KYLIE – THE FUNCTIONAL PHYSIO PTY LTD 

PRIVACY POLICY 

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE ACCESSING THE FUNCTIONAL PHYSIO WEBSITE. BY ACCESSING AND USING THE WEBSITE, YOU ARE AGREEING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO ANY CONTENT WITHIN THIS AGREEMENT, YOU MUST NOT ACCESS OR USE THE WEBSITE. 

1. BACKGROUND 1.1 The privacy of your personal information is afforded the highest level of importance by Kylie – The Functional Physio Pty Ltd (ACN 632 561 445) (“Company”). 

1.2 This privacy policy (“Privacy Policy”) sets out how the Company and any of its related bodies corporate (“we”, “our”, “us”) collects, stores, uses, protects, shares and discloses your personal information. Capitalized terms not defined in this Privacy Policy have the meanings given in our Terms of Use. This Privacy Policy applies to our Website. By visiting or using our Website you agree to the collection, storage, usage and disclosure of your personal information by us in the manner described in this Privacy Policy. 

1.3 From time to time we will review our Privacy Policy. We will notify you about any changes to our Privacy Policy at any time by posting an updated version of the Privacy Policy on the Website and emailing you an update. We do not make any representations about third party websites that may be linked to the Website. 

1.4 The processing of personal information by us will always be in line with the Australian Privacy Principles contained in the Privacy Act 1998 (Cth) (“Privacy Act”) and in accordance with country-specific data protection regulations applicable to us. The processing of health information by us will additionally be in line with the Health Records Act 2001 (Vic) (“Health Records Act”). 

1.5 We have implemented a number of technical and organisational measures to ensure the protection of personal information processed through our Services. 

1.6 This Privacy Policy sets out our information handling procedures and the rights and obligations that both you and we have in relation to your personal information. In the event of any inconsistency, the legislative requirements will override the provisions of this document. 

1.7 This Privacy Policy applies to both existing clients of our Health Service (“Existing Clients”) and the general public. To avoid any doubt any reference to “health information” is relevant only to Existing Clients. 

 

 

2. CHILDREN 2.1 Our Website is not offered to children. We do not knowingly collect personal information from children without parental or guardian consent. 

2.2 If you become aware that a child has provided us with information please contact us. Any information provided that is in breach of this provision will be deleted. 

 

 

3. PERSONAL INFORMATION WE COLLECT 3.1 The kinds of personal information that we may collect and hold from time to time includes: 

 

(a) your contact information, including postal and residential addresses, telephone and facsimile numbers, and email addresses; 

(b) details of any service we supply to you at your request; 

(c) invoicing and payment details; 

(d) data relating to your activity on our websites, including if you are a user of our service platform and information about you is inputted as a part of its functionality, and/or via tracking technologies such as cookies; 3.2 The legal basis for the above is based on: 

 

(a) your consent through your voluntary submission of the form/s agreeing to these terms; 

(b) the personal information being necessary for the performance of a contract to which you are a party; 

(c) carrying out a pre-contractual measures; and/or 

(d) any other legitimate interests as detailed within this Privacy Policy.

 

4. COLLECTION OF PERSONAL INFORMATION 4.1 We will only collect personal information where it is reasonably necessary to do so for the conduct of our business. Any collection of personal information by us will be fair and lawful and will not be intrusive. 

4.2 We will collect personal information about you in the following ways: 

 

(a) if you provide your information by telephone, post, email or facsimile, through our website, or in person; 

(b) if you contact us via email or submit your information through our website; 

(c) if you establish an account on our website; 

(d) if you require us to provide services to you; 

(e) if during the course of using our Website or Service either you or a third party input information about you, as part of its functionality; and/or 

(f) if you are an Existing Client, information provided by you during the course of our Health Service being provided to you. 4.3 We may automatically collect information about how you use our Website, the areas of our Website that you visit, as well as information about your computer or mobile device including your IP address, device ID, physical location, browser and operating system type, and referring URLs, via cookies and other tracking technologies. Some of the information we collect may be anonymous and/or aggregated, while other information may be personal information. We may also collect information about you through analysing your actions with electronic communications we send to you from time to time, including your opening of such communications and clicking on included links. This information is necessary for providing personalised and location-based content as well as for analysing the use of resources, troubleshooting problems, preventing fraud, and improving our services. We may combine this information with information in your account to help prevent fraud. 

