Southern Sun Practices Pty Ltd and its related bodies corporate (collectively, SunDoctors, we, us or our) recognises that your privacy is very important and we are committed to, and understand the importance of protecting the personal information we collect from you.
In handling your personal information, we are required to comply with the Privacy Act 1988 (Cth) (Privacy Act) and the 13 Australian Privacy Principles (APPs) under the Privacy Act. Further, as a health services provider, SunDoctors is required to comply with the Health Records and Information Privacy Act 2002 (NSW), Health Records Act 2001 (Vic) and Health Records (Privacy and Access) Act 1997 (ACT) (collectively, Health Acts) and the Health Privacy Principles (HPP) of the Health Acts.
We regularly review our practices and procedures regarding how we manage personal information. As a result, this policy may be updated from time to time. Where we update this policy we will make the updated policy available, including on our website.
What kinds of personal information do we collect?
Personal information is information or an opinion about an identified, or reasonably identifiable individual. During the provision of our services, we may collect your personal information.
The kinds of personal information that we collect will vary depending on the type of dealings we have with you and how you interact with us.
For example, if you have an appointment with us, the kinds of personal information we may collect include:
- your contact information, such as your name, address, telephone number and email address;
- your gender and date of birth;
- your payment details and health insurance details;
- sensitive information such as your medical history and personal health;
Where we collect sensitive information about you, we will only do so with your consent or where we are required to do so by law. Information about your health, racial or ethnic origin, political persuasions, criminal record and religious or philosophical beliefs are all examples of sensitive information.
How do we collect personal information?
We will collect personal information for the primary purpose of providing healthcare to you. To enable us to provide our healthcare services to you, we collect the information necessary in order to ensure appropriate and relevant healthcare is provided to you.
There are a number of circumstances in which SunDoctors will collect personal information from you. For example, SunDoctors may collect personal information:
- where you request information from SunDoctors regarding our services;
- where you attend a SunDoctors clinic for an appointment; or
- as part of SunDoctors providing our services to you.
Generally, we only collect personal information directly from you:
- in person;
- through the use of any of our standard forms;
- via email; or
through telephone conversations or other direct communications with you.
Why do we need your personal information?
SunDoctors collects, holds, uses and discloses your personal information where it is reasonably necessary for the purposes of:
- providing you with healthcare and associated services, including:
- providing you with an assessment of your health;
- administering a course of treatment to you;
- establishing a prevention strategy for you;
- accounting, billing and other internal administrative purposes;
- developing and facilitating our relationship with you;
- providing you with promotional information about us, our related entities and other organisations that we have affiliations with; and
- analysing our products and services and customer needs with a view to developing new and/or improved products and services.
We may also collect, hold, use and disclose personal information to undertake identification and verification processes in accordance with the Anti-Money Laundering and Counter Terrorism Financing Act or any other relevant laws. For certain investors, we may also be required to collect and disclose certain personal information to the Australian Taxation Office in order to comply with the Foreign Account Tax Compliance Act (FATCA).
You are under no obligation to provide your personal information to us. However, without receiving certain information from you, we may not be able to provide our products or services to you and may not be able to process any application by you for investment in our funds or other financial products or services.
Who do we disclose your personal information to?
Generally we will only disclose your personal information to third parties for a purpose related to the provision of our healthcare services or any related purposes within your reasonable expectations. We may also disclose your personal information to third parties for other purposes with your consent or if the disclosure is required or authorised by law.
The types of organisations we may disclose your personal information to include:
- third party medical consultants;
- government authorities were required to by law, such as under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
- third party service providers we engage to assist us in providing our healthcare services or other healthcare products or services including such service providers we may engage to provide custody,
- administration, identity verification, technology, auditing, mailing, printing or other relevant services;
- related bodies corporate of SunDoctors (such as subsidiaries or holding companies of SunDoctors) or other third parties that SunDoctors has a commercial arrangement with, for the purpose of advising you of special offers or promotions or otherwise notifying you of other products or services that we believe may be of interest to you;
- our professional advisors (including legal, financial or insurance advisors); or
- any entity that acquires our business or assets or any entity that may wish to acquire, or have acquired, an interest in our business, the benefit of any contracts entered into by us or any rights under an account or agreement you have entered into with us.
