Website Privacy Policy

Introduction

Hi there! The websites; www.lexiemcphee.com and www.lexiemcphee.teachable.com and www.lexiemcpheecourses.com.au are owned and operated by Naturopathy with Lexie ABN: 79 201 845 127. If you have any questions or need further information, please contact: 

Lexie McPhee

Mailing Address: 13 Meadowlark Lane, Mooroolbark, VIC, 3138

Email: [email protected]

Phone: +351 910 198 420

WhatsApp: +61 403 862 860

This document sets out my Privacy Policy. It describes how I collect and manage your personal information when you interact with this site. I take this responsibility very seriously. If you have any questions or concerns about how your personal information is being handled, please do not hesitate to contact me.

I comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act). I understand that visitors from the EU may access this site, so I also aim to comply with the General Data Protection Regulations (GDPR).



Personal Information

If you engage with me via this website, or choose to become my client I may ask to collect the following kinds of personal information from you, including:

CONTACT DETAILS

·     Your name and email address when you opt into my mailing list

·     The country that you live in

·     Your name, mobile number and address if you purchase a product through my online store

 INTERESTS & PREFERENCES

·     Health topics of interest through my blog

·     Preferences & requirements for particular products or services

 INTERACTIONS

·     Information that allows me to tailor my content to your needs when you sign up for one of my webinars or promotional events

·     Contact details and other information disclosed by you if you submit an enquiry 



Collection and Use

I may collect your personal information by various means including:

·     Through an online enquiry form

·     When you email information to me

·     When you opt in for my mailing list or newsletter subscription

·     When you sign up for webinars, seminars or events

·     In person at webinars, seminars and events

·     Through requests for testimonials

·     When you become my client or purchase a product/service from me

·     When I undertake an online search (including social media)

·     When my website collects information about your activities on my website for analytics

·     When a third party supplies information to me such as in the case of a client referral

·     When you interact with me on social media including Instagram

PURPOSE OF COLLECTION 

I use this information:

·     To respond to your enquiry

·     To provide specific services to you at your request

·     To deliver products and services

·     To monitor client satisfaction

·     To help others understand my services better

·     To improve my products and services

·     To provide more relevant information

·     To provide news about my products and services

·     To provide news about the developments in Naturopathy 

GROUNDS FOR COLLECTION

I will only collect your personal information:

·     With your full awareness and consent, such as when you email me, tick a checkbox or fill in a form to provide me with information

·     If I need it to provide you with information or services that you request

·     If I am legally required to collect it

·     For necessary administrative processes if you become my client

·     If I believe that I can demonstrate a legitimate interest in using your data for marketing purposes, although I will always give you a choice to opt out



Sensitive Information 

I understand that some personal information is particularly sensitive. 

METHOD OF COLLECTING SENSITIVE INFORMATION 

I will only collect sensitive information by methods that are reasonably secure, such as:

·     Through my intake form via SimpleClinic when you book a consultation with me

·     In an online consultation using Zoom video communications software

·     When you send me information to my Gmail address which is operated by G Suite

·     Through a face to face consultation for via a phone call

PURPOSE FOR COLLECTING SENSITIVE INFORMATION

The reason why I collect this information is:

·     So that I can provide you with the services you have requested

·     To ensure that I am providing you with the most appropriate products and services

·     In order to comply with the requirements of my professional association

TYPES OF SENSITIVE INFORMATION 

The sensitive information I may ask you to provide for this purpose may include:

·     Your medical history including diagnoses and prescription of medications

·     Your birth date and age

·     Your past and present symptoms

·     Measurements and results from tests

·     Details of dietary and lifestyle habits

I collect your sensitive information because it allows me to form a time-line of the health events in your life that have contributed to your current health picture. I collect ongoing information about the function of your mind and body in order to monitor the efficacy of the treatment and to maintain a safe course of treatment. I collect information regarding medications and dosing (pharmaceutical and supplements) because it allows me to consider potential interactions between medications.

