Hair Doctors (online) Pty Ltd (“us”, “we”, or “our”) is a health care platform that provides access to hair care and hair loss treatments. The Hair Doctors offering includes but is not limited to; ‘Everyday Products’ (over the counter) through the online store, the ‘Online Clinic’ service, which facilitates confidential consultations with registered Australian doctors (Doctors) and health practitioners such as pharmacists (Practitioners) and ‘InClinic’ procedures provided by a registered Australian doctor in one of our physical Hair Doctors Clinics locations in Australia.
How Do we Collect Your Personal Information?
We will collect and hold your personal information in a fair and lawful manner, and not in an intrusive way. Where it is reasonably practical to do so, we will collect your personal information directly from you. Our Doctors or Practitioners may also collect and hold your personal information (including your health information).
We may collect the personal information you directly give us through some of the following means:
- when you make an inquiry or order in relation to goods or services through our website located at www.hairdoctors.com.au;
- when you attend an online consultation with a Doctor or Practitioner through the Website or InClinic, your treating practitioner will make, hold and maintain your medical records. Hair Doctors may also hold notes made by your Doctor or Practitioner. Any health information held by Hair Doctors will be managed in accordance with the Health Records and Information Privacy Act NSW (2002) or other relevant State legislation.
- in administering and performing any contracts with service providers
- when you contact us via telephone or facsimile;
- from correspondence (whether in writing or electronically), including when you complete our online forms, contact us through the Chat feature of our website or write to us by email;
- through any mobile applications provided by our organisation;
- while conducting customer satisfaction and market research surveys;
- when administering any of our services; and
- as otherwise required to manage our business.
We may also collect personal information from publicly available sources and third parties, such as suppliers, recruitment agencies, contractors, our clients and business partners.
If we collect personal information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
What Types of Information Do we Collect?
The type of personal information we may collect can include (but is not limited to), your name, postal address, email address, phone numbers, date of birth, billing and shipping information, your device ID, IP address, statistics on page views, traffic, standard web log-in information, and details of the services, products and treatments you make enquiries about.
We will collect and hold sensitive health information about you, such as your height, weight and medical history and any information you provide to Doctors or Practitioners. We only collect sensitive health information about you with your consent, or otherwise in accordance with the Privacy Act.
Where you do not wish to provide us with your personal information, we may not be able to provide you with requested goods or services.
What are our Purposes for Collecting and Handling your Personal Information?
We collect, hold, use and disclose personal information for the following purposes:
- to enable you to access and use our website and services;
- to offer and provide you with our goods and services;
- to provide facilities to Doctors and Practitioners using Hair Doctors so that they can arrange consultations with you;
- communicate with you about, including (but not limited to), the services you have sought, follow-up or at the request of the Doctor or Practitioner, email you tax invoices, dispatch and track information, returns and exchange authorisations;
- to perform analytics, conduct research and for advertising and marketing, such as to operate, protect, improve and optimise our website and services, business and our users’ experience;
- to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
- to send you marketing messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that may be of interest to you;
- to comply with our legal and regulatory obligations; and
- to otherwise manage our business.
To Whom do we Disclose your Personal Information?
We may disclose personal information between our organisations or to third parties such as our suppliers, organisations that provide us with technical and support services, or our professional advisors, where permitted by the Privacy Act. If we disclose information to a third party, we generally require that the third party protect your information to the same extent that we do.
- Cloud service providers; and
- Payment system operators.
How do we Hold Your Personal Information?
We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers, which may be located overseas.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information. This also applies to disposal of personal information.
We further protect personal information by restricting access to personal information to only those who need access to the personal information do their job. We will destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
From time to time we may engage an overseas recipient to provide services to us, such as cloud-based storage solutions. Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider. However, by providing us with your personal information, you consent to the storage of such information on overseas servers (such as servers located in the United States of America) and acknowledge that Australian Privacy Principle 8.1 will not apply to such disclosures. For the avoidance of doubt, in the event that an overseas recipient breaches the APPs, that entity will not be bound by, and you will not be able seek redress under, the Privacy Act.
We may use third-party vendors to show our ads on sites on the Internet and serve these ads based on a user’s prior visits to our Website. We may also use analytics data supplied by these vendors to inform and optimise our ad campaigns based on your prior visits to our Website.
While cookies allow a computer to be identified, they do not contain personal information about a specific individual. For information on cookie settings of your internet browser, please refer to your browser’s manual.
Accessing and Correcting your Personal Information
You can contact us using the information below to access the personal information we hold about you. On rare occasion, we may not be able to provide you with access to all of your personal information and, where this is the case, we will provide you with written notice stating our reasons. We may also need to verify your identity when you request your personal information.
If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.
Making a Complaint
If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below. Please include your name, email address and/or telephone number and clearly describe your complaint. We take all complaints seriously, and will respond to your complaint within a reasonable period.