4.4 If it is reasonable and practical do so, we will collect personal information about you only from you. In the course of operating our business, however, we may collect personal information from third parties such as suppliers, advertisers, mailing lists, recruitment agencies, contractors, clients and business partners. In addition, as part of the peer assessment functionality of our Website and Service, we will collect information about you from others associated with you, most likely your colleagues and collaborators. Some of this may be personal information. 

4.5 If we collect personal information about you from a third party in circumstances outside the input requirements associated with our Website and Service we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information. 

4.6 When we collect personal information from you, we will take reasonable steps to notify you or ensure you are aware of: 

 

(a) our identity and contact details; 

(b) that we have collected your personal information, and whether that collect is required or authorised by law; 

(c) the purposes of collection; 

(d) the consequences if personal information is not collected (such as if this will affect our ability to provide products or services to you); 

(e) our usual disclosures of personal information of the kind collected; 

(f) information about this Privacy Policy; and 

(g) whether we are likely to disclose personal information to overseas recipients, and if practicable, the relevant countries in which they are located. 4.7 Some of the above information referred to at clause 5.6 is included in this Privacy Policy. 

 

 

5. HOLDING OF PERSONAL INFORMATION 5.1 We will hold personal information as either physical records, records on our servers, as records in cloud storage, and in some cases, records on third party servers or cloud storage facilities, which may be located overseas. 

5.2 We take active steps to hold all hard copy and electronic records of personal information in a secure manner to ensure that they are protected from misuse, interference and loss, and unauthorised access, modification or disclosure.

 

 

5.3 We have procedures in place to destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law. 

 

 

6. USE OF PERSONAL INFORMATION 6.1 We will only use or disclose your personal information for the purposes for which we advised you we were collecting it for (which are set out as follows and otherwise in this Privacy Policy) or a related purpose which would reasonably be expected or otherwise with your permission. 

6.2 Generally we will use your personal information: (a) to conduct our business, generate content and provide customer support and payment services (including updates and improvements); 

(b) to administer contracts including to negotiate, execute and or manage a contract with you; 

(c) for our administrative, marketing (including direct marketing), planning, product or service development, quality control, survey and research purposes, and our related bodies corporate, contractors and employees or service providers; 

(d) to conduct business processing functions including providing Personal information to our related bodies corporate, contractors, service providers or other third parties, including but not limited to providing your information to a contractor and other goods and Services provided in our Services to personalise your experience with our Products and Services, for example, via connectivity with social media services; 

(e) to provide your updated personal information to our related bodies corporate, contractors, employees or service providers; 

(f) to provide, administer, market and manage our Services, including but not limited to, providing you with customary search results for use in our Services; 

(g) to provide you with access to protected areas of the site and to authenticate your account; 

(h) to conduct surveys to determine use and satisfaction with our Services and/or Products; 

(i) to enforce our Terms of Use, this Privacy Policy or any other policy; 

(j) to verify information for accuracy or completeness (including by way of verification with third parties); 

(k) to comply with our legal obligations, a request by a governmental agency or regulatory authority or legally binding court order; 

(l) to combine or aggregate your personal information with information we collect from third parties and use it for the purposes set out this Privacy Policy; 

(m) to aggregate and/or make anonymous your personal information, so that it cannot be used, whether in combination with other information or otherwise, to identify you; 

(n) to resolve disputes and to identify, test and resolve problems; 

(o) to notify you about the Services we provide and Products we sell and updates to the Services and Products from time to time; 

(p) to protect a person’s rights, property or safety; 

(q) for job applicants or tendering parties, to assess your eligibility for employment by the Company, or engagement by the Company as a contractor; 

 

6.3 In the event that we hold sensitive information about you, we will only disclose or use that information with your consent or if another exception applies under applicable laws. 

