Privacy Policy

1. Introduction

This website, www.ingridmasi.com.au, is owned and operated by Ingrid Masi (ABN 38 867 360 486).

If you have any questions about this Privacy Policy or how your personal information is handled, please contact:

Ingrid Masi
Email: ingrid@ingridmasi.com

I am committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Where applicable, I also aim to respect the privacy rights of individuals accessing this website from overseas.

2. What Personal Information I Collect

I may collect personal information when you interact with this website or engage my services.

This may include:

• your name, email address and phone number

• your address (where relevant)

• information you provide when booking an appointment

• health information relevant to your care (if you become a client)

• your preferences or feedback

• information collected through website use (such as IP address or browsing activity)

If you are a supplier or business contact, I may collect information relating to your services or business.

3. How Your Information Is Collected

Your personal information may be collected through:

• online forms (e.g. booking or contact forms)

• email or phone communication

• appointment bookings through Cliniko

• cookies and website analytics tools

Information is only collected where reasonably necessary and with your awareness.

4. Why I Collect Your Information

Your personal information is used to:

• provide you with services and support your care

• manage appointments and communication

• process purchases (where applicable)

• improve the website and services

• send updates or information (you can opt out at any time)

I will only collect and use your information where:

• you have given consent

• it is required to provide a service

• it is required by law

• it is reasonably necessary for legitimate business purposes

5. Sensitive Information (Health Information)

If you become a client, I may collect sensitive health information, including:

• medical history

• symptoms and health concerns

• relevant lifestyle information

This information is collected only where necessary to provide appropriate care.

Sensitive information is stored securely using Cliniko, a cloud-based practice management system designed for healthcare providers. You can view their security measures here:
https://www.cliniko.com/security/

Access to your information is restricted to authorised personnel only.

6. Storage and Security of Information

I take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access.

This includes:

• secure digital storage systems

• password-protected access

• limiting access to authorised individuals only

• using reputable third-party providers with appropriate security standards

Your information may be stored securely with trusted providers, including:

• Cliniko (practice management)

• Mailchimp (email communications)

• Google Analytics (website insights)

7. Disclosure of Personal Information

Your personal information will only be shared where necessary and appropriate.

This may include:

• healthcare-related service providers (where relevant)

• delivery or logistics providers (for product orders)

• third-party platforms used to deliver services

Information is shared on a strictly need-to-know basis.

Legal Disclosure

Your information may also be disclosed where required or permitted by law, including:

• compliance with legal obligations

• responding to lawful requests or court orders

• where there is a serious threat to health or safety

8. Overseas Disclosure

Some service providers (such as cloud-based systems) may store data overseas.

Where this occurs, reasonable steps are taken to ensure these providers maintain appropriate privacy and security standards.

9. Access and Correction

You may request access to, or correction of, your personal information at any time.

Requests can be made by emailing:
ingrid@ingridmasi.com

I will respond within a reasonable timeframe, generally within 30 days.

10. Cookies and Website Analytics

This website may use cookies and analytics tools to improve functionality and user experience.

This may include information such as:

• pages visited

• time spent on site

• general location data

You can disable cookies through your browser settings if you prefer.

11. Data Retention

Client records are retained for a minimum period required by law (generally 7 years), after which they are securely deleted or de-identified.

12. Complaints

If you have concerns about how your personal information is handled, please contact:

ingrid@ingridmasi.com

I will aim to respond promptly and work with you to resolve any concerns.

If you are not satisfied, you may contact:

• The Office of the Australian Information Commissioner (OAIC)
  https://www.oaic.gov.au

13. Changes to This Policy

This Privacy Policy may be updated from time to time.

The most current version will always be available on this website.

14. Data Breach Notification

If a data breach occurs that is likely to result in serious harm, appropriate steps will be taken in accordance with Australian law, including notification to affected individuals and relevant authorities where required.