Who we are
This is the privacy policy for our website at this address: https://kimberleyporteous.com.
Online bookings
SimpleClinic Online is a Software as a Service provider of practice management software for Naturopathic Practitioners and Complementary Health Care Providers in the Australia / New Zealand region. This document provides details on how we store, use, and collect Personal Information and Sensitive Information your practitioner, or you, provide us.
We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The NPPs govern the way in which we collect, use, disclose, store, secure and dispose of the Personal Information you provide us.
A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at http://www.aoic.gov.au
What is Personal Information and why do we collect it?
Personal Information is information or an opinion that identifies an individual. Examples of Personal Information you may provide us while using SimpleClinic include:
- your name, address, email address, phone numbers.
This Personal Information is obtained when you as a patient accesses our public pages and provides personal information to us as part of an online booking, form submission, or invoice payment.
The Personal Information we collect from you is collected as part of us providing our services to your healthcare practitioner, our registered user, and is used purely in the provision of services to your healthcare practitioner. Personal Information you provide us is not used for our own marketing, or advertising purposes.
Personal Information you provide using public elements of our platform, such as online booking, form submission, or invoice payment, may be used for capacity planning purposes. The information used for this purpose is restricted to technical information and includes: the method of connection to the internet, device type, screen dimensions, operating system, and browser details. This information is anonymised and not linked directly to your patient record in SimpleClinic.
Sensitive Information
Sensitive Information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive Information you may provide us with while using the SimpleClinic platform include:
- your health history information.
Your healthcare practitioner may also provide Sensitive Information about you while providing their services to you.
The Sensitive Information provided by you, or your healthcare practitioner, is used only for the provision of our services to your healthcare practitioner.
Third Parties
Personal Information and Sensitive Information stored within SimpleClinic is collected from you as a patient or your healthcare practitioner.
We do not collect Personal Information or Sensitive Information about your patients from third parties.
Disclosure of Personal Information and Sensitive Information
The Personal Information you store within SimpleClinic may be disclosed in a number of circumstances including the following:
- Third parties where your healthcare practitioner has chosen to integration with third party services. These include: payment gateway providers, email service provides, financial and accounting providers (Xero), our upstream communications providers (Mailgun, Twilio, and FoneDynamics), and external calendar providers (Cronofy, Google, Apple, Microsoft).
- Your healthcare practitioner controls which services your Personal Information is disclosed to and which information is disclosed. For more details refer to the privacy policies elsewhere on this page.
- In certain circumstances we may also be required by law to disclose the Personal Information you have provided to us.
Security of Personal Information and Sensitive Information
The Personal Information you provide while using SimpleClinic is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure. We utilise a number of safeguards to protect Personal Information including:
- Username and password access to the SimpleClinic platform.
- Encryption of all Sensitive Information at rest using AES-256 bit encryption.
- Encryption of all Sensitive Information in transit using 256 bit SSL encryption.
- Encryption of all Personal Information in transit using 256 bit SSL encryption.
- Access logging and auditing of requests to access and modify Personal Information and Sensitive Information.
- Firewall and IP traffic monitoring for suspicious or malicious traffic.
When the Personal Information and Sensitive Information you, or your healthcare practitioner, provided us with is no longer needed for our provision of services to our registered user, we will take reasonable steps to destroy or permanently de-identify your Personal Information and Sensitive Information.
Access to your Personal Information and Sensitive Information
To access the Personal Information and Sensitive Information you, or your healthcare practitioner, have provided us with contact your healthcare practitioner.
Disposal of your Personal Information and Sensitive Information
When the Personal Information and Sensitive Information you provided us with is no longer needed for our provision of services to your healthcare practitioner, we will take reasonable steps to destroy or permanently de-identify your Personal Information and Sensitive Information.
After termination of your healthcare practitioners services with SimpleClinic the Personal Information and Sensitive Information you have provided us is removed from our production environment within 90 days. Personal Information and Sensitive Information may still be stored in secured and encrypted backups until a full backup rotation has occurred. This may take up to 12 months after your account termination.
Use of Cookies
SimpleClinic utilises cookies on our public pages. When you consent to cookies we use these to do the following:
- Deliver our core services to you including online booking, forms, invoice payments etc.
- Monitor page performance and network capacity.
We do not utilise cookies for marketing or advertising purposes.
Policy Updates
This Policy may change from time to time and is available by emailing privacy@simpleclinic.net
Privacy Policy Complaints and Enquiries
If you have any queries or complaints about our Privacy Policy please contact us at:
SimpleClinic Online
65 Grand Plaza Drive
Browns Plains QLD 4118
info@simpleclinic.net
(07) 3040 0385
Comments
When visitors leave comments on the site at https://kimberleyporteous.com we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
What rights you have over your data
If you have left comments on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.