 

 

7. DISCLOSURE OF PERSONAL INFORMATION 7.1 We may disclose your personal information, including your personal information, to third parties for the purposes contained in this Privacy Policy (including those listed above), including without limitation to: 7.1.1 Service Providers: 7.1.1.1 We may share your personal information with service providers to: 

 

 

 

(a) provide you with the Services or Products that we offer you through our Website; 

(b) to conduct quality assurance testing; 

(c) to facilitate creation of accounts;

 

(d) to provide technical support; 

(e) and/or to provide other services to us. 7.1.1.2 The service providers include: 

 

(a) information technology service providers such as web host providers and analytical providers; 

(b) mailing houses; 

(c) market research organisations to enable them to measure the effectiveness of our advertising; and 

(d) specialist consultants. 7.1.1.3 These third-party service providers are not permitted to use your personal information other than to provide the services requested by us. 

7.1.2 Affiliates and Acquirers 7.1.2.1 We may share some or all of your personal information with our parent company, subsidiaries, joint ventures, or other companies under a common control (“Affiliates”), in which case we will require our Affiliates to honour this Privacy Policy. In the event we are involved in a merger, acquisition or sale of assets we may disclose Personal information collected by us to such entities that we propose to merge with or be acquired by, and will assume the rights and obligations regarding your personal information as described in this Privacy Policy. This includes the disclosure of information to our clients where we act as a data processor. 

 

7.1.3 Third parties and others you choose to share with: 7.1.3.1 We may disclose your personal information to third parties to whom you expressly ask to us to send the personal information to or to others you directly or indirectly choose for us to disclose your personal information to. 

 

7.2 Please note when you make your information public, your information may become accessible through search engines. 

7.3 We will take reasonable steps to ensure that anyone to whom we disclose your personal information pursuant to the Privacy Act respects the confidentiality of the information and abides by the Privacy Act. 

7.4 We will not share, sell, rent or disclose your personal information in ways different from what is disclosed in this Privacy Policy. 

 

 

8. IF WE CANNOT COLLECT YOUR PERSONAL INFORMATION 8.1 If you do not provide us with the personal information described above, some or all of the following may happen: 

 

(a) We may not be able to provide the requested Products or Services to you, either to the same standard or at all; 

(b) We may not be able to provide you with information about Products and Services that you may want; or 

(c) We may be unable to tailor the content of our Website to your preferences and your experience of our Website and/or Services may not be as enjoyable or useful. 

 

9. MANAGING YOUR PERSONAL INFORMATION 9.1 Subject to the Privacy Act, you may request to access the personal information we hold about you by contacting us. All requests for access will be processed within a reasonable time. 

9.2 Accessing or Rectifying your personal information: 9.2.1 We may, if required, provide you with tools and account settings to access, correct, delete, or modify the personal information you provided to us. You can find out more about how to do this by contacting us. In the event that you are unable to access your account to access or rectify your personal information, you may submit a request to us to correct, delete or modify your personal information.

 

 

 

9.3 Deletion: 9.3.1 We keep data for as long as it is needed for our operations. If you deactivate and delete your account your data will no longer be visible on your account. Please keep in mind that third parties may still retain copies of information you have made public through our Website. 

9.3.2 If you wish to have us delete your data please contact us. 

 

9.4 Object, restrict or withdraw consent: 9.4.1 If you have an account on the Website you will be able to view and manage your privacy settings. Alternatively, if you do not have an account, you may manually submit a request to us if you object to any personal information being stored, or if you wish to restrict or withdraw any consent given for the collection of your personal information. 

9.4.2 You may withdraw your consent to the processing of all your personal information at any time. If you wish to exercise this right you may do so by contacting us. 

9.4.3 You may withdraw your consent or manage your opt-ins by either viewing your account on the Website or clicking the unsubscribe link at the bottom of any marketing materials we send you. 

 

9.5 Portability: 9.5.1 We may, if required and possible, provide you with the means to download the information you have shared through our Website. Please contact us for further information on how this can be arranged. 

 

9.6 We may retain your information for fraud prevention or similar purposes. In certain instances we may not be required or able to provide you with access to your personal information. If this occurs, we will give you reasons for our decision not to provide you with such access to your personal information in accordance with the Privacy Act. 