We do not disclose your personal information to recipients located overseas (i.e. outside of Australian borders).
We may collect, use and disclose your personal information to inform you of products, services or offers of SunDoctors, our related bodies corporate or other parties that we have a commercial arrangement with which we consider may be of interest to you.
If you do not want to receive this information or do not want us to use or disclose your personal information for direct marketing purposes, you can opt out by letting us know that you wish to opt out of receiving this information and/or SunDoctors using or disclosing your personal information for direct marketing purposes.
Security of your personal information
We take steps reasonable in the circumstances to ensure that the personal information we hold is protected from misuse, interference and loss and from unauthorised access, modification or disclosure. We store your personal information in different ways, including paper and electronic form.
Personal information is held on secured servers or in storage located in controlled, access restricted environments. Our employees are obligated to maintain the confidentiality of any personal information held by us.
Personal information may also, in certain circumstances, be held on behalf of SunDoctors in hard copy or electronic forms by SunDoctors’ service providers (such as offsite document storage providers or electronic data storage providers). SunDoctors enters into agreements with such service providers which impose confidentiality and privacy obligations on the service provider.
SunDoctors will destroy or de-identify personal information in circumstances where it is no longer required, unless we are otherwise required or authorised by law to retain the information.
Correcting, accessing or updating your personal information
SunDoctors takes reasonable steps to ensure the personal information we collect is kept up-to-date, accurate and complete.
If your personal information changes (such your name or address), you can contact us and let us know of the change. Please contact the Practice Manager at the clinic you attended.
You have a right to request:
- access to personal information we hold about you; and
- correction to personal information we hold about you that is incorrect, inaccurate, out of date, incomplete, irrelevant or misleading.
If you are in a State or Territory where the Health Privacy Principles applies, there are additional requirements that SunDoctors must consider when correcting, accessing or updating your health information.
We require you to put this request in writing and make this attention the Practice Manager and our clinic will respond to your request within 30 days. You will not be charged for making a request however if results are required to be printed or photocopied, an administration fee will be charged. This fee is in line with the AMA rates and is charged at $33 for 30 pages then $1 for each page after. This fee is payable before medical records can be released.
Our clinic will take reasonable steps to correct your personal information where the information is not accurate or up-to-date. From time-to-time, we will ask you to verify that your personal information held by us is correct and up-to-date.
Where you dispute the accuracy of the information SunDoctors has recorded, you are entitled to submit a written request for the Doctor to correct that information. Please be advised that the request and a note will be placed on your file but SunDoctors will not erase the original record. You will be notified once this correction has been made.
To protect your privacy and the privacy of others, we will need to verify your identity before granting access or making corrections to your personal information.
Links to other websites
Our websites may contain links to other sites. We are not responsible for the privacy practices or content of other sites. We encourage you to be aware when you leave our site and to read the privacy statements of each website that we may provide a link to on our website.
Please direct all privacy complaints to our Privacy Manager, firstname.lastname@example.org, or post to:
Level 5, 73 Walker Street
North Sydney, NSW 2060
A privacy complaint may relate to any concern or dispute you may have with our privacy practices. This could include matters such as:
- how your personal information is collected;
- how your personal information is stored;
- how your personal information is used or disclosed; or
- how access to your personal information is provided.
You can also make a privacy complaint to us if you consider that we have breached the Privacy Act, the APPs or any relevant APP Code.
At all times, privacy complaints will:
- be treated seriously;
- be dealt with promptly;
- be dealt with in a confidential manner; and
not affect your existing obligations or affect the commercial arrangements between you and us.
Our Privacy Officer will commence an investigation into your complaint promptly, all received letters will be acknowledged and a response will be sent to you within 30 days. You will be informed of the outcome of your complaint following the completion of the investigation. In the event you are dissatisfied with the outcome of your complaint, you may refer the complaint to the Office of the Australian Information Commissioner www.oaic.gov.au or call OAIC on 1300 336 002.
Privacy and our website