Collecting your personal information
What is personal information?
Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.
What is sensitive information?
Sensitive information is a sub-set of personal information that is given a higher level of protection under the Australian Privacy Principles. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation, sexual practices or sex life, criminal records, health information or biometric information.
What personal information do we collect?
The types of personal information we may collect about you include:
- your name;
- your contact details, including email address, mailing address, street address and/or telephone number;
- your age and/or date of birth;
if you engage us to provide services, we may collect:
- your Medicare details;
- your health information; and
- information you provide us from third party health care providers, such as your general practitioner, or any related mental health plans;
- your marital status;
- your credit card or payment details (through our third party payment processor);
- details about the Services we have provided to you and/or that you have enquired about, and our response to you;
- your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour;
- information about your access and use of our Services, including through the use of Internet cookies, your communications with our online Services, the type of browser you are using, the type of operating system you are using and the domain name of your Internet service provider;
- additional personal information that you provide to us, directly or indirectly, through your use of our Services or trusted associated applications;
- details of your schooling, training or employment status and if you apply for employment with us;
- any other personal information requested by us and/or provided by you or a third party; and
- your sensitive information as set out below.
What sensitive information do we collect?
The type of sensitive information we may collect about you includes:
- your health information, including detailed information about your physical health and psychological health; and
- as part of your clinical intake and assessment, we may gather information about you, including criminal records, sexual history, family history, relationship history and substance abuse history, your racial and ethnic origin, your religious beliefs, your philosophical beliefs, and your sexual orientation or practices.
Your consent: we will not collect sensitive information about you without first obtaining your consent and we will only use it as permitted by law.
How do we collect your personal information?
We may collect personal information from you in a variety of ways, including:
- Directly: We collect personal information which you directly provide to us, including by completing the clinical intake and assessment when you first become a client of ours, during a psychology session, when you make a purchase online via the Stirling Wellness ecommerce store, through the ‘contact us’ form on our website or when you request our assistance via email, our online chat or over the telephone.
- Indirectly: We may collect personal information which you indirectly provide to us while interacting with us, such as when you use our websites, in emails, over the telephone, during face-to-face consultations and in your online enquiries.
Why do we collect and use your personal information?
We collect, hold, use and disclose personal information for the following purposes:
- to enable you to access and use our Services;
- to provide our Services to you, including to enable your general practitioner or other referrer to refer you to us and/or book an appointment for you and to dispatch and deliver the products you order from us;
- to keep your general practitioner or other referrer up-to-date;
- to book an appointment for you directly;
- to contact and communicate with you about our Services, including about your appointment or in response to any enquiries you make with us;
- to check you in at our practice;
- to liaise with your private health care insurance provider;
- to enable you to participate in our retreats;
- for internal record keeping, administrative purposes, invoicing and billing purposes;
- to enable you to access and use our trusted associated applications and associated social media platforms;
- to conduct research and evaluation
- for analytics, market research and business development, including to operate and improve our Services, associated applications and associated social media platforms;
- for advertising and marketing, including to send you promotional information about our Services and information that we consider may be of interest to you; and resolve any disputes that we may have;
- to comply with our legal obligations and resolve any disputes that we may have; and/or
- if you have applied for employment with us; to consider your employment application.
We may de-identify information you provide to us and use it for research purposes.
How do we disclose your personal information?
We may disclose personal information to:
third party service providers for the purpose of enabling them to provide their services to you, including (without limitation):
- our practice management cloud-based software Cliniko to manage your bookings, our patient files and invoicing and billing requirements;
- your general practitioner (to the extent we are required to do so);
- your private health care insurance provider (to the extent we are required to do so);
- professional advisors (such as lawyers where required); and
- payment systems operators (to process your payments);
- our employees, contractors and/or related entities;
- our existing or potential agents or business partners;
- anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
- credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods and Services we have provided to you;
- courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
- third parties to collect and process data, such as Google Analytics or other relevant businesses. This may include parties that store data outside of Australia; and
- any other relevant third parties, where we make a clinical decision that we must disclose your personal information, based on an assessment of your best interests, taking into account your age, health, safety and any possible immediate or substantial risk to you.
By providing us with personal information, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with Australian Privacy law. You acknowledge that some overseas third parties may not be regulated by the Privacy Act and the Australian Privacy Principles in the Privacy Act and if any third party engages in any act or practice that contravenes the Australian Privacy Principles, it would not be accountable under the Privacy Act and you will not be able to seek redress under the Privacy Act.
While we store personal information in Australia, where we disclose your personal information to third parties, these third parties may store, transfer or access personal information outside of Australia.
Disclosing your sensitive information
Provided you consent, your sensitive information may only be used and disclosed for the following purposes:
- any purpose you consent to;
the primary purpose for which the sensitive information is collected, including:
- to provide our Services to you;
- to report back to your general practitioner about your use of the Services and our findings from the Services;
- to refer you to medical or health service providers in emergency circumstances where it is impractical for us to obtain your consent; and
- to provide a relevant third party with information about you, where we make a clinical decision that we must disclose your sensitive information to a third party, including if you are at risk to self-harm, based on an assessment of your best interests, taking into account your age, health, safety and any possible immediate or substantial risk to you;
- the secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the above listed third parties as reasonably necessary to provide our Services to you;
- to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
- if otherwise required or authorised by law.
Your rights and controlling your personal information
Anonymity: Where practicable we will give you the option of not identifying yourself or using a pseudonym in your dealings with us.
Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.
Access: You may request access to the personal information that we hold about you. An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, incomplete, misleading or out of date.
Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details of the complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take in response to your complaint. You also have the right to contact the relevant authority in the country in which you are based.
Storage and security
We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk.
Cookies and web beacons
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our online Services.
We may use web beacons on our online Services from time to time. Web beacons (also known as Clear GIFs) are small pieces of code placed on a web page to monitor the visitor’s behaviour and collect data about the visitor’s viewing of a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
We may use Google Analytics to collect and process data. To find out how Google uses data when you use third party websites or applications, please see www.google.com/policies/privacy/partners/ or any other URL Google may use from time to time.
Links to other websites
For any questions or notices, please contact our Privacy Officer at:
Last update: 8 December 2022