INTRODUCTION
Hi there, this website www.celesteferraris.com is owned and operated by Celeste Ferraris ABN 3121730739. If you have any questions or need further information, please contact:
Celeste Ferraris
PO Box 178, Balgowlah, NSW 2093
celeste@celesteferraris.com
This document sets out my Privacy Policy. It describes how I collect and manage your personal information when you interact with this site. I take this responsibility very seriously. If you have any questions or concerns about how your personal information is being handled, please do not hesitate to contact me.
I choose to voluntarily comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act) and the Health Records and Information Privacy Act 2002 (NSW) when handling personal and health information.
I understand that visitors from the EU may access this site, so I also aim to comply with the General Data Protection Regulations (GDPR).
PERSONAL INFORMATION
If you engage with me via this website, or choose to become my client I may ask to collect the following kinds of personal information from you, including:
  • Contact details such as name, role, position or occupation, address, email address, mobile number, landline number and fax number
  • Information about your health, lifestyle and nutritional circumstances
  • Health fund details (where available) for identification and claiming purposes
  • Healthcare, student, seniors and pensioner identifiers
  • Your opinion about future topics, products or services that may interest you
  • Information that allows me to tailor my content to your needs when you sign up for one of my webinars, promotional events or complete one of my surveys
  • With your consent, I may collect your IP address, and information about your browsing history to help me improve the usability and appeal of my website
  • If you are a supplier or prospective supplier, information about our business skills, services, products and prices
  • If you are an employee or prospective employee, information about your qualifications, skills and work experience
COLLECTION AND USE
I may collect your personal information by various means including:
  • You contact me with a question, comment or inquiry
  • An opt-in form for my mailing list
  • When you visit my website, send us an email or SMS, telephone us, make an online appointment or communicate with me using social media.
  • When you attend a talk, course, seminar or event I am hosting or presenting at
  • Client Intake Forms or questionnaires
  • You correspond with me on social media platforms such as Facebook, LinkedIn, Instagram or similar
  • You purchase a product or service from me
  • Online surveys
  • Cookies and visits to my website
In some circumstances personal information may also be collected from other sources. Often this is because it is not practical or reasonable to collect it from you directly. This may include information from:
  • Your guardian or responsible person
  • Other involved healthcare providers, such as specialists, general practitioners, allied health professionals, hospitals, community health services and pathology and diagnostic imaging services
  • Your health fund, Medicare, or the Department of Veterans’ Affairs (as necessary).
I use this information to:
  • Respond to enquiries
  • Provide services and products
  • Provide you with relevant news and updates about my services
  • Improve this website and the services I provide
I will only collect your personal information:
  • With your full awareness and consent, such as when you email or phone me, tick a checkbox or fill in a form to provide me with information
  • If I need it to provide you with information or services that you request
  • If I am legally required to collect it
  • For necessary administrative processes if you become my client
  • If I believe that I can demonstrate a legitimate interest in using your data for marketing purposes, although I will always give you a choice to opt out
SENSITIVE INFORMATION
I understand that some personal information is particularly sensitive.
I will only collect sensitive information by methods that are reasonably secure, such as:
  • Through my intake form when you book an appointment
  • In online consultation
  • When you send me information in an email
The reason why I collect this information is:
  • So that I can provide you with the services you have contracted for
  • To ensure that I am providing you with the most appropriate services
The sensitive information I ask you to provide for this purpose may include:
  • Your medical, lifestyle and dietary history
  • Your birth date
I am committed to securely storing and handling your sensitive information.
  • Sensitive information is stored in a locked filing cabinet or on a password protected computer.
  • Only I, the therapist responsible for your treatment may access sensitive material.
  • I do not store sensitive information online or in the cloud.
Sensitive information may be collected from children under the age of 18 under with their parent or guardian’s full consent.  All information collected from minors is securely stored in accordance with this privacy policy.
All archived sensitive information is securely destroyed after 7 years.
USE OF PERSONAL INFORMATION
Reasons why I may disclose your personal information include:
  • To provide you with the services you have requested
  • To send you products that you have purchased
In order to do this, I may share some relevant personal information – on a strictly need to know basis – with:
  • Australia Post or courier companies
  • Functional pathology and testing companies
  • People you authorise me to correspond with such as medical and health practitioners and those required to carry out your instructions
  • My email marketing provider (currently Mail Chimp) for the purposes of providing you with my newsletter, updates, offers and invitations
  • Third party service providers who assist me with archival, auditing, accounting, legal, website or technology services
I will also disclose your information if required by law to do so or in circumstances permitted by the Privacy Act – for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.
