive to provide and is of such a nature that City Laser Clinic properly and reasonably claims intellectual property rights because release of this information could advantage our competitors. We also retain a record of your payment for each service and details of how those payments were made, but we do not retain details of your credit card or other payment instrument unless you specifically authorise us to do so.
5. Your right to Access and Inspect your Personal Information. You have a right to request access to your personal information, inspect your personal information and obtain a copy of your personal information. We may charge a fee to manage your request. The information that we gather and retain, and are required to allow you to access, inspect and to provide you a copy if you request: is generally described above in the three categories of personal information. We claim privilege of particular commercial information and proprietary information and do not grant access to unauthorised persons to inspect or copy that information. National Privacy Principle 6 (NPP 6) provides individuals with a right of access to personal information held about them by an organisation. This right is not an entitlement to access privileged information relating to matters including business practices and methods developed by an enterprise such as City Laser Clinic and over which they reasonably claim intellectual property rights and business process rights.
6. Request for access, inspection, and/or a copy of your personal information. You may make a request for access, and inspection, of your personal information and you will generally be granted access without unreasonable delay at our offices. We do not allow you to make notes but will provide a photocopy of your personal information if you request. We may charge a fee for this service. The Office of the Privacy Commission advises that: An organisation must not charge an individual for lodging a request for access (NPP 6.4) but may apply a charge that is not excessive to recover costs of making information available. [PRIVATE SECTOR INFORMATION SHEET 4 – 2001 Access and Correction]
7. Correction of Information If following access and inspection of your Personal Information you identify to us information that is incorrect or wrong City Laser Clinic will change that information; unless there is some proper reason to not change the information or the request is unreasonable or without merit. If we decline to update your information you may make a written request for review directed to our Privacy Officer, you will receive a response in writing within 21 days and, depending on the situation and circumstances we may charge a fee to manage your request. If we decline to update or correct your information you may refer the matter to the Office of the Privacy Commissioner.
8. Fees to inspect, access and/or obtain a copy of your personal information. City Laser Clinic may charge a fee for the time involved in managing your request to inspect, access and/or obtain a copy of your personal information. The fee charged will only be that which relates to our costs and disbursements including staff time and charges by consultants and legal advisers as may be necessary. We will charge and apply charges in a manner similar to that which other Small Businesses as well as Government Departments and Agencies charge for processing and complying with similar requests.
9. Commercial Information that we are not required to release and do not release. We cannot release information that we are contractually bound by our suppliers, including equipment suppliers, not to release. We cannot release information about persons other than the person making the request, in person or when certain that the person making the request is the client. To check identity we may call you back on the telephone number that you advised us when you completed your client details form. We do not release information that is Commercial in Confidence such as information about our methods of operation that may give a commercial advantage to our competitors.
10. Retention of Information City Laser Clinic privacy plan is to retain information about a client for no longer than 7 years after a clients’ last contact with us, however we may retain some information for less than 7 years, we may also retain some information for longer than 7 years, in response to specific legal requirements and other reasons relevant to the management of our clinic. Information that is retained is stored securely and when information is no longer required it is destroyed by secure means such as shredding for paper based records.
11. Information gathered on our Internet Web Site. Personal information is not intended to be gathered on the City Laser Clinic web site, and all reasonable steps are taken by our web master to protect visitors from malicious activity. The City Laser Clinic web site [www.citylaserclinic.com.au] transmits traffic log cookies to identify which pages are being used. This helps City Laser Clinic analyse information about webpage traffic so as to improve our web presence and adjust to customer needs. We only use information gathered by traffic log cookies for statistical analysis purposes and data is then removed from the system. A cookie does not provide City Laser Clinic access to your computer or any information about you, other than the data you choose to share with us. Most web browsers automatically accept cookies, but you can modify your browser setting to decline cookies if you prefer. Declining cookies may prevent you from taking full advantage of the City Laser Clinic website. The City Laser Clinic web site has links to other websites, when you use these links to leave our site, you should be aware that City Laser Clinic cannot control that other website, and therefore, City Laser Clinic cannot accept responsibility for the protection and privacy of any information which you provide whilst visiting such sites; this privacy statement relates only to the City Laser Clinic web site. You should exercise caution and look at the privacy statement applicable to any other website.
12. Review of request for inspection, access and/or a copy of your personal information that are denied or partially fulfilled. If we decline your request for inspection, access and/or a copy of your personal information whether in full or in part you may request a review of your request by our Privacy Officer, you will receive a response in writing within 21 days. Depending on the situation and circumstances, we may charge a fee to manage your request. You may also refer our declining your request for inspection, access and/or a copy of your personal information to the Office of the Privacy Commissioner.
13. Privacy Officer Matters regarding the City Laser Clinic Privacy Statement and privacy plan including requests for review of decisions relating to access to information and amendment of personal information may be referred to the privacy officer. Our Privacy officer is: Stephen WATSON Suite 304, 84 Pitt Street, SYDNEY 2000 Email: firstname.lastname@example.org Initial requests regarding access to personal information and amendment to personal information should be made to: Ellen Aleksanian Director Suite 304, 84 Pitt Street, SYDNEY 2000 Phone: (02) 9232-8090
14. Staff Training All City Laser Clinic staff are trained in relevant procedures and supervised to ensure compliance with the City Laser Clinic Privacy Statement and Privacy Plan. Particular emphasis is placed on the security, confidentiality and accuracy of our personal information and other records.
15. Audit and Compliance This Privacy Statement shall be reviewed at least once each year and whenever significant changes are made to Privacy Law and/or other relevant matters. Compliance with the City Laser Clinic Privacy plan shall be ongoing and audited at last once each year with continuous oversight by management. All persons employed by City Laser Clinic, consultants and directors must comply with this Privacy Statement and the Privacy Plan.
16. Publication of this Privacy Statement This Privacy Statement shall be displayed in our business premises, at the date of last review of this Statement our business premises are: Suite 304, 84 Pitt Street, SYDNEY 2000 This Statement shall be presented on our Internet Web Site. This Privacy Statement will also be available for supply, on request, at our business premises.