HOW INFORMATION IS STORED

I am committed to securely storing and handling your sensitive information. 

Your sensitive information is stored on a password protected and secure software. I use G Suite which is a cloud-based platform. If you would more information on the storage of your information through G Suite, please email me at [email protected] and I will send you a copy of Google Cloud Security and Compliance Whitepaper. Any paper records are de-identified and stored in a locked filing cabinet. I also store information through SimpleClinic which you can read about under Cloud Storage.

WHO HAS ACCESS TO IT

·     Only I can access sensitive information

CLOUD STORAGE

Some of your personal and sensitive information may be stored with SimpleClinic Online. This information may include your personal details, health history, consultation notes, test results, prescriptions and treatment plans. SimpleClinic is an Australian owned practice management system for Naturopathic Practitioners and Complementary Health Care Providers. They comply with the Australian Privacy Act and take the protection of your information very seriously. They have a stringent security system, including password protected access to their platform restricted to registered subscribers, AES-246 or 256 bit SSL encryption of all sensitive information, access logging, and firewall and IP traffic monitoring for suspicious or malicious traffic. If you would like to know more, please contact me at [email protected] for a copy of Simple Clinic’s Privacy Policy. 

COLLECTION FROM MINORS

Sensitive information may be collected from children under the age of 18 under the following circumstances:

·     In the presence of their parent/guardian

·     With the full consent of their parent/guardian

DESTRUCTION POLICY

Paper records are stored for 7 years before being securely destroyed. Digital files are deleted to the best of my knowledge and ability after 7 years. Video and audio recordings are deleted after 3 years for storage capacity reasons. All information collected from minors is securely stored in accordance with this privacy policy. Information regarding minors is stored for six years after they turn 21.

REGULATIONS

I am subject to the following regulations regarding the collection of personal information:

·     As a Naturopath, I owe you a professional duty of confidentiality. I take this responsibility very seriously and will always strive to promote your best interests.

·      I am a member of the Naturopaths & Herbalists Association of Australia (NHAA) and am subject to their code of ethics which you can read at https://www.nhaa.org.au/about/code-of-ethics-constitution. I am also subject to the Code of Conduct for unregistered health practitioners which you can read at the bottom of this page.

LIMITATIONS
You may choose not to provide me with your personal information. However,

·     If you do not wish to provide me with accurate personal information, I may not be able to provide services or products, or achieve the purpose for which the information has been sought. The information you share with me must be specific and correct in order to ensure safe and appropriate delivery of services. 

·      I am legally required to identify my clients by collecting their name and address, and failure to provide this information means I cannot offer my services to you.



Use of Personal Information 

DISCLOSURE

Reasons why I may disclose your personal information include:

·     To provide you with the services you have requested

·     To send you products that you have purchased

·     To write letters of referral to other practitioners 

·     When using support services such as a virtual assistant

WHO DISCLOSURES ARE MADE TO

In order to do this, I may share some relevant personal information - on a strictly need to know basis with:

·     My virtual assistant or other employees

·     Australia Post or Courier companies

·     Mailchimp – my email marketing provider

·     Other health practitioners or providers with your consent

Third party providers who assist with:

·     Legal

·     Archiving

·     Auditing

·     Accounting

·     Business coach

·     Website

·     Marketing

·     Technology services

·     Client Record Management

LEGAL DISCLOSURE

I will also disclose your information if required by law to do so or in circumstances permitted by the Privacy Act– for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.

If you have any concerns regarding the disclosure of your personal information, please do not hesitate to get in touch with me to discuss this personally.

DISCLOSURE OVERSEAS

I will use all reasonable means to protect the confidentiality of your personal information while in my possession or control. I will not knowingly share any of your personal information with any third party other than the service providers who assist me in providing the information and/or services I am providing to you. To the extent that I do share your personal information with a service provider, I would only do so if that party has agreed to comply with our privacy standards as described in this privacy policy. However, some of my service providers may be overseas and may not be subject to Australian Privacy Laws or compliant with GDPR. 

