Totally Smiles recognises the importance of protecting privacy and is committed to complying with its obligations under the Privacy Act 1988 (Cth).
This Policy sets out:
how and why we collect and use your Personal Information; and
what controls you have over your Personal Information in our possession.
This Policy is may be amended by us from time to time at our discretion.
Definitions
In this Policy: Act means the Privacy Act 1988 (Cth); OAIC means the Office of the Australian Information Commissioner; Personal information means information about you which personally identifies you or may reasonably be used to personally identify you; Sensitive Information has the meaning given to that term in the Act (which includes your state of health and dental history); and Totally Smiles or we or us means TOTALLY SMILES PTY LTD ABN 43 621 283 798 and its related bodies corporate. Unless context otherwise requires, in this Policy, all references to Personal Information include Sensitive Information.
Unless context otherwise requires, in this Policy, all references to Personal Information include Sensitive Information.
Types of Personal Information we collect
We collect and hold various types of Personal Information, including:
personal details, including name, contact details and date of birth;
financial information, including tax file number, billing and payment details;
information relating to your education, qualifications and employment history;
health information, including medical conditions and the details and results of tests or treatments provided to you at our dental practices or previously provided to you at other dental practices;
information that you (or your referring doctor or authorised representative) provide to the dental practitioners and/or our staff in communication with them relating to the treatments and services provided;
information in relation to Medicare, private health insurance, pensioner and concession cards, workers compensation insurance, Department of Veterans’ Affairs, transport and accident compensation and other government or third party funding information;
information obtained as a result of credit checks which you authorise us to carry out;
if you participate in a member or rewards program, details in relation to your participation in the program including with respect to earning and redeeming rewards points, and your points balances;
family contact information;
information you provide to us through surveys; and
your criminal record.
Where we solicit Personal Information, we only collect:
non-Sensitive Information, if it is reasonably necessary for the services we provide;
Sensitive Information, if it is reasonably necessary for or directly related to the services we provide and you have consented to its collection, or its collection is permitted or authorised by law.
We may collect various other types of Personal Information, including Sensitive Information, in the course of conducting our business where it is provided by our patients or other persons without being solicited.
If you do not provide us with the Personal Information described above, some or all of the following may happen:
we may not be able to provide the requested treatments or services to you, either to the same standard or at all;
we may not be able to provide you with information about treatments and services that you may want; or
we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.
How we collect Personal Information
We may collect Personal Information about you when:
you complete and submit documentation;
you access or use our website;
you communicate with our dental practitioners, staff or representatives; and
you deal with us in the course of our business.
We may also collect Personal Information from third parties, including dental practitioners at our dental practices, Medicare, your private health insurer, healthcare providers who have previously treated you including hospital administration (such as where you request us to obtain records from a former healthcare provider) or who are treating you (such as specialist dental practitioners), your authorised representatives, dental technicians or laboratories, credit reporting agencies, online payment gateways, companies we partner with, law enforcement agencies and other government entities.
If we solicit Personal Information, we will generally solicit it directly from the person it relates to or their agents, unless it is unreasonable or impracticable for us to do so.
It is generally not practicable for us to deal with persons on an anonymous or pseudonymous as it is difficult for us to provide dental services to patients who do not identify themselves, including where we are required by law to obtain certain information from patients.
Website
To improve your experience on our website, we may use ‘cookies’. Cookies are small data files that are served by our platform and stored on your device. Our website uses cookies dropped by us or third parties for a variety of purposes including to operate and personalise the website. Cookies may be used for recording preferences, conducting internal analytics, conducting research to improve our offering, assisting with marketing and to deliver certain website functionality.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website.
How we store and protect Personal Information
We may hold Personal Information in physical documents or in electronic form. Physical files are kept securely inside our access controlled premises. Electronic files are only accessible through our secure network.