9.7 There is no application fee for making a request to access your personal information. However, we may charge an administrative fee for the provision of information in certain circumstances such as if you make repeated requests for information or where the information is held by a third party provider. 

 

10. HEALTH INFORMATION 10.1 Health information is a form of sensitive information which is a subclass of personal information. Health information relates to the medical history of a person and requires a higher level of protection. 

10.2 If you are a member of the general public and not and existing client of ours for the purposes of our Health Service we will not collect any health information from you. 

10.3 If you are an existing client of ours we may collect and use health information. The kinds of health information we may collect and use includes the following: 

 

(a) information about current health providers; 

(b) information about current or past symptoms, injuries, trauma, diseases, conditions or disabilities; 

(c) information about past operations, treatments received and treatment programmes undertaken; 

(d) information about allergies; 

(e) information about medications which you are taking or have taken in the past; 

(f) information about family medical history; 

(g) information about accidents, incidents or circumstances which may have caused you injury or discomfort; 

(h) our opinion of your condition; 

(i) our recommended treatment plan; and 

(j) any other relevant information. 

 

11. MANAGING HEALTH INFORMATION 11.1 Accessing or rectifying your health information: 11.1.1 In accordance with the law you may request to access the health information we hold about you by contacting us. All requests for access will be processed within a reasonable time.

 

 

 

11.1.2 If you become aware that any part of the health information we hold about you is inaccurate or not up to date we will take reasonable steps to ensure it is accurate and up to date. 

11.1.3 There is no application fee for making a request to access or rectify your health information. 

 

11.2 Deletion: 11.2.1 We may only delete your health information in accordance with the relevant law. 

 

 

 

12. COLLECTION OF HEALTH INFORMATION 12.1 We will only collect health information from you where it is reasonably necessary to do so for the conduct of our business with your consent. Any collection of health information by us will be fair and lawful. 

12.2 We will only collect health information about you if you provide us with your health information by telephone, post, email or facsimile, in person or the message box on our Website for the purposes of being provided our Health Service. 

 

 

13. HOLDING OF HEALTH INFORMATION 13.1 We hold health information in accordance the Privacy Act and the Health Records Act. 

13.2 We hold health information in either physical records, records on our servers, as records in cloud storage, and in some cases, records on third party servers or cloud storage facilities, which may be located overseas. 

13.3 We take active steps to hold all hard copy and electronic records of personal information in a secure manner to ensure that they are protected from misuse, interference and loss, and unauthorised access, modification or disclosure. 

 

 

14. USE OF HEALTH INFORMATION 14.1 We will only use your health information for the purpose of providing you our services as an extension of our Health Service namely to provide you with instructions on how to use our Products tailored to your physical condition. 

 

 

15. DISCLOSURE OF HEALTH INFORMATION 15.1 We will not disclose your health information except in accordance with your instructions or as required by or in accordance with the law. 

 

 

16. COOKIES POLICY 16.1 We may use cookies and URL information to gather information regarding the date and time of your visit and the information for which you searched and which you viewed. “Cookies” are small pieces of information that a Website sends to your computer’s hard drive while you are viewing a web site. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. Persistent Cookies can be removed by following Internet browser help file directions. Cookies may enable automatic logins when you visit in the future and may enable content customisation. 

16.2 Cookies may collect and store your personal information. This Privacy Policy applies to personal information collected via Cookies. You consent and acknowledge that we collect your personal information through Cookies. 

16.3 We sometimes use Cookies to show remarketing communications via third party networks like Google Display network and Facebook. 

16.4 You can control and/or delete cookies as you wish. 

 

 

17. ANONYMITY AND PSEUDONYMITY 17.1 We will allow our customers to transact with us anonymously or by using a pseudonym, wherever that is reasonable and practicable. However, this will not be possible if we are required or authorised by law or other instrument to deal with customers who have been appropriately identified, or where it is impracticable for us to deal with. 

 

 

18. STORAGE AND SECURITY OF PERSONAL INFORMATION 18.1 We are committed to protecting the security of your personal information. We (and our third party service providers) use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. We use secure web services to collect your information and we store certain kinds of data in encrypted form. 

