The Australian Privacy Principles
We will treat all personal information in accordance with any and all obligations that are binding upon us under the Privacy Act 1988 (Cth) (“Privacy Act”). The Privacy Act lays down 13 key principles in relation to the collection and treatment of personal information, which are called the “Australian Privacy Principles”.
What is "personal information"?
Personal information held by the Company may include your:
- name and date of birth;
- residential and business postal addresses, telephone/mobile/fax numbers and email addresses;
- video conferencing software usernames and/or handles;
- appointment details;
- bank account and/or credit card details for agreed billing purposes;
- your computer and connection information;
- usernames and passwords to various accounts which you provide to us (required for us to deliver dental advertising services); and
- any information that you otherwise share with us.
How we may collect your personal information
We only collect personal information that is necessary for us to conduct our business as a dental services marketing company, which includes (without limitation) enabling users to:
- consider information about the Dental Boss service;
- enquire about engaging the services of Dental Boss; and
- arrange for video conference or telephone meetings with Dental Boss staff via a third-party calendar application.
Information that you provide to us
We may collect personal information that you provide to us about yourself when you:
- use the Website, including (without limitation) when you:
- -- book for an appointment through the website;
- -- use any services through the Website; or
- -- complete an online contact form to contact us;
- provide information to us by telephone or through marketing or competition application forms;
- engage with our advertising system or utilise our marketing services;
- use any social media platforms which we or our clients use to market services; or
- send us an email or other communication.
The Website may also collect Internet Protocol (IP) addresses. IP addresses are assigned to computers on the internet to uniquely identify them within the global network. The Company collects and manages IP addresses as part of the basic functions of the website and for security purposes. The Company may also collect and use web log, computer and connection information for security purposes and to help prevent and detect any misuse of, or fraudulent activities involving, the Website.
The Website may use “cookies” to help personalise your online experience. A cookie is a text file or a packet of information that is placed on your hard disk by a web page server to identify and interact more effectively with your computer. There are two types of cookies that may be used on the Website: a persistent cookie and a session cookie. A persistent cookie is entered by your web browser into the “Cookies” folder on your computer and remains in that folder after you close your browser, and may be used by your browser on subsequent visits to the Website. A session cookie is held temporarily in your computer’s memory and disappears after you close your browser or shut down your computer. Cookies cannot be used to run programs. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. In some cases, cookies may collect and store personal information about you. The Company extends the same privacy protection to your personal information, whether gathered via cookies or from other sources.
You can configure your internet browser to accept all cookies, reject all cookies or notify you when a cookie is sent. Please refer to your internet browser’s instructions to learn more about these functions. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Website.
- remember your preferences for using the Website;
- show relevant notifications to you (eg, notifications that are relevant only to users who have, or have not, subscribed to newsletters or email or other subscription services);
- facilitate e-commerce transactions (if applicable), to ensure that an order is remembered between pages during the checkout process; and
- remember details of data that you choose to submit to us (eg, through online contact forms).
Many of these cookies are removed or cleared when you log out but some may remain so that your preferences are remembered for future sessions.
In some cases, third parties may place cookies throughout the Website. For example:
How we may use your personal information
Your personal information may be used in order to:
and for any other purpose reasonably considered necessary or desirable by the Company in relation to the operation of our business.
From time to time we may email our customers/clients with news, information and offers relating to our own products/services or those of selected partners. Your personal information may also be collected so that the Company can promote and market products and services to you. This is to keep you informed of products, services, and special offers we believe you will find valuable and may continue after you cease acquiring products and services from us. If you would prefer not to receive promotional or other material from us, please let us know and we will respect your request. You can unsubscribe from such communications at any time if you choose.
When we may disclose your personal information
In order to deliver the services you require or for the purposes set out above, the Company may disclose your personal information to organisations outside the Company. Your personal information is disclosed to these organisations only in relation to the Website or the marketing services of the Company, and the Company takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information. These organisations may carry out or provide:
In addition, we may disclose your personal information to:
- clients of our marketing services;
- your authorised representatives or legal advisers (when requested by you to do so);
- credit-reporting and fraud-checking agencies;
- credit providers (for credit-related purposes such as creditworthiness, credit rating, credit provision and financing);
- our professional advisers, including our accountants, auditors and lawyers;
- government and regulatory authorities and other organisations, as required or authorised by law;
- organisations who manage our business strategies, including those involved in a transfer/sale of all or part of our assets or business (including accounts and trade receivables) and those involved in managing our business risk and funding functions; and
- where any communication we receive from you suggests possible illegal activity or harm to others, the police or other appropriate persons.
Contacting us about privacy
If you would like more information about the way we manage personal information that we hold about you, or are concerned that we may have breached your privacy, please contact us by email to will@DentalBoss.com or by mail.
