- Robert Grech (T/A “Osteopathy Malta”) is committed to protecting your privacy and personal information.
- This policy sets out:what is considered personal information;
- – What personal information we collect and hold;
- – How we collect, hold, use or disclose personal information;
- – The purposes for which we collect personal information;
- – What happens if we are not able to collect personal information;
- – How to seek access to and correct your personal information;
- – Whether we disclose personal information outside Malta; and
- – How to contact us.
- We may, from time to time, review and update this policy, including taking account of new or amended laws, new technology and/or changes to our operations. All personal information held by us will be governed by the most recently updated policy and we will give you notice of our revised policy by posting to our Website.
WHAT IS PERSONAL INFORMATION
- When used in this policy, the term “personal information” has the meaning given to it in the Privacy Act 1988 (Cth) (the Act). In general terms, it is any information that can be used to personally identify you. This may include (but is not limited to) your name, age, gender, postcode and contact details (including phone numbers and email addresses) and possibly financial information, including your credit card or direct debit account information. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.
WHAT PERSONAL INFORMATION DO WE COLLECT AND HOLD
- We may collect the following types of personal information:
- – Name;
- – Mailing or street address;
- – Email address;
- – Telephone number;
- – Age or birth date;
- – Details of which of the services provided by practitioners at Osteopathy Malta clinic you require or have enquired about, including which practitioner you have requested, together with any additional information necessary for the treating practitioner to deliver those services and to respond to your enquiries;
- – Any additional information relating to you that you provide to us or your treating practitioner directly through our website, by phone or in person, or information you have provided indirectly through use of our website or online presence through our representatives or otherwise;
- We may also collect anonymous data (which is not personal information) relating to your activity on our website (including IP addresses) via cookies. We generally use this information to report statistics, analyse trends, allow the practitioner to administer services, diagnose problems and target and improve the quality of the services the practitioners at Osteopathy Malta provide. To the extent this information does not constitute personal information because it does not identify you or anyone else, the Maltese Privacy Principles do not apply and we may use this information for any purpose and by any means whatsoever.
HOW WE COLLECT PERSONAL INFORMATION
9. We collect your personal information directly from you unless it is unreasonable or impractical to do so. We do this in ways including:
- – Via your access and use of our website;
- – Via someone else who has provided us with your information;
- – During conversations between you and us via phone; and
- – When you make an online booking via Cliniko (Red Guava Pty Ltd ACN 147 311 466) (Cliniko).
- In order for Osteopathy Malta and your treating practitioner to deliver the services you request, we at times may allow access to personal information to third parties including but not limited to:
- Mail Chimp and Cliniqapps
- We may collect and disclose personal information to third parties for the purposes described in this policy. These purposes include but are not limited to:
- – Efficient communications between you and Osteopathy Malta or you and your treating practitioner (for example, automated SMS reminders 3 months after previous appointments).
- – Secure storage of your files to allow the practitioners at Osteopathy Malta to deliver services to you.
- – Management of your history to allow the practitioners at Osteopathy Malta to deliver services to you efficiently.
WHY DO WE COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION
The primary purpose for which we collect information about you is to enable your treating practitioner to provide you with the services you request and to operate our business efficiently. We collect, hold, use and disclose your personal information for the following purposes:
- – To provide your personal information to your treating practitioner to enable them to deliver services to you;
- – To communicate with you, including but not limited to, by email, mail, SMS or telephone for the details of appointments and/or billing purposes;
- – To provide appointment booking services to you for practitioners at Osteopathy Malta’s clinics;
- – To manage and enhance our services online;
- – To allow third party organisations to contact you to assist in the delivery of related services;
- – To personalise and customise your experience; to provide you with access to protected areas of our websites specifically required to book appointments;
- – To verify your identity;
- – To provide as part of business data to third parties if you have authorised us to do so;
- – To provide you with information about other services available;
- – To conduct business processing functions for operation of our websites or our business;
- – For our administrative, service development, quality control and research purposes, or those of our contractors, licensees or external service providers;
- – To provide your updated personal information to us or external service providers;
- – To investigate any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or – – – That you are or have been otherwise engaged in any unlawful activity; and/or
- as required or permitted by any law (including the Act).
WHAT HAPPENS IF WE CAN’T COLLECT YOUR PERSONAL INFORMATION
If you do not provide us with the personal information described in this policy, some or all of the following may happen:
- – Your treating practitioner may not be able to provide you with the services you requested, either to the same standard, or at all;
- – Osteopathy Malta and/or the practitioners at Osteopathy Malta’s clinics may not be able to provide you with information about services that you may want or require; or we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.
HOW DO WE DISCLOSE YOUR PERSONAL INFORMATION
- We may disclose your personal information to:
- – Our employees, contractors, licensees or external service providers for the operation of our website or our business, fulfilling requests by you, including without limitation IT systems administrators or payment processors;
- – Your treating practitioner in order to enable them to deliver the services that you have requested;
- – Specific third parties authorised by you to receive information held by us;
- – The police, any relevant authority or enforcement body, or your Internet Service Provider or network administrator, for example, if we have reason to suspect that you have committed a breach of any of our terms and conditions, or have otherwise been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary;
- – As required or permitted by any law (including the Privacy Act).
THIRD PARTY LINKS AND WEBSITES
DIRECT MARKETING MATERIALS
- We may send you direct marketing communications and information about services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS or email, in accordance with applicable marketing laws, such as the Spam Act 2004 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so.
- In addition, at any time, you may opt-out of receiving marketing communications from us by contacting us (details below) or by using the opt-out facilities provided (e.g. an unsubscribe link). We will then ensure that your name is removed from our mailing list. We do not provide your personal information to other organisations for the purposes of direct marketing unless expressly authorised by you.
- Even if you do opt out of receiving marketing communications from us, you agree that we may still send you information relevant to the supply of any services arranged by us.
- If you receive communications from us that you believe have been sent to you other than in accordance with this policy, or in breach of any law, please contact us using the details provided below.
ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
- You may request access to any personal information we hold about you at any time by contacting us at firstname.lastname@example.org
- Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge for simply making a request and will not charge for making any corrections to your personal information. If you make an access request, we will ask you to verify your identity. There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
- If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.
- We request that you keep your information as current as possible so that we may continue to improve our service to you.
HOW YOU CAN COMPLAIN ABOUT A BREACH OF PRIVACY
- We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
- If you are not satisfied with the outcome of our investigation, then you may request that an independent person (usually the Commonwealth Privacy Officer) investigate your complaint.
DISCLOSURE OF PERSONAL INFORMATION OUTSIDE the EU
- Unless required by law, any information that we may use or disclose in accordance with this policy will be stored in Malta, EU and will not be sent overseas.
- If we need to disclose personal information to other overseas persons or entities, we will take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
- We will take all reasonable steps to protect the personal information that we hold from misuse, loss, or unauthorised access, including by means of firewalls, password access, secure servers and encryption of credit card transactions.
- If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.
- Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.
- Should you wish to read more information on privacy legislation or the National Privacy Principles we recommend that you visit the Office of the Information and Data Protection Commissioner on https://idpc.org.mt/en/Pages/Home.aspx
c/o Robert Grech
1, Triq Giorgio Mitrovich, Ta’ Xbiex, Malta XBX 1423
Last updated 1stMay 2018