What do we do?
We collect, store and handle a range of personal information for the purposes of providing practice management services to dental businesses. This consists of:
- storing patient data such as personal information, contact details, photographs, health insurance details, and other necessary information required by the practice;
- providing online booking capabilities;
- managing employee records;
- directly marketing to clients or prospective clients; or
- sales enquiries and transactions.
Each practice must follow the law in regards to your personal data, however we cannot guarantee and are not responsible over the practices’ use of your information. Please read their specific privacy policies.
What information do we collect?
We collect a variety of personal information from you. The type of information which we collect depends on our transactions with you. We can collect any or all of the following:
- names, addresses, telephone numbers and other contact information;
- personal email addresses;
- credit card details*;
- your Core Practice accounts email address and password; or
- other personal information required to use our service.
We do not collect information which can be described as sensitive in nature.
*We have an interface on our website where our third-party intermediary collects your credit card details in order to process periodic Subscription payments from you on our behalf. We do not store your credit card details on our servers at any time.
How do we collect your information?
We collect this personal information on a number of different occasions and in a number of different ways. We generally collect personal information directly from you, as well as non-personally identifiable data from your device when you:
- visit our website;
- use our online software;
- use our online booking module;
- post to the Core Practice Community forum;
- contact the Core Practice support team via ticket, email, chat or call;
- submit your details to be contacted for an enquiry; or
- submit your details to purchase a subscription for our Services.
How do we store and protect your personal data?
Your personal data is stored on multiple disks in multiple servers across multiple Microsoft Azure datacentres in Australia, adopting industry standard, enterprise level security measures. These include both technological and physical security barriers. Data is transported to these secure facilities through AES-256 encrypted channels. We also regularly perform audits and continuously monitor our servers to ensure a high level of online security is maintained at all times. You can read more about this on our Security page.
We do not at any time store, retain or handle your credit card information. We only collect this information on our site and have it collected by a third-party intermediary. We use this third-party intermediary to handle and store an encryption of your credit card details. This intermediary is not permitted to store, retain or use your billing information except to process your credit card information for payments on our behalf.
The internet is not an entirely safe environment in general. We cannot give a guarantee that your personal data will be protected at all times. We take measures to ensure that our data is protected as much as possible, but transmitting personal information over the internet is always risky. You do so at your own risk and you should only provide personal data to our service within a secure environment. If you do not wish to expose your data to such a risk, you should not use our services or provide your personal data to us.
At the time of publishing, we only use datacentres located in Australia. This means that if you are a non-Australian client, your data will be transported to and stored in Australia.
Why do we collect your personal data?
Your personal data is collected for the purpose disclosed at the time of collection. We will not be using your personal data for any purpose without seeking your consent, unless required by law. We use your personal data to:
- provide the products or services you have requested;
- provide access to our secured services;
- support your use of our products and services; or
- answer any enquiry you make.
Why do we collect your non-personally identifiable data?
- collating the information for statistical, diagnostic and maintenance purposes;
- to provide a better user experience;
- to help us understand your preferences based on previous or current site activity;
- to help us compile aggregate data about site traffic and user interaction; and
- to provide an improved experience when you revisit our website, software or modules.
Who do we disclose your personal details to?
When someone makes a booking using our online booking module, we send their personal details to the practice with which they have made the booking. The practice receives information which is relevant to this booking. Each practice must follow the law in regards to this personal data, however we cannot guarantee and are not responsible over the practices’ use of this information.
We do not disclose personal details to overseas entities unless requested by the user or required by law.
We will use your personal information to send direct marketing to you from us. It will be relating to our products and services as well as new developments which we believe may be of interest to you. You are free to opt-out of this direct marketing through the “unsubscribe” function at the bottom of each marketing communication.
How can you access your personal data?
We take reasonable measures to ensure that the personal data which we collect, use or disclose is up-to-date and accurate. If your personal details change, please contact our Privacy Officer using the address or email stated below. You also have the right to retrieve your personal information. There may be a charge for retrieving your personal information, however we will inform you of said fee and obtain agreement of it before providing the data.
How to make a complaint
The Privacy Officer
Core Practice Pty Ltd
GPO Box 3450
Sydney NSW, 2001
Or by visiting our contact page: https://www.corepractice.com.au/contact/
Complaints will be endeavoured to be responded to within 10 business days. They will be investigated and attempted to be resolved within 30 business days or as long as necessary and communicated to you by our Privacy Officer.
Changes to the policy
Last updated: January 2017