Privacy Policy
The privacy of customer, patients/clients of Equity Oriental Medicine is extremely important to us. This privacy policy explains how Equity Oriental Medicine (ABN 29946708424) handles the privacy of customers, patients/clients and suppliers.
​
In this privacy policy, the term “personal information” has the meaning in the Privacy Act 1988 and under that legislation includes information about an identifiable individual, including names, addresses, telephone numbers, email addresses, dates of birth, credit and banking details, includes information that constitutes “sensitive information” such as health information.
​
How and what information we collect
​
Personal information is collected from the individual concerned. The types of personal information we collect or may collect includes names, dates of birth, email addresses, signatures, mailing addresses, residential addresses, Medicare numbers, health fund details; credit card details, payment and transactional information and some health information such as details of medications already prescribed and/or taken or to be taken by the individual, as well as medical history, together with any information we are required to collect by law.
​
Personal information is collected during booking and consultation with Equity Oriental Medicine. Personal information is used for the purposes of providing information to or receiving information to facilitate your consultation, when paying for herbal medicine products with credit cards, when you telephone us, visit our website or meet with us and make an enquiry to which a later response is requested and to do so requires your contact details, when recording medical queries, complaints and adverse events, when you ask to be included on marketing distribution lists, agree to receive targeted advertising material and communications, or when you interact with us through social media platforms, for other regulatory purposes, and when evaluating job applicants and personnel, including their contact details, employment history and educational qualifications.
​
How we may use or disclose your
​
Personal information is collected and used to help in your requests for herbal medicine, to respond to enquiries received from you, to process, confirm, fulfill and update you about your orders, to perform authorised financial transactions with you, to verify your identity, to communicate with you and provide you with information (whether by email, post or other means) about our products or services (where you have requested or consented to receiving this from us), to notify you about changes to our goods and services, to address medical queries, complaints from you, and to protect our legal interests and fulfill our regulatory obligations (if and to the extent necessary).
​
We may disclose your personal information to any of our related group companies. They will only use it for the same purposes that we may under this policy. We may provide personal information to third parties outside our group companies for limited purposes, such as to help us in providing or offering goods and services to customers, where you have provided your consent. Those persons and businesses may include: Medical professionals for the purpose of your medical care, Organisations who carry out credit, fraud and other security checks, Couriers and delivery businesses (where we arrange to deliver goods to you or persons you have requested us to send deliveries to), Third party suppliers of goods or services that may be of interest to you (with your consent), Third party software providers who store details of customer account for us or who provide other IT services; and Marketing businesses engaged by us to disseminate materials to which recipients have consented (if applicable).
​
We may also disclose your personal information to third parties outside our group of companies, where we have your express permission to do so, where it can reasonably be inferred from the circumstances that you consent to the disclosure to the third parties, if we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation, or in order to enforce or apply our terms and conditions; or to protect our rights, property, or safety of that of our personnel or customers. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
​
Except as above, we limit the information we provide to third parties to the information they need to help us to provide or facilitate the provision of goods and services to you. We deal with third parties that are required to meet the privacy standards required by law in handling your personal information, and use your personal information only for the purposes that we gave it to them.
​
Storage of your information
​
Our business provides a secure platform generating herbal prescriptions and products for users following their completion of consultation. These services are provided to the customer through a mobile or computer application. Face to face consultation is available through a health facility which will be governed by Privacy and Terms and Conditions as per the individual health facility that Dr. Wong provides consultation services.
​
Personal information is stored at secure databases through third party cloud-based storage in the software call "Cliniko". Cliniko information storage is encrypted in both transit and at rest. At rest, Cliniko uses EBS encrypted volumes on all servers. During transmission between customers and Cliniko uses TLS (HTTPS) and, where possible, TLS via e-mail. Cliniko meets all the requirements for Australian healthcare information, primarily the Australian Privacy Principles. Cliniko data is stored in Amazone's data centers in Australia. We take all reasonable steps to protect your personal information, restricting access to personal information to those who have a need to know, maintain technological products to prevent unauthorised computer access. The internet is not always a secure place and we cannot guarantee total security of your personal information in all circumstances.
​
When you provide personal information to us, please make sure that it is accurate, up to date and complete.
​
Steps have been taken to ensure the security of the website and credit card. We attempt to provide a secure, safe platform to conduct transactions. All transaction for consultation are carry out using the software "Stripe". Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, Stripe make use of best-in-class security tools and practices to maintain a high level of security at Stripe. All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).
​
We will take reasonable steps to destroy or de-identify personal information if it is no longer needed.
​
​
Accessing and Correcting your information and making a complaint
​
You have a right to access the personal information we hold about you and to raise concerns or complaints or ask for corrections. To raise privacy concerns, including to obtain a copy of the personal information we hold about you, please write to us at
​
contact@equityorientalmedicine.com
​
PO Box 4235
​
Norwood South SA 5067
​
​
We may modify, alter or otherwise update this privacy policy at any time. We will post revisions on our website. We encourage you to review this policy from time to time.
​
Last update: April 2020
​