18.2 We follow reasonable technical and management practices to help protect the confidentiality, security and integrity of data stored on our system. While no computer system is completely secure, we believe the measures implemented by us reduce the likelihood of security problems to a level appropriate to the type of data involved. 

18.3 We encourage you to be vigilant about the protection of your own information when using digital services, such as social media. While we will endeavour to ensure that any relationships we have with third parties include an appropriate level of protection for your privacy, we will be limited in our ability to control any electronic platform operated by a third party. 

 

 

19. INTERNATIONAL TRANSFER AND DISCLOSURE OF PERSONAL INFORMATION 19.1 Where we transfer personal information outside of Australia we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws. 

19.2 We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information. 

19.3 We may disclose your personal information to entities located outside of Australia, including the following: 

 

(a) Our related bodies corporate; 

(b) Our data hosting and other IT service providers, located in various countries; and 

(c) Other third parties located in various foreign countries. 19.4 We may disclose your personal information to entities within Australia who may store or process your data overseas. 

 

 

20. NOTIFIABLE DATA BREACHES 20.1 We take data breaches very seriously. In the event that there is a data breach and we are required to comply with the notification of eligible data breaches provisions in Part IIIC of the Privacy Act 1988 (Cth) or any other subsequent sections or legislation which supersede this Part IIIC, we will take all reasonable steps to contain the suspected or known breach where possible and follow the following process set out in this clause. 

20.2 We will take immediate steps to limit any further access or distribution where possible. If we have reasonable grounds to suspect that the data breach is likely to result in serious harm to any individuals involved, then we will take all reasonable steps to ensure an assessment is completed within 30 days of the breach or sooner if possible. We will follow the guide published by the Office of the Australian Information Commissioner (if any) in making this assessment. 

20.3 If we reasonably determine that the data breach is not likely to result in serious harm to any individuals involved or any remedial action we take is successful in making serious harm no longer likely, then no notification or statement will be made. 

20.4 Where, following an assessment and undertaking remedial action (if any), we still have reasonable grounds to believe serious harm is likely, as soon as practicable, we will provide a statement to each of the individuals whose data was breached or who are at risk. The statement will contain details of the breach and recommendations of the steps each individual should take. We will also provide a copy of the statement to the Office of the Australian Information Commissioner. 

20.5 Further, where there is likely to be a high risk to your rights we will endeavour to contact you without undue delay. 

20.6 We will review every incident and take action to prevent future breaches.

 

 

21. INTEGRITY AND RETENTION OF DATA 21.1 We take all reasonable steps to ensure that the personal information we collect about you is accurate, up to date and complete. Where we collect that information from you directly, we rely on you to supply accurate information. We make it easy for you to keep your personal information accurate, complete, and up to date. We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. 

 

 

22. CONTACT INFORMATION 

 

We welcome your comments or questions regarding this Privacy Policy. 

If you have a question regarding this Privacy Policy or you would like to make a complaint, please contact us by email by using our contact details on the Site or below. 

You can confidentially contact our Privacy Officer at: 

Kylie – The Functional Physio Pty Ltd Level 6 

3 Chapel mews Phone: 0426011110 Email: kyliethefunctionalphysio@gmail.com 

If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, please contact the Office of the Australian Information Commission at: 

Telephone: 1300 363 992 

Email: enquiries@oaic.gov.au 

Office Address: Level 3, 175 Pitt Street, Sydney NSW 2000 

Postal Address: GPO Box 5218, Sydney NSW 2001 

Services: www.oaic.gov.au 

23. CHANGES TO THIS PRIVACY POLICY 23.1 This Privacy Policy is subject to occasional revision and we reserve the right, at our sole discretion, to modify or replace any part of this Privacy Policy. It is your responsibility to check this Privacy Policy periodically for changes as continued use of our Services shall indicate your agreement to our then current Privacy Policy. Not all changes to our Privacy Policy will require your consent, for example where office security procedures are changed. We will notify you of any change to our Privacy Policy that requires your consent before being implemented. 

 

24. GENERAL 24.1 This Privacy Policy was last updated on 12th of November 2019 by Merton Lawyers of 1/26 Liddiard Street Hawthorn Vic 3122. 

© 2020 by Kylie - The Functional Physio Pty Ltd