Privacy Statement - Updated 25 May 2018
Esoteric Women’s Health
15 Blue Hills Avenue
Goonellabah NSW 2480
Protecting your privacy – Our Privacy Assurance to you
Esoteric Women’s Health is deeply committed to the true well-being of all women. In all of our services, we hold people in the highest regard and the way we treat privacy is no exception.
In this policy, we refer to Esoteric Women’s Health as ‘we’, ‘us’ and ‘our’. We refer to you, a visitor to our website or participant in our events, as ‘you’.
We respect the fact that clients or customers who choose our services and care make a choice to entrust data to us as an organisation, as a necessary part of us imparting that service and care. We take very seriously the responsibility that comes with receipt of client data, and our use of that data is in accordance with all laws and regulations that apply to us.
At Esoteric Women’s Health, we have our headquarters in Australia (at 15 Blue Hills Avenue, Goonellabah NSW 2480).
How we obtain information about you
We obtain information about our customers/clients in various ways. For instance, if you decide to attend an event of ours, you will be asked to complete a consent form. We also collect information in relation to your use of our website, as described below. If you visit a practitioner under the umbrella of Esoteric Women’s Health, that practitioner will ask you to complete a consent form as part of their service to you.
The information handling processes outlined in this policy also relate to any personal information collected online via this website.
We take seriously the trust you place in us and at all times we will make every effort to ensure that your personal information is secure, protected from interference, misuse, loss and unauthorised access, modification and disclosure.
Collection of Your Personal Information
Personal and Sensitive Information
Personal Information refers to information or an opinion, whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
Sensitive Information is a subset of personal information and includes your health information as well as information pertaining to racial or ethnic origin, political opinions or membership of a political organisation, religious belief or affiliations, membership of a professional or trade association, sexual preferences or a criminal record. Sensitive information attracts additional privacy protections compared with other types of personal information.
You always have an opportunity to ask questions about any of our consent forms and are in no way obliged to sign a consent form or to agree with all aspects asked on the form. If you want to ask a question about our consents, please email us at firstname.lastname@example.org, use the contact page on our website, or see one of our staff at one of our events. A completed consent form is needed in order to receive the relevant service but you are free to ask whatever questions you like.
We do not ‘bundle’ together consent to different things in the one form. Consent to events, for example, is confined to consent to participate in events. In each case, you select what you are consenting to, by checking boxes, rather than any form being pre-filled out.
If you visit a practitioner listed on the Esoteric Women’s Health website, you will be visiting a practitioner who conducts their own business (not as a staff member, contractor or otherwise paid by us). They will ask you to complete a consent form in order for them to provide their services to you. They may ask you to provide certain personal information including:
Your name, address, phone number and email contact details;
Your gender, date of birth and marital status;
Contact details for your of next of kin and your doctor;
Information about your health and any medication you may be taking.
Practitioners listed on our website are accredited by the Esoteric Practitioners Association Pty Ltd, which is the internal accrediting arm for Universal Medicine Therapies. Practitioners are assessed against the standards of professionalism and integrity enshrined in the EPA Code of Ethics and Conduct. Each practitioner operates their own business. They are independent of Esoteric Women’s Health in their operation and are accredited EPA practitioners, although they have chosen to align under the Esoteric Women’s Health banner. EWH is not responsible for the service they provide, however if any person should be concerned as to the conduct of any person listed on the EWH website, they are encouraged to contact us via the contact page on our website.
When you first attend an Esoteric Women’s Health event, you will be asked to sign a consent form and provide your personal information similar to that outlined above.
In addition, you may consent on our website to use of certain services such as receipt of newsletters, mail outs or other updates, in which case we will use your personal information in order to communicate with you and as specified on the page of our site on which you sign up to such communications.
Children and minors
Children and other persons who are not legally able to give informed consent may attend an event we host with the consent of a parent or guardian. In such cases, personal information will be collected (via our consent form) and used as described above, subject to the parent/guardian having consented.
Our online services are not directed at children under the age of 13 years. If you believe we have collected information about a child under the age of 13, we ask that you please contact us so that we may take appropriate steps to delete such information. If you are at least 13 years of age but under the age of 18 years, please get the consent of your parent or legal guardian before giving us any personal information about yourself on this site.
Withdrawal of consent
You may withdraw your consent at any time. Consent may be withdrawn by email to Esoteric Women’s Health at email@example.com or via the contact page on our website.
If consent is withdrawn, we have a database which records details of the person who has withdrawn their consent. We retain this information to ensure we do not send you emails.
