The Privacy Act is designed to protect information about and to enforce certain standards in the processing of personal information. At Abernethy Owens we comply with the Australian Privacy
Principles and the Privacy Act, 1988 in relation to the personal data we hold. Broadly the principles state that personal data shall be:
Obtained and processed fairly and lawfully
Held only for the lawful purposes described
Used only for those purposes and disclosed to those people involved
Relevant and not excessive in relation to the purpose for which they are held
Accurate and where necessary kept up to date
Held no longer than is necessary for their purpose
Properly protected
These principles allow individuals to have access to data held about them and where appropriate, to have the data corrected or deleted.
At Abernethy Owens we take our obligations seriously and will ensure that any personal data held about you is properly handled and protected in line with the Privacy Act and Australian Privacy Principles. More information on how your data is collected, handled, stored, and processed can be found in this Privacy Policy under the relevant headings below.
In this Privacy Policy, “Abernethy Owens”, “we”, “our” and “us” refers to FREMANTLE OPTICAL PTY LTD (ABN: 75 008 848 164) and all associated entities. We reserve the right to change this Privacy Policy from time to time and will ensure the latest version is available on our website.
Use of our website and the purchase of any products and services will be governed by Australian law.
By providing Abernethy Owens with your personal information you consent to us using your personal information for the purposes intended as outlined in this privacy policy. Providing your personal information to Abernethy Owens will constitute an acceptance of this Privacy Policy.
We recommend you read the Privacy Policy in full and if you are unsure about anything in this policy you should seek further information from us before submitting your personal information to us.
Consent may be withdrawn at any time and you will have the right to have your personal information removed from our records. See the section ‘Removing your personal information’ below.
Most information collected about you will be collected directly from you in various ways. These will include the following:
• When you visit an Abernethy Owens practice to attend an eye test, purchase products, or engage with us for any other in-store services.
• When you use our website to book an appointment, sign into your account, or order products from us online.
• When you engage with us through our Social Media channels (i.e. Facebook).
• When you contact us by phone or email.
• When you contact us with an enquiry or complaint in relation to our products and services or complete a patient feedback survey.
• When you enter a competition or register for promotions.
• When you apply for a job with us.
There may be other instances where you directly supply personal information to us which will be collected and held in line with this policy.
In addition to the above, there may be instances where we collect your personal information via third parties including the following:
• From health funds or Medicare.
• From government agencies.
• From credit reporting agencies.
• From law enforcement agencies.
• From employment / recruitment agencies.
• From third party optometry practices which have been bought out or taken over by Abernethy Owens.
• From other optometrists and health practitioners with your consent.
When you use our website or engage with any online advertising, additional data may be collected through the use of ‘Cookies’.
Cookies are a small piece of data that is sent from a website and stored on a user’s computer by the user’s web browser. These cookies will collect general browsing data while you interact with our website or other online advertising that allow us to personalise our service to you and track data such as product information when you order products online, or general location information.
Most web browsers automatically accept cookies, however if you do not wish to receive cookies you can set your browser so that your computer does not accept them.
Personal information collected and held by Abernethy Owens may include the following:
• Your full name.
• Mailing or street address.
• Telephone and fax number/s.
• Email address.
• Your date of birth.
• Your Health Fund details.
• Your Medicare, Pension or Concession details.
• Prescription details and medical history.
• Health and lifestyle information which you may have provided to us.
• Details of products and services which you have purchased from us.
• Details of any feedback you may have provided to us through a customer feedback survey or through a complaints process.
• Your employment or job application details.
• Any other information collected through our website in order to provide you with suitable products and services.
• Credit card / payment details, where you have ordered products online or in-store and provided us with such details.
We recognise that some information provided to us is sensitive in nature, such as health and medical information. Sensitive information will be used and disclosed only for the purpose for which it was provided, or where certain other limited circumstances apply (for example, where required by law).
For employees of Abernethy Owens, or where you have applied for a job with us either directly or through an employment agency, we may also collect information in relation to your employment history, reference checks, citizenship status, criminal history, and payroll information.
Your personal information may be collected for the following purposes:
• To provide you with appropriate eye care and relevant products and services.
• To process health fund rebates.
• To provide you with appointment reminders.
• To provide you with product updates or information about new products.
• To communicate with you regarding important information such as changes to your local practice or changes in opening and closing times.
• To improve our website and customer service provided to you.
• To process payments for products that have been purchased online or in store.
• To respond to any enquiries or complaints you may have lodged.
• To undertake direct marketing such as special offers or promotions.
• To consider you for employment where you have applied for a job with us.
• For general administrative and business purposes as appropriate.
• For legal or regulatory purposes.
If you do not disclose your personal information to us, we may not be able to provide you with requested products or services, send you appointment reminders, or process any health fund rebates.
This will affect the level of customer service we are able to offer you.
Where you wish to remain anonymous, we will only be able to accommodate this request where it is practical to do so. Due to the nature of our business, we will not be able to provide specific products or services to you or any health fund rebates where you have opted to remain anonymous. We will also be unable to accommodate your request where required by law or a court.
From time to time your personal information may be used in relation to direct marketing activities.
These activities are carried out to offer you discounts or to promote relevant products to you, and may be delivered in various forms including mail, SMS or email.
