Privacy Policy.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and engage with our services.
Zest Psychology & Well-Being is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) (Privacy Act) and other relevant state laws about the management of personal information. This Privacy Policy applies to the personal information we handle about clients, prospective clients, and users of services we provide and members of the public. By using our website and services, you consent to this privacy policy.
Information we collect
The personal information we collect about you depends on the nature of your dealings with us or what you choose to share with us. We endeavour to only to collect the personal information we need for the function or activity we are performing. When you enquire about our services, we may collect your full name, date of birth, email address, phone number, and other personal information, including sensitive information, to help us assess whether we are an appropriate service for you and send you information or resources. We collect additional personal information about you, including sensitive information, when you book an appointment and during treatment, for example, your address, emergency contact person, government-related identifiers such as Medicare number. We may also collect your bank account details for the purposes of payment arrangements.
We may collect personal information about you if you are a healthcare professional or healthcare service provider who has referred a client to us or who are providing services to a client of ours, such as your name, medical speciality or position within the organisation your work for, your Medicare provider number if applicable, your contact details.
We may collect personal information about you if you interact with us on a commercial basis, for example, service providers and contractors, or as a member of the public. The kind of personal information we collect will depend on the capacity in which you are dealing with us. Generally, it would include your name, your contact details, details and information regarding our interactions and transactions with you and details such as professional registration numbers, insurance certificates, among others.
How and why we collect information
We will, where practicable, collect information directly from you. We collect your personal information mainly when you deal with us over email, have contact with us in person, give or send us a letter or document. We may also collect personal information about you, including sensitive information, indirectly from other sources such as your GP or other healthcare professionals. If you want to share information that includes another person’s information in which that person will be identifiable, you must seek permission from the individual and let them know about our Privacy Policy.
We collect your personal information to carry out functions or activities such as assessing whether we are an appropriate service for you; providing you with psychological services such as assessing, diagnosing, and treating psychological issues; sending you communications via SMS or email to, for example, remind you about your future appointments, provide you with treatment resources and questionnaires and send you a copy of your invoices; enabling you to receive the correct entitlements to benefits and funding for our services from third-party payers and to comply with their requirements; responding to your enquiries, requests or feedback; updating our records and keeping your information up to date.
How we store your personal information
Zest Psychology & Well-Being collects and holds your personal information in electronic form. We hold your personal information securely on servers and computer systems. Some information may be collected in paper-based documents which may be converted to electronic form and the original paper copy destroyed in a secure manner (e.g., shredding) when we no longer need it.
We will not keep your personal information for longer than we need to. We are legally required to hold clients’ personal information for a minimum of 7 years from the date of last entry in your record or if you are a minor until you attain or would have attained 25 years of age.
Ways that we protect your personal information
Your personal information is maintained in a secure environment, which can be accessed only by authorised personnel. We take reasonable steps to protect the security of the personal information we hold, by:
Having and maintaining technological security measures in place, such as anti-virus software, using a firewall, using passcodes to control access to electronic devices, and using two-factor authentication when available to access electronic systems
taking reasonable steps to destroy or de-identify your personal information once we no longer need it
However, no data transmission over the internet or information stored on servers accessible through the internet can be guaranteed to be fully secure. Additionally, we are unable to ensure the security of personal information that is left with you or provided to you, for example, a paper-based report or email sent to you.
Times when we might disclose your information
There are special circumstances where we may be permitted or required by law to disclose your personal information to third parties. Common situations in which we may disclose your personal information to third parties are when:
you have consented to the disclosure; or
we reasonably believe that disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety; or
you would reasonably expect your personal information to be disclosed and disclosure to that third party is for a purpose directly related to the primary purpose for which your personal information was collected, for example, to a GP or medical specialist involved in your care, a hospital for higher levels of care, the ambulance service, government agencies and other third-party payers administering subsidies and benefits to which you may be entitled such as Medicare; or
it is required or authorised by or under an Australian law or a court/tribunal order.
Access to personal information and correction
We take reasonable steps to ensure that the personal information we hold about you is accurate, up-to-date and complete. If you believe it to be incorrect or out of date you can ask that we correct it. If it is not possible for us to correct it, you can ask us to associate with it, for example, attach or link a statement that you believe the information is incorrect and why. If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction. We may ask you to verify your identity before we give you access to your information or correct it.
Access to your personal information may be declined in accordance with privacy laws, for example, where giving you access would put you or another person at risk of harm. In this circumstance, we will notify you in writing setting out the reasons. Where a person requesting access to your personal information is an authorised representative of yours, such as a lawyer or guardian, we will ask the representative to provide evidence of their authority. We will also ask you to provide current and informed consent to us before releasing your personal information.
Collecting your personal information through our website
Our website is hosted in Australia. Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States and possibly other locations outside of Australia. Google Analytics does not identify individual users or associate individual IP addresses with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and patterns of usage by users on our website, to help us improve our website and its content. By using our website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy https://policies.google.com/privacy. You can opt-out of Google Analytics if you disable or refuse cookies, disable JavaScript, or use the opt-out service provided by Google.
Our website may contain links to third-party websites. Zest Psychology & Well-Being is not responsible for the content or privacy practices employed by websites that are linked from our website. You can access their Privacy Policy on their respective websites.
Inquiries and Concerns
You may contact Zest Psychology & Well-Being at any time if you have any questions or concerns about our Privacy Policy or how your personal information has been handled. If you have a complaint about how we have handled your personal information, please contact us in writing. We will tell you promptly that we have received your complaint and then investigate and respond to the complaint. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner. Full contact details for the Office of the Australian Information Commissioner can be found online at www.oaic.gov.au.
Notifiable data breaches scheme
In the event of any unauthorised access or unauthorised disclosure or loss of your personal information that is likely to result in serious harm to you or other individuals, we will investigate and notify you and the Office of the Australian Information Commissioner in accordance with the Privacy Act.
Changes to our Privacy Policy
We will update our Privacy Policy when our information handling practices change. Any information we hold about you will be governed by our current Privacy Policy. We recommend that you periodically review our Privacy Policy for any changes.