Website Privacy Policy
Introduction
Hi there! This website, https://lisahodgson01.wixsite.com/mysite, is owned and operated by Lisa Hodgson 72496720137. If you have any questions or need further information, please contact me at lisahodgson01@bigpond.com.
You may also contact me on 0404 018 344
This document sets out my Privacy Policy. It describes how I collect and manage your personal information when you interact with this site. I take this responsibility very seriously. If you have any questions or concerns about how your personal information is being handled, please do not hesitate to contact me.
I comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act).
I understand that visitors from the EU may access this site, so I also aim to comply with the General Data Protection Regulations (GDPR).
Personal Information
If you engage with me via this website, or choose to become my client I may ask to collect the following kinds of personal information from you, including:
-
Name, age, gender, address, email, mobile, phone, the country that you live in.
-
Information that allows me to tailor my content to your needs when you sign up for one of my webinars or promotional events.
Collection and Use
I may collect your personal information by various means including:
I use this information to improve my services so that I able to help you. Information such as: question / inquiry / contact form emailed to you, newsletter subscription, opt in , sign up for seminar / webinar / events, in person at seminar / webinar / events, client engagement, where I undertake a search or investigation and client referral.
I use this information to:
This information is collected for the purpose of:
Providing you with relevant news and updates about my services. To improve this website and the services I provide. To respond to your enquiries. To provide specific services at your request and monitor client satisfaction. Also, to help other people to understand my services better. I am always striving to improve my services and to provide more relevant information. I will also provide news about developments in my industry.
I will only collect your personal information.
Grounds for collections are as follows:
For consent to collection for a specific purpose. When you are entering into a contract with me, such as buying from me or my services or have asked me to take specific steps prior entering into a contract. Legal obligation leads me to collect specific information.
This will be done with your full awareness and consent, such as when you email me, tick a checkbox or fill in a form to provide me with information
Also, if I need it to provide you with information or services that you request and for necessary administrative processes if you become my client
Sensitive Information
I understand that some personal information is particularly sensitive.
I will only collect sensitive information by methods that are reasonably secure, such as:
By telephone, online conference, and face to face. Through my intake form when in consult. In a zoom consultation and when you send me information in an email
The reason why I collect this information is:
I collect this information to get a full picture of why you are seeing me in order to provide a thorough service you have contracted for. To ensure that I am providing you with the most appropriate services.
The sensitive information I ask you to provide for this purpose may include:
I collect medical, health and lifestyle information as well as health history because it allows me to treat you appropriately. I also collect your birth date for medical reasons, address, phone number and email for communication.
I am committed to securely storing and handling your sensitive information.
Sensitive information is stored in a locked filing cabinet / on a password protected computer and password protected external hard drive.
Only I, the therapist, will have access to this information and possibly a VA if employed to assist myself.
I do not store sensitive information online or in the cloud.
Sensitive information may be collected from children under the age of 18 under the following circumstances:
I would collect personal information on a child or children in the case of a parent coming to me for treatment of their child/children with the parent or guardian’s full consent.
All information collected from minors is securely stored in accordance with this privacy policy.
All archived sensitive information is securely destroyed after 7 years and for children 7 years after they turn 18.
Professional Considerations
I am subject to the following regulations regarding the collection of personal information:
I am a registered health professional and so have duty of confidentiality to my clients. I take this responsibility very seriously and will always strive to promote your best interests.
You may choose not to provide me with your personal information. However, I will need specific and correct information to be able to treat you. This is because your health is important and for correct referral or for me to work with other health professionals on your behalf and with your permission.
If you choose not to be completely honest with me, I may not be able to provide you with the services that you request.
I am legally required to identify my clients by collecting their name and address, and failure to provide this information means I cannot offer my services to you.
Use of Personal Information
Reasons why I may disclose your personal information include:
For proper referral.
Where disclosure is necessary to carry out your instructions or services you have requested.
To send you products that you have purchased.
To provide goods or services to you. When using support services (such as a VA)
In order to do this, I may share some relevant personal information - on a strictly need to know basis - with:
My virtual assistant (VA). Australia Post or courier companies.
Other third parties are when there is auditing, accounting, legal help, business consultant or coach
I also will disclose your information if required by law to do so or in circumstances permitted by the Privacy Act – for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.
If you have any concerns regarding the disclosure of your personal information, please do not hesitate to get in touch with me to discuss this personally.
Disclosure for Overseas:
Overseas clients such as EU.
I will use all reasonable means to protect the confidentiality of your personal information while in my possession or control. I will not knowingly share any of your personal information with any third party other than the service providers who assist me in providing the information and/or services I am providing to you. To the extent that I do share your personal information with a service provider, I would only do so if that party has agreed to comply with our privacy standards or has a suitably protective policy of their own. However, some of my service providers may be overseas and may not be subject to Australian Privacy Laws or compliant with GDPR. Please contact me if you have any concerns about the potential disclosure of your information.
Security
I take reasonable physical, technical and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure.
My duty is to keep all client information confidential and secure unless needing access by a VA who is bound to respecting this confidentiality.
I manage risks to your personal information by:
For risk management it is as follows:
Staff, such as a VA, can only access personal information on a need to know basis. Files are stored securely. Regular audits of security systems. Ensuring that only I and key personnel have access to sensitive information.
Releasing information to service providers on a strictly need-to-know basis, and, conducting regular audits of my/our security systems.
Third party storage is as follows:
Mailchimp - https://mailchimp.com/about/security/
Dropbox - https://www.dropbox.com/security
From time to time I may combine information provided by you with information gathered from:
Facebook, Google Analytics, personal contact, Linkedin or website visitor statistics.
If you do not wish this to occur, please contact me.
Access to Information
You can contact me to access, correct or update your personal information at any time. Unless I am subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act, and I believe there is a valid reason for doing so, I will endeavour to make your information available you within 30 days.
Please begin the process by sending an email requesting access to your information to me at lisahodgson01@bigpond.com and I will endeavour to respond within 7 days.
Complaints
If a breach of this Privacy Policy occurs, or if you wish to a request a change to your personal information, you may contact me by sending an email outlining your concerns to me at lisahodgson01@bigpond.com and I will endeavour to respond within 48 hours.
Complaint made directly to myself, dispute may then be taken to external dispute resolution such as mediation. Finally, the complaint may go to OAIC.
If you are not satisfied with my response to your complaint you may seek a review by contacting:
If you are not satisfied with my response to your complaint you may seek a review by contacting the Office of the Australian Information Commissioner using the information available at http://www.oaic.gov.au/privacy/privacy-complaints.
The health ombudsman in your state or territory.
Notification of Change
If I decide to change my Privacy Policy, I will post a copy of the revised policy on my website.
Notification of Breach
If I have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, I will immediately assess the situation and take appropriate remedial action. If I still believe that you are at risk, I will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.
A data breach from lost or stolen phones, computers, USB, or an event of hacking or personal information sent to the wrong person I am aware of my duty to report significant data breaches.