Privacy Policy

At Massage Therapy by the Bay (here after referred to  as "We" in this policy) we respect the privacy of our valued clients. This Privacy Policy outlines what information is gathered on the Massage Therapy by the Bay's website and how it is used.

Our privacy policy incorporates the National Privacy Principles (NPP) in the federal Privacy Act 1988 and any  Amendments.

This privacy policy will outline how and why we collect, use and protect your personal information when viewing, and interacting with our website.

What is covered in this Privacy Policy:

  • We collect your personal information to assist us to serve you in the best possible way.

  • We will only use your personal information in ways that you might expect it to be used in the course of our  massage business.

  • We will not pass your personal information on without asking for your permission, unless required to by law.

  • When asked, we will give you the chance to see what information we hold about you.

  • We protect your information with internet facilities as well as internal procedures.

  • When asked, we will provide you with information on how we handle personal information.

  • We will respond to any complaints regarding the way we handle your personal information, 

  • We will take all reasonable steps to ensure its compliance with the Australian Privacy Principles.

1.Information collection

 (i) ISP Details:

When you look at our web site, our Internet Service Provider makes a record of your visit and logs the following information for statistical purposes:

  • your server address

  • your domain name (e.g. .com, .gov, .au, .uk etc)

  • the pages you accessed and documents downloaded

  • the previous site you have visited

  • the type of browser you are using.

We will not engage in identifying you or your browsing activities. However, in an investigation, a law enforcement agency or other government agency can exert its legal authority to inspect our Internet Service Provider's logs.

(ii) Collection of information through our Client Intake forms: 

We only collect your personal information that is required for us to provide you with our services 

We will only collect information in a manner which is fair and lawful and appropriate to our business and services we provide. 

We will not collect information directly from your computer or internet connection (however, see section above "ISP Details" )

We will only collect your information from you; information about other parties will be requested as part of the intake form under the "emergency contact" section.

Each form you complete will consist of details explaining why this information is to be sent.

You will be informed on the Client Intake Form that your information will then be given to a third party that being our Practice Management System - Cliniko

 

(iii) Collection of sensitive information 

If the form asks you for the supply of sensitive information:

  • racial or ethnic origin;

  • political opinions;

  • membership of a political association;

  • religious beliefs or affiliations;

  • philosophical beliefs;

  • membership of a professional or trade association;

  • membership of a trade union;

  • sexual preferences or practices;

  • criminal record or health information about an individual.

you must only enter this information if you agree to our collection of this information, in adherence of this Privacy Policy.

2. Use and Disclosure 

The use and disclosure of your information is for the sole purpose of collection (see section 1)

We will record your e-mail address if you send us a message. Your e-mail address will be used for the purpose of informing you of your appointment details when booked through our Practice Management System - Cliniko  or directly will us.  It will not be added to a mailing list or used for any other purpose without your consent.

This site does not provide facilities for the secure transmission of information across the Internet. Users should be aware that there are inherent risks transmitting information across the Internet.

3. Quality 

We will make sure the personal information we collect, use or disclose is always accurate, complete and up-to-date. Each time information is collected, it will be used for it's intended purpose, and will not be re-used unless for the you have subscribed to receive material

4. Openness

We manage your personal information in this manner:

  • Information is retrieved from your access to our web site

  • Information is used to process your request

  • What information we have collected

  • What we have used this information for

  • How the information was collected

  • Who else has had access to this information.

If your information is to be used regularly, it will be secured and governed according to this Privacy Policy.

Upon request, we can show you:

  • What information we have collected ( from our Practice Management System)

  • What we have used this information for

  • How the information was collected

  • Who else has had access to this information.

5. Security 

We will keep any information we collect for re-use in a secure environment. 

Our Practice management System- Cliniko takes security very seriously they have many ways for us to make interacting with this system very secure such as the 2 factor authentication setting

Our Practice management System- Cliniko takes your privacy very seriously also you can read there Privacy Policy at the following link: https://help.cliniko.com/en/articles/1908020-how-cliniko-helps-you-with-gdpr-compliance#record-patient-consent-to-your-privacy-policy

Overseas Data Transfer: (After March 2014)

We store treatment note information in Dropbox as a precautionary measure in case something goes wrong with our Practice management System, this ensure we have a copy of all your treatments.  Dropbox take security very seriously you can read through how they protect information at the following site: https://www.dropbox.com/security?trigger=_footer 

Our Practice management System- Cliniko's servers are located in Australia and are not transfer overseas at this point in time. 

You may  transfer your information overseas (for example, by putting your name on Facebook or sending an email via Gmail), then we will ensure that the device or provider that will be storing your information will hold and use the information consistently with Australian law.

 

6. Access to your information 

If and When you request, we can:

  • Show you the information we hold about you

  • Give you an opportunity to change this information.

 

7. Identifiers 

We do not at this stage use Commonwealth Government identifiers (Medicare Numbers etc.) in any area of our information collection or usage. Unless in a case where we are an agent of a particular Government department, and in such a case, all Government privacy policies would apply.


 

8. Breach Complaints: 

If you perceive there has been a breach to your privacy, please contact us through the contact details section of this website with your complaint. We will then respond to the complaint by requesting our Information Technology service providers, and or our  Practice Management System - Cliniko to investigate and report to us any issues. We will then contact you if any issues are found and how we will resolve these issues.

If you have a complaint about the way we have handled your personal information, please contact us.