MCRC (we, us, our) respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors in relation to their personal information.
We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (the Act). The rules that an organisation must follow under the Act are known as the Australian Privacy Principles and cover the collection, use, disclosure, quality and security of personal information. Our organisation is also governed by a number of state-specific privacy laws.
Personal information includes ‘sensitive information’, which is a particular type of personal information. Sensitive information includes identifying health information about you (such as details of your health and medical history or the health services you have received).
We will, from time to time, receive and store Personal Information you enter onto our website, provided to us directly or given to us in other forms.
This information may include:
Basic information such as your name, phone number, address and email address;
We may also collect some information that is not Personal Information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website
We collect Personal Information from you in a variety of ways, including when you interact with us electronically, telephonically or in person, when you access or use our website and when we provide our services to you including during the course of consultations or otherwise.
We also collect Personal Information from third parties, including:
You are not obliged to disclose your Personal Information to us. However,if you do not provide us with the Personal Information we request, we may not be able to provide the requested services to you, either to the same standard or at all or your diagnosis and treatment may be inaccurate or incomplete.
We will only collect information that is reasonably necessary for providing our services to you. We collect Personal Information about you so that we can perform our business activities and functions and to provide the best possible quality of service to you.
We collect, hold, use and disclose Personal Information for the following purposes:
We may also use your personal information for purposes which are directly related to these main purposes, in circumstances where you would reasonably expect us to use your information for these purposes.
We may use your personal information to improve our products and services and better understand your needs. We may contact you by a variety of measures including telephone, email, SMS or mail.
We respect the privacy of your personal information and we will take reasonable steps to keep it confidential and protected.
We will not disclose your personal information to any third parties unless you have consented, or we are otherwise permitted or required to do so by law.
In accordance with the law, we will only disclose your personal information without your consent in circumstances such as where we reasonably believe this is necessary to prevent or lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety.
We may disclose your personal information to:
Any of our employees, officers, medical professionals or associated medical specialists who provide medical services to you at our clinics, insurers, professional advisers, agents, suppliers, subcontractors or service providers for the purposes of operation of our business, fulfilling requests by you and to otherwise provide products and services to you;
Information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia. These may include, but are not limited to the USA, UK, India and Israel. We may also combine or share any information that we collect from you with information collected by any of our related bodies corporate.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any Personal Information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
We use an overseas cloud based platform to store our customers information including sensitive health information. This data is owned by us and the cloud platform service provider is not allowed to sell or use this data for any purpose other than in the process of providing the services to us. The platform operator is in charge of maintaining security of this data. By using services offered by us, you consent to storing your data in this format.
We cannot guarantee that the overseas cloud based platform service provider will comply with the Australian Privacy Principles, or laws that offer privacy protections that are substantially similar to the laws of Australia, in relation to your Personal Information. If you consent to us storing your Personal Information using an overseas cloud based platform, you acknowledge that we will not be accountable or liable if your Personal Information is mishandled in any way by the cloud based platform service provider.
We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. By providing your Personal Information to us you consent to receive direct marketing communications. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with all applicable marketing laws, such as the Spam Act 2003 (Cth).
If, in your dealings with us, you indicate a preference for a method of communication, we will endeavour to use that method wherever practical to do so. In addition, at any time you may opt out of receiving marketing communications from us by contacting us or by using opt out facilities provided in the marketing communications and we will then ensure that your name is removed from our direct marketing list.
We are committed to ensuring that the Personal Information you provide to us is secure. We take reasonable steps to protect your Personal Information from misuse and loss and to prevent unauthorised access, modification or disclosure. Personal Information is destroyed or de-identified when no longer needed.
We use an overseas cloud based platform to store our customers information including sensitive health information. This data is owned by us and the cloud platform service provider is not allowed to sell or use this data for any purpose other than in the process of providing the services to us. The platform operator is in charge of maintaining security of this data. By using services offered by us you consent to storing your data in this format.
You may request details of Personal Information that we hold about you in accordance with the provisions of the Act. Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). A small administrative fee may be payable for the provision of this information and, if so, the fees will be as advised from time to time. We will not charge you for simply making a request or for making any corrections to your Personal Information.
There may be instances where we cannot grant you access to the Personal Information we hold. However, we will only refuse to provide you with Personal Information that we hold about you in accordance with our rights and obligations under the Act. In that situation, we will provide you with written reasons for any refusal.
If you would like a copy of the Personal Information which we hold about you, or believe that any Personal Information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please send us a written request at email@example.com. If you are seeking an amendment, please also include the basis on which you are requesting the amendment. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the Personal Information stating that you disagree with it.
If you believe your privacy has been breached, or have any complaints about our privacy practices, please feel free to send in details of your complaints to Suite D, 459 Toorak Rd, Toorak, Victoria, 3142.
We take complaints very seriously and we will respond shortly after receiving written notice of your complaint. Privacy complaints are dealt with at first instance by the relevant service provider. If the issue cannot be resolved at this level, it will be escalated to the relevant manager for review and resolution.
If you are not satisfied with the outcome of our investigation, you may wish to contact the Commonwealth Office of the Australian Information Commissioner (OAIC). See www.oaic.gov.au.
When you access our website we collect certain anonymous technical information such as browser type, operating system, website visited immediately before coming to our site and pages visited. This information is used in an aggregated manner to analyse how people use our site, so that we can make decisions about maintaining and improving our website and online services.
Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from gaining access to all the content and facilities of our website.
Our website may contain links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that we make no representations or warranties in relation to the privacy practices of any third party website and are not responsible for the privacy practises of other such websites. We encourage our users to be aware when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.
We are required to comply with mandatory ‘notifiable data breach’ scheme (the NDB scheme) under the Act. The NDB scheme applies when an ‘eligible data breach’ of personal information occurs.
An ‘eligible data breach’ occurs when:
An organisation may take remedial steps to prevent the likelihood of serious harm occurring for any affected individuals after a data breach has occurred, in which case, the data breach is not an ‘eligible data breach’.
Where we have reasonable grounds to believe that we have experienced an eligible data breach (and remedial action cannot be used), we will promptly notify affected individuals and the Office of the Australian Information Commissioner (Commissioner) about the breach in accordance with the Privacy Act.