We take reasonable steps to:
ensure that Personal Information we collect is accurate, up-to-date, complete and relevant, other than where it is only collected to provide advice in respect of a particular point in time, in which case we will seek to ensure it is accurate, complete and relevant as at that particular point in time;
ensure that Personal Information we use or disclose is accurate, up-to-date, complete and relevant, having regard to the purposes for which Personal Information is used or disclosed;
protect Personal Information from misuse, interference and loss, and from unauthorised access, modification or disclosure; and
destroy or de-identify Personal Information which we no longer need for the purposes for which it was collected, except where it is necessary to retain it in order to maintain ongoing records for our clients.
We cannot guarantee the security of information transmitted via the internet. As such, transmission of Personal Information via the internet is at your own risk.
Links to third-party websites may appear on our website. Your use of those links is entirely at your own risk and we make no representations or warranties regarding third parties’ privacy practices.
Why we collect, hold, use and disclose Personal Information
We collect, hold, use and disclose Personal Information for various purposes, including:
providing dental treatment, services or products to you;
facilitating other interactions with you in the course of operating our business;
processing payments, private health insurance claims and Medicare claims;
communicating with you;
responding to your enquiries and information requests;
assessing the performance of aspects of our business;
conducting business processing functions;
storing information at third-party data centres;
administrative, marketing (including direct marketing), planning, treatment or service development, quality control and research purposes of our company, its related bodies corporate, dental practitioners, contractors or third party service providers;
updating your personal information;
complying with our legal obligations;
credit verification purposes, transactions, fraud and credit worthiness;
billing purposes and debt collection;
employing staff, including conducting criminal reference checks and other background checks permitted by law;
to enable you to participate in member or rewards programs; and
any other uses identified at the time of its collection.
We may disclose your Personal Information to such persons as is necessary to achieve the above purposes. This will often include disclosure to:
our related bodies corporate, dental practitioners, employees, contractors or other third party service providers (including, for example, dental technicians or laboratories);
other dental practitioners directly involved in your treatment e.g. a specialist who you may be referred to external to Totally Smiles; and
suppliers and other third parties with whom we have commercial relationships for business, marketing, and related purposes, which may include social media platforms for targeted advertising purposes.
We may use or disclose Personal Information for secondary purposes where it would be reasonable to expect us to do so, and that secondary purpose is related (or directly related in the case of Sensitive Information) to the primary purpose.
We may send you direct marketing communications and information about our business and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax, email and through social media platforms, in accordance with applicable marketing laws. At any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in our marketing communications and we will then ensure that your name is removed from our mailing list. Unless you opt-out of receiving marketing communications from us, you consent to us using your personal information for direct marketing purposes. We do not provide your personal information to other organisations for the purposes of their direct marketing.
Overseas disclosure
We may disclose Personal Information to third parties overseas for the purposes for which we collect and use that information. This will generally be limited to third party providers of services such as payment processing, website hosting, data storage, electronic communications and data analysis. Any such disclosure will be done in accordance with the Act.
We will attempt to ensure that persons to whom the disclosed Personal Information relates have comparable rights in relation to that information once disclosed overseas.
How you can access correct Personal Information
You may contact us to access your Personal Information or to correct inaccurate, out-of-date, incomplete, irrelevant or misleading Personal Information by emailing privacyofficer@totallysmiles.com.au
We will respond to those requests within a reasonable period in accordance with our obligations under the Act.
If we refuse a request to access or correct Personal Information, where reasonable, we will provide our reasons for doing so and information about your ability to complain about such refusal.
Complaints
Complaints about our Privacy Policy or our collection, use, disposal or destruction of your Personal Information should first be directed to us at the details set out above.
We will investigate and attempt to resolve your complaint in accordance with the Act.
You may contact the OAIC if you are not satisfied with the outcome of this process.
Further information
Please email us at privacyofficer@totallysmiles.com.au for more information regarding our Privacy Policy.
More information on the Act is available on the website of the OAIC at www.oaic.gov.au.