I use G Suite which is a service provider based in the USA. If you would like more information on the storage of your information through G Suite, please email me at [email protected] and I will send you a copy of Google Cloud Security and Compliance Whitepaper.  I also use Zoom for online consultations which is a US based video communications company. I utilise their communications software that combines video conferencing, online meetings, chat, and mobile communication. 

Please contact me if you have any concerns about the potential disclosure of your information.



Security

POLICY STATEMENT

I value the confidentiality of my own personal and sensitive information and so I am committed to the security of the data and information of my clients. I also take the confidentiality of verbal information shared during the consultation space seriously. I take reasonable physical, technical and administrative safeguards to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure.

RISK MANAGEMENT

I manage risks to your personal information by:

·     Digital files are stored securely under password protected software

·     Paper files are de-identified and stored in a locked filing cabinet

·     Paper copies are avoided to strengthen security

·     I am the only person with regular access to your personal information. 

·     Information released to service providers is on a strictly need-to-know basis

·     I conduct regular audits of my security systems

As mentioned above, your personal information may also be stored with a third-party provider, where it will be managed under their security policy.

THIRD PARTY STORAGE

·     Mailchimp security information can be read at https://mailchimp.com/about/security/

·     Some of your personal and sensitive information may be stored with SimpleClinic Online. This information may include your personal details, health history, consultation notes, test results, prescriptions and treatment plans. SimpleClinic is an Australian owned practice management system for Naturopathic Practitioners and Complementary Health Care Providers. They comply with the Australian Privacy Act and take the protection of your information very seriously. They have a stringent security system, including password protected access to their platform restricted to registered subscribers, AES-246 or 256 bit SSL encryption of all sensitive information, access logging, and firewall and IP traffic monitoring for suspicious or malicious traffic. If you would like to know more, please contact me at [email protected] for a copy of SimpleClinic’s Privacy Policy. 

Some of your personal information may be stored with Kleq. This information may include your personal details. Kleq is a hosting platform for online businesses you can read their private policy here: https://www.10xpro.io/privacy


Some of your personal information may be stored with Teachable. This information may include your personal details. Teachable is a hosting platform for online businesses you can read their private policy here: https://teachable.com/privacy-policy


 COMBINING INFORMATION 

From time to time I may combine information provided by you with information gathered from:

·     Facebook

·     Google Analytics

·     Instagram

·     Personal contact with you

·     Website Visitor Statistics

·     Via my mailing List

Kleq Hosting Platform

Teachable Hosting Platform

If you do not wish this to occur, please contact me.



Access to Information

 You can contact me to access, correct or update your personal information at any time. Unless I am subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act, and I believe there is a valid reason for doing so, I will endeavour to make your information available you within 30 days. 

ACCESS PROCEDURE

Begin the process by sending an email requesting access to your information to me at [email protected] and I will endeavour to respond within 7 days.



Complaints

COMPLAINT PROCEDURE

To begin, send an email outlining your concerns to me at [email protected]and I will endeavour to respond within 48  hours. We can then discuss a resolution that satisfies us both. I want you to be happy with the services I provide. 

If you are not satisfied with my response to your complaint, you can also make a complaint to OAIC (Office of the Australian Information Commissioner).

COMPLAINT TO AN EXTERNAL BODY

·     The Office of the Australian Information Commissioner using the information available at http://www.oaic.gov.au/privacy/privacy-complaints

·     The health ombudsman in your state or territory.



Notification of Change

NOTIFICATION PROCEDURE

If I decide to change my Privacy Policy, I will post a copy of the revised policy on my website. I reserve the right to update this policy at any time.



Notification of Breach

If I have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, I will immediately assess the situation and take appropriate remedial action. If I still believe that you are at risk, I will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.

If you have any questions regarding privacy, would like to report a breach of privacy, or would like to change your personal information, please email me at [email protected]