Access to your personal information
In most cases, you may have access to personal information that we hold about you. We will handle requests for access to your personal information in accordance with the Australian Privacy Principles. All requests for access to your personal information must be directed to the Privacy Officer by email using the email address provided above or by writing to us at our postal address. We will deal with all requests for access to personal information as quickly as possible. Requests for a large amount of information, or information that is not currently in use, may require further time before a response can be given. We may charge you a fee for access if a cost is incurred by us in order to retrieve your information, but in no case will we charge you a fee for your application for access.
In some cases, we may refuse to give you access to personal information that we hold about you. This may include circumstances where giving you access would:
- be unlawful (eg, where a record that contains personal information about you is subject to a claim for legal professional privilege by one of our contractual counterparties);
- have an unreasonable impact on another person’s privacy;
- be in breach of our obligations under a Technical Assistance Notice (TAN) or Technical Capability Notice (TCN) from an Australian Government agency; or
- prejudice an investigation of unlawful activity.
We may also refuse access where the personal information relates to existing or anticipated legal proceedings, and the information would not be accessible by the process of discovery in those proceedings.
If we refuse to give you access, we will provide you with reasons for our refusal. In the case of a request which contains data captured by an active TAN or TCN, we may be unable to provide you with any reasons for refusal other than that we are unable to meet your request.
Correcting your personal information
We will amend any personal information about you that is held by us and that is inaccurate, incomplete or out of date if you request us to do so. If we disagree with your view about the accuracy, completeness or currency of a record of your personal information that is held by us, and you ask us to associate with that record a statement that you have a contrary view, we will take reasonable steps to do so.
Storage and security of your personal information
You can set preferences for how Google advertises to you using the Google Ads Settings page (https://www.google.com/settings/ads). Facebook has enabled an AdChoices link that enables you to opt out of targeted advertising.
The Company welcomes the General Data Protection Regulation (“GDPR”) of the European Union (“EU”) as an important step forward in streamlining data protection globally. We intend to comply with the data handling regime laid out in the GDPR in respect of any personal information of data subjects in the EU that we may obtain.
The requirements of the GDPR are broadly similar to those set out in the Privacy Act and include the following rights:
- you are entitled to request details of the information that we hold about you and how we process it. For EU residents, we will provide this information for no fee;
- you may also have a right to:
- – have that information rectified or deleted;
- – restrict our processing of that information;
- – stop unauthorised transfers of your personal information to a third party;
- – in some circumstances, have that information transferred to another organisation; and
- – lodge a complaint in relation to our processing of your personal information with a local supervisory authority; and
- where we rely upon your consent as our legal basis for collecting and processing your data, you may withdraw that consent at any time.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, please be aware that:
- such objection or withdrawal of consent could mean that we are unable to provide our services to you, and could unduly prevent us from legitimately providing our services to other customers/clients subject to appropriate confidentiality protections; and
- even after you have chosen to withdraw your consent, we may be able to continue to keep and process your personal information to the extent required or otherwise permitted by law, in particular:
- – to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact on your rights, freedoms or interests;
- – under the provisions enacted by the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018 (Cth); and
- – in exercising and defending our legal rights and meeting our legal and regulatory obligations.
Storage and processing by third parties
Data that we collect about you may be stored or otherwise processed by third party services with data centres based outside the EU, such as Google Analytics, Microsoft Azure, Amazon Web Services, Apple, etc and online relationship management tools. We consider that the collection and such processing of this information is necessary to pursue our legitimate interests in a way that might reasonably be expected (eg, to analyse how our customers/clients use our services, develop our services and grow our business) and which does not materially impact your rights, freedom or interests.
The Company requires that all third parties that act as “data processors” for us provide sufficient guarantees and implement appropriate technical and organisational measures to secure your data, only process personal data for specified purposes and have committed themselves to confidentiality.
Duration of retention of your data
We will only keep your data for as long as is necessary for the purpose for which it was collected, subject to satisfying any legal, accounting or reporting requirements. At the end of any retention period, your data will either be deleted completely or anonymised (for example, by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning). In some circumstances, you can ask us to delete your data.
Keeping your information up-to-date
To ensure that your personal information is accurate and up to date, please promptly advise us of any changes to your information by contacting our data protection officer at firstname.lastname@example.org or by post.
Compliance with the Australian Assistance and Access Legislation
The laws have recently changed here in Australia to compel companies to share data with Australian intelligence agencies or build in data sharing mechanisms which may report directly to these agencies. While we endeavour to protect your data and our technology from vulnerabilities wherever possible, we can’t break the law, nor can we inform you when we’ve been issued with a notice under the new legislation.
By using our platform or website, you expressly exclude us from any liability which arises from sharing data or building data sharing mechanisms (including ‘back-doors’ and vulnerabilities) into our technology at the direction of Australian Government and its agencies, including where those mechanisms are later exploited by a third party.
If you require any further information about the Privacy Act and the Australian Privacy Principles, you can visit the Australian Information Commissioner’s website (see https://www.oaic.gov.au/).