Privacy Policy: Introduction

Hi there and welcome! Thank you for taking interest in my Privacy Policy – I’ve spent time trying to make this information as easily digestible as possible, so you can find what you’re looking for and understand the wording, without falling asleep or getting bored on the way.

This document sets out my Privacy Policy. It describes how I collect and manage your personal information when you interact with this site or become my client. I take this responsibility very seriously. If you have any questions or concerns about how your personal information is being handled, please do not hesitate to contact me.

I comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act).

This website, www.balancedwhole.com.au is owned and operated by Karla Rawles T/A Balanced Whole ABN 84356605154. If you have any questions or need further information, please contact:

Karla Rawles
17 Codrington St, Newstead, Victoria 3462
karla@balancedwhole.com.au
0404 516 008

Personal information

If you engage with me via this website, or choose to become my client, I may ask to collect the following kinds of personal information from you, including:

CONTACT DETAILS

  • name, email address, mobile or phone number; e.g. when you opt into my email newsletter or when you make an appointment via my website

INTERESTS & PREFERENCES

  • your opinion about future topics, products or services that may interest you

INTERACTION

  • information that allows me to tailor my content to your needs when you sign up for one of my workshops or promotional events

INTERNET

  • with your consent, I may collect your IP address, and information about your browsing history to help me improve the usability and appeal of my website

Collection and use

I may collect your personal information by various means including:

  • when you send me a question or enquiry via email
  • when you book an appointment with me
  • if you sign up for my newsletter
  • through sign up or in person at seminars / webinars / events

I use this information to:

  • respond to your enquiries
  • provide (specific) services to you at your request
  • help other people understand my services better
  • provide you with more relevant information and news about my services
  • provide news about developments in my area of work
  • improve this website

I will only collect your personal information:

  • with your full awareness and consent, such as when you email me, tick a checkbox or fill in a form to provide me with information
  • if I need it to provide you with information or services that you request
  • if I am legally required to collect it
  • for necessary administrative processes if you become my client
  • if I believe that I can demonstrate a legitimate interest in using your data for marketing purposes, although I will always give you a choice to opt out

Sensitive information

I understand that some personal information is particularly sensitive.

I will only collect sensitive information by methods that are reasonably secure, such as:

  • through my intake form (completed online during the booking process or sent via email ahead of your first consult)
  • via email, for example if you send me test results, or other information relevant to your health history
  • during a telephone, face to face or online consultation

The sensitive information I ask you to provide may include:

  • your birth date, information about your medical history, family history, allergies and intolerances, current medications, supplements and diagnosed health conditions, so I can provide you with a safe and effective naturopathic service.
  • information about the food and fluids you consume, as well as dietary and lifestyle preferences or habits, in order to understand factors influencing your health, and enable realistic and appropriate dietary and lifestyle recommendations as part of your treatment plan.
  • information about your physical wellbeing, such as blood pressure, pulse rate, temperature, weight, height, nail, tongue or iris data, to further inform my naturopathic understanding of your case, your treatment plan and ensure safety.
  • we may discuss your emotional wellbeing at the consultation, in which case I may record some of the emotions you’re experiencing, to help track your progress and identify most appropriate treatment options, including any referrals.

I am committed to securely storing and handling your sensitive information.

HOW IT IS STORED

  • Your personal and sensitive data is stored electronically, in an offline encrypted file on my password-protected laptop, desktop computer and external hard drive backups. As the files are encrypted, they are only accessible by input of an encryption key, which protects your data if any of my devices are stolen.
  • The information you give in your intake form is stored in my booking system (Acuity) if you completed this form online prior to your initial consult. This is Acuity’s privacy policy.

WHO HAS ACCESS TO IT

  • Only I have access to sensitive material.

CLOUD STORAGE

  • Information you share via email or text message with me may be stored on my mobile phone, which has a security code. With your consent during the consultation, I may take photographs of your supplements, medications or test results for research purposes, or of you, in order to track treatment progress. These images are temporarily stored on my mobile phone, but will be moved to your encrypted file within 24 hours of the consult and then deleted from the phone. Photos taken on my iPhone are not uploaded to iCloud.
  • I use a service called Mailchimp to send electronic newsletters to you via email. If you subscribe to this list, your name and email address are stored on Mailchimp servers to enable me to communicate with you in this way. You can opt out at any time by clicking the ‘unsubscribe’ button at the bottom of emails. Please refer to Mailchimp’s privacy policy for further information https://mailchimp.com/legal/
  • I use a service called Acuity for booking naturopathic appointments. This system stores your name, email address, phone number and other details you provide as part of the intake form if you book online. Please refer to Acuity’s privacy policy for further information https://acuityscheduling.com/privacy.php
  • If required, I may use Vital.ly, Natural Chemist and/or Integria to supply your herbal and nutritional supplements. These companies store your name, email address and other details you provide to them (such as your postal address and phone number), together with details of the product(s) I’ve prescribed for you. For safety reasons, I may supply these companies with details of your known allergies or diagnosed medical conditions. Please refer to their privacy policies for more information