We will try to collect your personal information directly from you. However, there may be instances where we will need to collect your information from other persons or entities. Whenever possible we will request this other person or entity to have your signed consent or email giving your permission for them to provide us with your personal information. Exceptions may be if you suddenly take ill and are incapable of providing certain information which may be important for your treatment, such as if you have had a recent operation, illness or an implant and what medication you are taking, or if collection of information from anyone other than you is required by law.
If you have provided us with information about another person, then you will need to tell that person that you have done so, that they have the rights as set out in this policy including a right to access their information and that they can refer to this policy for information on how we will handle their personal information.
If you consent to your personal information being shared for research purposes, your information will be de-identified by a properly authorised member of staff before being made available to the designated research team unless you have consented to your personal information remaining identified.
When you access our website, anonymous technical information may be collected about your activities on the website. This may include information such as the type of browser used to access the website and the pages visited. This information is used by us to make decisions about maintaining and improving our websites and online services. This information remains anonymous and is not linked in any way to personal identification details.
We do not store financial information such as credit card numbers.
How we store your Personal Information
We will take all reasonable steps to ensure that your personal information is stored securely and is protected from misuse and loss from unauthorised access, modification or disclosure. This includes a range of systems and communications security measures, as well as the secure storage of hard copy documents. In addition, access to your personal information will be restricted to people properly authorised to have access.
When you complete a consent form either online or at one of our events, the information on the form is entered into our database and the original document (if in hard copy) is then filed in secure storage. Only your practitioner and the staff who have properly authorised access to the database may see your personal information unless you have consented to your practitioner sharing your information with another professional such as a GP or researcher.
When you enter your details online, they may only be viewed by the staff who have authorised access to the database.
We will keep your personal information for as long as it is required to provide you with the services you requested from us and to comply with legal requirements.
If we no longer require your personal information for any purpose, including legal purposes, we will take reasonable steps to securely destroy or de-identify your personal information.
It is your responsibility to advise us should either your health situation or your personal details change so that your record is kept up to date (see ‘Correcting your personal information’).
How we use your Personal Information
Personal information is used:
to contact you about your participation in an Esoteric Women’s Health event or any other matter in relation to the service provided to you;
to contact your next of kin or GP in an emergency;
to better understand your health history and thus checking that we are able to offer the best possible care for you at the event you are consenting to attend;
to allow you to purchase products and/or services and for us to deliver them;
to answer your enquiries, resolve complaints and communicate the same to you;
to provide you with information about any product or service you may have purchased or registered for, such as attendance at a workshop or other event.
Credit card information is used only for payment processing and fraud prevention. This information is not used for other purposes and not retained by us after processing any payment.
Practitioners listed on our website may use your personal information (provided via any consent form you sign) to tailor their treatment to your needs. This is an independent exercise/practice by the practitioner (as practitioners are independent of, not employed by and are not paid by Esoteric Women’s Health) and hence, you should ask the practitioner if you have any questions about the consent they ask you to sign.
Anonymous data may be aggregated for reporting statistics for the business and to improve our customer service and support. If you complete a questionnaire, you may do this anonymously and you will have an option to provide your name if you have questions or are seeking further information.
When you register on-line for a newsletter, event or other product, you consent to us using your personal information to send you further information relevant to that product (for an indefinite period), unless you have contacted us to withdraw your consent. You may withdraw your consent at any time. Please see the section on withdrawal of consent, above.
With whom we share your Personal Information
We take seriously the trust you place in us and on no account will we sell, rent or lease your personal information to others. We will not share your personal information with any third party without your permission unless required by law enforcement action or subpoena. For example, we may be required to provide your personal information to the appointed case managers of insurance companies managing compensation cases or a third party case in the treatment of injury or illness.
Personal information may be disclosed to anyone to whom you have given written and signed consent to have access to this information (e.g. a solicitor, accountant or a person who has authority to act as your attorney). This could also include referees, any financial institution nominated by you (for example in a direct debit) or anyone else you request.
Personal data given in relation to an Esoteric Women’s Health event may be transferred across state borders for the purposes of data consolidation, storage and simplified management.
Your personal information may be transferred across international borders and/or shared with a related party overseas where this is necessary to provide a service, such as when you attend an event internationally, noting that our headquarters are in Australia.
Rights relating to personal information
You have rights in relation to your information, which are important to us. These include the right to be informed, right of access, right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object, and right to not be subject to automated decision-making including profiling.
If a request is received to erase data, this request will be processed by us within 14 days of receipt of the request. On completion of your request, we will issue confirmation to you that the data has been erased.
Access to your Personal Information
If you have completed a consent form at an event or online on our website, you can request access to your personal information at any time by emailing us your request at firstname.lastname@example.org or using the contact page on our website. If you believe that any information is incorrect or outdated, you may ask for a correction to be made and we will do so. A request for access will be processed within a reasonable time, usually less than a week for a straightforward request. More time may be needed, depending on the nature of the request but in any case we will not take longer than one month. There is no fee for requesting access to your information.
