Core Practice Pty Ltd (we, our, us) is bound by the Australia Privacy Principles (APPs) in the Privacy Act 1988 (Cth) (Privacy Act). We understand the importance of, and are committed to, protecting your personal information.
How do we collect your personal information?
We will collect and hold your personal information in a fair and lawful manner, and not in an intrusive way. Where it is reasonably practical to do so, we will collect your personal information directly from you. We may also collect personal information through some of the following means:
- when you interact with our Website, including our online community forum;
- through any mobile applications provided by our organisation;
- when you use our online software, including our online booking module;
- when you contact us via support ticket, email, chat or phone;
- from correspondence (whether in writing or electronically);
- when you provide us with information in response to direct marketing or customer satisfaction and market research surveys;
- when you make an inquiry, or submit your details to purchase a subscription, in relation to one of our products or services;
- in the course of administering or providing any of our products or services;
- when you apply for employment with us; and
- as otherwise required to manage our business.
However, in certain cases we may also collect personal information from publicly available sources and third parties, including:
- suppliers, recruitment agencies, contractors and business partners; and
- customers who use our practice management products and services.
What types of personal information do we collect?
The types of personal information we may collect and hold about you will depend on a range of circumstances, including who you are and which of our products and services you are looking to access or use.
Generally, the personal information we collect can include (but is not limited to):
- your name, age, date of birth and gender;
- your email, postal address, phone numbers and other contact information;
- any email addresses and passwords associated with your accounts with us;
- health information about patients of customers who use our practice management products and services, including our online booking module;
- if you are applying for work with us, your employment information; and
- any other information you provide us from time to time.
However, we do not collect credit card information (which is collected, processed, encrypted and stored by a third-party intermediary).
In some cases we may also collect non-identifiable information about your hardware and software. This information can include your IP address, browser type, domain names, access times and referring website addresses.
If you do not provide us with the personal information we request from you, we may not be able to supply the products or services you have requested, or we may be restricted in the way we supply those products or services.
Why do we collect your personal information?
We collect and use personal information about you primarily to supply our products and services. We do not sell, rent or lease your personal information to third parties.
As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. In particular, we collect, hold, use and disclose personal information:
- to offer and provide our products or services, or to request feedback about our products and services;
- to arrange bookings with dental practices using our online booking module;
- to support our customer's use of our products and services, and to manage and administer those products and services;
- to comply with our legal and regulatory obligations;
- to provide you and other prospective clients with information about promotions, marketing initiatives, and our products and services;
- for any purpose disclosed to you and to which you have consented;
- for any purpose that you would otherwise reasonably expect;
- to communicate with you and answer any enquiry you make; and
- otherwise to appropriately manage and conduct our business, including performing administrative functions such as billing and accounts and records management.
We may disclose personal information to our related companies, agents and organisations or to third parties such as our suppliers, joint venture partners, organisations that provide us with technical and support services, or our professional advisors, where permitted by the Privacy Act.
We may also disclose personal information to entities seeking to acquire all or part of our business, or other entities with your consent. If we disclose information to a third party, we generally require that the third party protect that information to the same extent that we do.
Overseas transfers of personal information
If in future we do propose to disclose personal information to overseas recipients, we will do so in compliance with the requirements of the Privacy Act. We will, where practicable, advise you of the countries in which any overseas recipients are likely to be located.
Like most businesses, marketing is important to our continued success. We believe we provide a unique service to customers at a high standard. We therefore like to stay in touch with customers and let them know about new opportunities.
From time to time we may contact you with information about new products, services, developments and promotions either from us, or from third parties which may be of interest to you. In these situations your personally identifiable information is not transferred to the third party. We will not disclose your personal information to third parties for marketing purposes without your consent.
You may opt-out from receiving communications from us that are not account related or legally required through the 'unsubscribe' function at the bottom of each marketing communication.
Our Website, including our online booking module may use 'cookies' as part of their interaction with your internet browser. A 'cookie' is a small text file which is placed on your computer for a pre-defined period of time for later retrieval when you visit the Website, or use our software or its modules. Cookies are frequently used on websites and you can choose if and how a cookie will be accepted by configuring your preferences and options in your browser. Cookies do not alter the operation of your computer or mobile device in any way, however, if you disable cookies the Website, including our online booking module may not function correctly.
- to conduct business planning and product development;
- to compile aggregate data about site traffic and user interaction; and
- to provide an improved experience for new and existing users when they use our website, including our online booking module.
How do we store and protect personal information?
We store the personal information we hold across multiple Microsoft Azure datacentres in Australia, which adopt industry standard, enterprise level security measures, including both technological and physical security barriers. Personal information is transported to these secure facilities through AES-256 encrypted channels.
We also maintain appropriate physical, procedural and technical security for our offices so as to prevent any loss, misuse, interference, unauthorised access, disclosure, or modification of personal information, including when we dispose of personal information. We further protect personal information by restricting access to personal information to only those who need access to the personal information to do their job. Physical, electronic and managerial procedures have been employed to safeguard the security and integrity of your personal information.
We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
You can read more about our security measures on our security page www.corepractice.com.au/security/
Accessing and correcting your personal information
You may request access to personal information we hold about you. On the rare occasions when we refuse access, we will provide you with a written notice stating our reasons for refusing access. We may seek to recover reasonable costs incurred for providing you with access to any of the personal information about you held by us.
You may also request that information about you be corrected if you do not think that it is accurate. However, we are not obliged to correct any of your personal information if we do not agree that it requires correction and we may refuse to do so. If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing.
Requests to access or correct personal information should be made in writing to our Privacy Officer using the details below. We will respond to all requests to access or correct personal information within a reasonable time.
How to make a complaint
The Privacy Officer
Core Practice Pty Ltd
PO BOX Q1013
Queen Victoria Building NSW, 1230
We take all complaints seriously and we will endeavour to respond within a reasonable period. If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner at GPO Box 5218, Sydney NSW 2001, on 1300 363 992 or via email at firstname.lastname@example.org.
Changes to the policy
Last Updated: 1 September 2019.