COLLECTION FROM MINORS

Sensitive information may be collected from children under the age of 18 under the following circumstances:

  • when they become my client, with the full consent and presence of their parent or guardian.
  • when they subscribe to my newsletter, in which case their name and email address are stored via Mailchimp as described above. Please refer to Mailchimp’s privacy policy for further information https://mailchimp.com/legal/

DESTRUCTION POLICY

I store your encrypted electronic client files for 7 years after your last consultation. After this time, I delete all electronic records from all devices.

Professional considerations

I am subject to the following regulations regarding the collection of personal information:

You may choose not to provide me with your personal information. However,

  • if you do not provide me with accurate information about your health, I may not be able to offer you the most appropriate treatment for your condition and therefore you may not see the results you desire.
  • you must provide me with full and accurate information about your diagnosed medical conditions, medications or supplements, known allergies and intolerances, so I can ensure safety of treatment and check for pharmacological interactions with any herbs or nutrients I prescribe.

Use of personal information

DISCLOSURE

  • With your consent, I will share your information with other health care professionals, if we both agree another practitioner could help you further. In such cases, you are in control of what information I share with which health professionals. Other health professionals could include a GP, counsellor, psychologist, chiropractor, osteopath, or another naturopath. A de-identified summary of your case may be verbally shared with another naturopath for mentoring purposes, which would assist your treatment further.
  • As mentioned, I use a service called Mailchimp to send electronic newsletters to you via email. If you subscribe to this list, your name and email address are stored on Mailchimp servers to enable me to communicate with you in this way. Please refer to Mailchimp’s privacy policy for further information https://mailchimp.com/legal/
  • I also use a service called Acuity for booking naturopathic appointments. This system stores your name, email address, phone number and other details you provide as part of the intake form if you book online. Please refer to Acuity’s privacy policy for further information https://acuityscheduling.com/privacy.php
  • If I prescribe you products which are not in my dispensary, I will pass on your contact details (name, email address, phone number) to companies such as Vital.ly, Natural Chemist or Integria in order for them to fulfil the script. Please refer to their privacy policies for more information

LEGAL DISCLOSURE

  • I also will disclose your information if required by law to do so or in circumstances permitted by the Privacy Act – for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.

If you have any concerns regarding the disclosure of your personal information, please do not hesitate to get in touch with me to discuss this personally.

DISCLOSURE OVERSEAS

I will use all reasonable means to protect the confidentiality of your personal information while in my possession or control. I will not knowingly share any of your personal information with any third party other than the service providers who assist me in providing the information and/or services I am providing to you. To the extent that I do share your personal information with a service provider, I would only do so if that party has agreed to comply with my privacy standards as described in this privacy policy. However, some of my service providers may be overseas and may not be subject to Australian Privacy Laws or compliant with GDPR. Please contact me if you have any concerns about the potential disclosure of your information.

Security

POLICY STATEMENT

Security and risk management are very important to me and I take reasonable physical, technical and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure.

You have placed trust in me as your naturopath, so I return this by storing your data in the most respectful way I know how. I sought independent advice from a computer scientist about how to store your data electronically so that it is secure and protected. I am committed to reviewing my technology procedures on a regular basis to check for any areas to improve as technology progresses.

RISK MANAGEMENT

I manage risks to your personal information by:

  • storing files securely
  • ensuring that only I have access to sensitive information
  • releasing information to service providers on a strictly need-to-know basis, and
  • conducting regular audits of my security systems

As mentioned above, your personal information may also be stored with a third-party provider, where it will be managed under their security policy:

Access to information

You can contact me to access, correct or update your personal information at any time. Unless I am subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act, and I believe there is a valid reason for doing so, I will endeavour to make your information available to you within 30 days.

Please begin this process by sending an email requesting access to your information to karla@balancedwhole.com.au and I will reply within 5 business days.

Complaints

If a breach of this Privacy Policy occurs, or if you wish to a request a change to your personal information, you may contact me by sending an email to karla@balancedwhole.com.au outlining your concerns and I will endeavour to respond within 48  hours.

If you are not satisfied with my response to your complaint, you may seek a review by contacting:

Notification of change

If I decide to change my Privacy Policy, I will post a copy of the revised policy on my website www.balancedwhole.com.au   

Notification of breach

If I have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, I will immediately assess the situation and take appropriate remedial action. If I still believe that you are at risk, I will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.