In a very few cases we may be unable to give you access to certain information for example where:
we no longer hold or use the information;
providing access would have an unreasonable impact on the privacy of others;
we consider the request to be vexatious;
providing access would be unlawful;
the information relates to existing or anticipated legal proceedings;
providing access would prejudice or be likely to prejudice the prevention, detection, investigation and prosecution of unlawful activity;
disclosure would pose a threat to the life or health of any individual.
If we refuse your request, we will tell you the reason why. If we are not required to provide you with access to the information requested, we will consider, if reasonable, whether the use of a mutually agreed intermediary would allow sufficient access to meet your needs and ours.
Correcting your Personal Information
We strive to keep your personal information accurate, however, it is your responsibility to notify us if or when your details change. If you believe any information we hold about you is inaccurate, incomplete or out-of-date, you should contact us and we will provide you with a copy of your information to view and following your authorisation we will change your information. If you have any questions in relation to this, please email us at email@example.com or contact us via the contact page on our website.
In circumstances where you contact us to request access to or a change to your personal information, in order to protect your privacy and security, we will take reasonable steps to verify your identity, before granting access to your data. In some cases we may ask you to put your request in writing.
The most effective way to view and change your personal information submitted on a consent form at one of our events, is to request a new consent form from the Esoteric Women’s Health staff at the event as this information is not currently available to view online.
Making a Complaint
You can contact us at any time if you have any questions or concerns about this document or about how your personal information has been or will be handled. See contact details on the front page of this policy.
We value your comments and opinions. We will answer any questions you may have, correct any error on our part or use our best endeavours to resolve any complaint that you may have about our information handling practices.
Once you have contacted us in relation to your concerns, if you are not satisfied with our response, or if you do not feel your complaint has been resolved, you are able to seek advice from the Office of the Australian Information Commissioner by calling 1300 363 992.
If you want to make a complaint in NSW about a health related service you can contact the NSW Health Care Complaints Commission by calling the toll free number 1800 043 159 or emailing firstname.lastname@example.org
If you are located outside of Australia and wish to find out about your regulator for privacy purposes, you are welcome to contact us via the contact page on our website and we will do our best to assist you.
Online data collection and use
The following discloses our information gathering and dissemination practices.
If you use an online registration form for any event of ours or any online service (such as mail-outs, e-newsletters and the like), you will be asked to give contact information, such as your name and email address, and unique identifiers. You can choose whether to register with us online for any event or service, or not. If you complete an online registration form, we use contact information from the registration form to send you information about our services and products. The contact information is also used to contact you when necessary if you have subscribed to a mail list. After subscribing to any of our services, you may opt-out of receiving future mailings by choosing to un-subscribe by sending us an email stating so. Unique identifiers are collected to verify the user's identity and for use in our record system.
We use your IP address to help diagnose problems with our server, and to administer our website. Your IP address is used to help identify you and to gather broad demographic information.
Security of your Personal Information
We will take all reasonable steps to ensure that your personal information is stored securely and is protected from misuse and loss and from unauthorised access, modification or disclosure. We limit access to personal information to properly authorised staff within the organisation and ensure that those who do have access respect the privacy of personal information that they are handling. Authorised access to personal and sensitive information is conducted within a ‘need to know’ principle. Personal/sensitive information is only accessed by those staff members who need it to carry out their duties.
In line with our policy of ensuring a high level of care and protection for any personal information we may hold about you, Esoteric Women’s Health has an ongoing commitment to periodically brief staff on their obligations and responsibilities with digital security and to ensure they are made aware of the best practices for use of common technologies like email and video conferencing. We provide a copy of this policy to staff and keep them updated on changes.
We keep your personal information for as long as it is required to provide you with the products and services you requested from us and to comply with legal requirements. If we no longer require your personal information for any purpose, including legal purposes, we will take reasonable steps to securely destroy or de-identify your personal information.
Esoteric Women’s Health is headquartered in Australia but has clients and customers internationally as well as in Australia. For all operations, our main establishment is our head office, at 15 Blue Hills Avenue, Goonellabah NSW 2480, Australia. Significant decisions are made from the main establishment, which is the lead supervisory authority in relation to this policy and Esoteric Women’s Health operations.
Our website, or parts of it, and/or other materials may be translated into other languages from time to time. Where there is any inconsistency in the meaning between the English and any translation, the English shall prevail.
Amendment of this policy
We may amend this policy from time to time. Any amended form of this policy will be updated on our website, and we will include the date at which the policy was updated at the top of the policy page. We encourage you to check back to this page to see amendments.