If you have any concerns regarding the disclosure of your personal information, please do not hesitate to get in touch with me to discuss this personally.
I will use all reasonable means to protect the confidentiality of your personal information while in my possession or control. I will not knowingly share any of your personal information with any third party other than the service providers who assist me in providing the information and/or services I am providing to you. To the extent that I do share your personal information with a service provider, I would only do so if that party has agreed to comply with our privacy standards as described in this privacy policy. However, some of my service providers may be overseas and may not be subject to Australian Privacy Laws or compliant with GDPR. Please contact me if you have any concerns about the potential disclosure of your information.
OPTING OUT OF MARKETING COMMUNICATIONS
I may, from time to time, send you newsletters, invitations and updates about my services. I will only do so if you have requested to receive such communications through an opt-in process. You can opt out of receiving any further such communications by clicking the “unsubscribe” option at the bottom of any marketing e-mail received from me.
SECURITY
I take reasonable physical, technical and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure. However, if you communicate with me via electronic means such as email, Zoom, Skype, contact forms or social media, I do not have full control over the transmission or storage or any personal information disclosed. You agree that by participating in such forms of communication you understand and accept that there is an inherent risk of disclosure or loss of your personal information for which I cannot be held responsible.
I manage risks to your personal information by:
  • Storing files securely
  • Ensuring that only I have access to sensitive information
  • Releasing information to service providers on a strictly need-to-know basis, and
  • Conducting regular audits of my security systems
As mentioned above, your personal information may also be stored with a third-party provider, where it will be managed under their security policy, such as:
From time to time I may combine information provided by you with information gathered from:
  • Facebook and other social media platforms
  • Google Analytics
If you do not wish this to occur, please contact me.
COOKIES
I may use ‘cookies’ to identify you, provide an efficient service and track behaviour patterns of visitors to my website. You can modify your browser to prevent cookie use – please note that the website and my service may not work properly.
If third party advertisers or ad servers place or recognise a unique cookie on your browser it is subject to their own privacy policies, not the privacy policy of this website and services.
ACCESS TO INFORMATION
You can contact me to access, correct or update your personal information at any time. Unless I am subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act, and I believe there is a valid reason for doing so, I will endeavour to make your information available you within 30 days.
Examples of circumstances where I may refuse to give you access to your personal information include where:
  • Giving access would be unlawful
  • I reasonably believe that giving you access would pose a serious threat to the life, health or safety of any individual or to public health or public safety
  • Giving access would have an unreasonable impact on the privacy of others
  • The information could reveal the intentions of a party in negotiations
  • Giving access could prejudice the taking of appropriate action in relation to unlawful activity
  • Giving access could reveal evaluative information in a commercially sensitive decision-making process.
If you request to correct your personal information, I will correct the information, or, if I consider it more appropriate, note your request for amendment of the information on your record.
I will not charge you to make a request to access your record but I may charge you to actually provide access depending on the costs associated with obtaining and providing the material.
Please begin the process of accessing your personal information by sending an email requesting access to your information to me at celeste@celesteferraris.com and I will endeavour to respond within 7 days.
CHANGE OF OWNERSHIP
I reserve the right to transfer to relevant third-parties any information we have about you in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution or liquidation) or other business combination. In such case, we will require the relevant third parties to provide comparable levels of protection as we provide with respect to the information we share.
COMPLAINTS
If a breach of this Privacy Policy occurs, or if you wish to a request a change to your personal information, you may contact me by sending an email outlining your concerns to celeste@celesteferraris.com and I will endeavour to respond within 48  hours.
If you are not satisfied with my response to your complaint you may seek a review by contacting the Office of the Australian Information Commissioner using the information available at https://www.oaic.gov.au/privacy/privacy-complaints or the health ombudsman in your state or territory.
NOTIFICATION OF CHANGE
If I decide to change my Privacy Policy, I will post a copy of the revised policy on my website.
NOTIFICATION OF BREACH
If I have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, I will immediately assess the situation and take appropriate remedial action. If I still believe that you are at risk, I will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.
FURTHER INFORMATION
For further information on your privacy rights go to: www.privacy.gov.au
For further information on the HRIP Act, go to:
https://www.ipc.nsw.gov.au/hrip-act
https://www.ipc.nsw.gov.au/sites/default/files/file_manager/FS-HPPs-for-agencies-May14-ACC_0.pdf