You will be able to opt out of direct marketing communications at any time by submitting a request using the contact details at the end of this policy, or by following the instructions or links provided in any direct marketing material. Please note that by opting out of receiving marketing communications, you may still receive general communications from us (such as invoices and notices) in relation to the products and services you have purchased from us.
Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.
Personal information you provide to us may be disclosed to the following parties:
• Our employees and Directors of Abernethy Owens.
• Our suppliers and manufacturers for the purpose of providing products and services to you.
• Mailing houses or couriers for the purpose of posting products or direct marketing to you.
• Payment processors and debt collectors (where required).
• To another company or business where our practice or practices are acquired by, sold to or otherwise transferred to that company or business.
• To government and regulatory bodies and law enforcement agencies where required by law.
• To other health practitioners and medical practitioners for the purpose of providing additional medical care or information on a particular condition (with your consent).
• To anyone authorised by you to whom the personal information relates to.
• To referees where details have been provided to us in relation to employment.
• Any other organisation for any authorised purpose with your express consent, including your insurers and your solicitors.
Your personal information may be shared with entities located overseas such as third-party suppliers and manufacturers for the purpose of processing spectacle and contact lens orders. These entities may be located in the following countries – New Zealand, the USA, Japan, Germany, France, and Thailand. Your personal information may also be disclosed to other entities outside of Australia where you have provided consent or requested us to do so.
Abernethy Owens encourages all of our customers and patients to ensure their information is accurate and up to date. Storing accurate and current personal information will ensure that we can provide the best possible service to you and ensure you receive relevant and appropriate products. Personal information can be updated in the practice, online, or by contacting your usual practice via telephone or email.
You also have the right to access information stored about you. Exceptions may apply, such as where the confidentiality of others may be breached, or as required by law.
In order to access or update your data we will need to identify you to meet our security protocols. As such you may be required to provide certain information to us, (which may include identification documents), before we can release any requested information. Where we are not satisfied as to your identity, we reserve the right to refuse access to any information until such time as we have verification of your identity.
We will take reasonable steps to ensure that your personal information is up to date whenever we collect it or use it, however if you find that current personal information we hold about you is inaccurate, incomplete or out of date, please contact us immediately and we will take reasonable steps to correct it.
You have the right to have your personal information removed. Exceptions may apply such as where we have a statutory obligation imposed by law to retain certain personal information for a period of time.
In order to remove your data, we will need to first identify you to meet our security protocols. As such you may be required to provide certain information to us, (which may include identification documents), before we can authorise removal of your information. Where we are not satisfied as to your identity, we reserve the right to refuse removal until such time as we have verification of your identity.
You may request to have your personal information removed by visiting us in person at your usual store, or by contacting us on the details provided below in the ‘Contact Us’ section. We will endeavour to carry out your request for removal as soon as possible.
Your personal information may be stored both in hard copy form and electronically.
We take all reasonable steps to ensure we protect any personal information that we hold from misuse, loss, unauthorised access, modification and disclosure.
Physical security measures over hard copy data includes locked filing cabinets, secure premises and storage, and by limiting access to your records to authorised personnel in line with this privacy policy.
Electronic security measures include the use of firewalls, password protection, and secure servers to minimise the risk of breaches.
Although we take reasonable steps to maintain the security of our internet connections, for reasons outside of our control, information transmitted to us over the internet may not be absolutely secure.
We assume no responsibility for disclosure of data due to errors in transmission.
We also have procedures in place to ensure that any document or record containing your personal, health, or credit card information is disposed of in a manner that preserves your privacy.
Our security and data protection processes are regularly reviewed to ensure we are providing the highest level of security to our patients, suppliers and staff.
If you believe that your privacy or data has been breached, or you have general information about a possible data breach, please contact us using the contact information below and provide full details of the incident so that we can investigate it. Any general complaints in relation to this privacy policy can also be lodged in this way.
While you may contact Abernethy Owens in person or over the phone, we request that formal complaints about breaches of privacy be made in writing. We will investigate your complaint and will advise you of the outcome of our investigations in writing.
If a system wide data breach occurs as a result of third party access, or we have reason to believe that your personal data has been breached, we will first take action to contain the data breach to prevent any further compromise of personal information and assess the level of harm caused by the breach.
If it is determined that the breach may cause harm to individuals, or sensitive information has been accessed, we will report the breach to the relevant supervisory authority (The Office of the Australian
Information Commissioner as at July 2019) within 72 hours of verifying that a breach has occurred, and will also report this to the individuals who may be affected without undue delay. The timeframe for notification to individuals will be affected by the nature of the breach and the number of individuals affected.
If such circumstances occur, we will undertake a review of how the data breach occurred, recording details of the occurrence in a data breach log, and will consider and implement appropriate actions to prevent any future breaches.
CONTACT US
To report data breaches, lodge a complaint, or submit a general enquiry about this Privacy Policy, please contact us on the following details:
Contact Name: Mark Smith
Phone: (08) 9335 5866
Email: partners@abernethyowens.com.au
DISCLAIMER
Whilst we will use our all reasonable endeavours to safeguard your personal information and data, we cannot guarantee that your personal information will be protected against unauthorised access, misuse or disclosure. We do not accept any liability for the improper actions of unauthorised third parties and will not be liable for any resulting misuse of the personal information.