Privacy Policy

1.1 Golden Hour Wellbeing values and respects the privacy of the people that we interact with. We are committed to protecting your privacy and ensuring our compliance with the Privacy Act 1988 (Cth) (Privacy Act, The Act, or Act), the Australian Privacy Principles (APPs) which are contained in Schedule 1 of The Act, and other applicable and relevant state and territory privacy laws and regulations. Our Privacy Policy (The Policy) applies to the personal information which we handle and store about our clients, prospective clients, visitors to our website www.goldenhourwellbeing.com, users of services we provide and members of the public. This Privacy Policy should be read in conjunction with our Terms and Conditions. By accessing our website, contacting us, or using our services, you agree to be bound by the terms set out in this Policy.

2. Meanings 

2.1 References to “Golden Hour Wellbeing”, “Golden Hour”, “we”, “us”, and “our” are references to Golden Hour Wellbeing [Pty Ltd ABN66682467652]. References to “you” and “your” are references to any individual about whom we collect personal information.

2.2 When used within this Policy, the following definitions apply:

(a) Personal information has the meaning given in the Privacy Act “information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information is true or not; and (b) whether the information or opinion is recorded in a material form or not.

(b) Sensitive information has the meaning given in The Act and refers to information or an opinion about an individual’s: (i) racial or ethnic origin; or (ii) political opinions; or (iii) membership of a political association; or (iv) religious beliefs or affiliations; or (v) philosophical beliefs; or (vi) membership of a professional or trade organisation; or (vii) membership of a trade union; or (viii) sexual orientation or practices; or (ix) criminal record that is also personal information; or (x) health information about an individual; or (xi) genetic information about an individual that is not otherwise health information; or (xii) information about an individual’s physical, genetic or mental health.

3. What information do we collect?

3.1 Golden Hour Wellbeing collects personal information from different entities based on the relationship they have established, are seeking to establish or through the services we provide to those entities. Any individual, business, organisation, or entity who provides us personal information or sensitive information, consents to us using, storing, and disclosing that personal information or sensitive information in accordance with the terms set out by this Policy.

3.2 We may update this Privacy Policy by publishing a revised version on our website. These Revised versions will take effect from the time in which they are published.

3.3 The type, format, and amount of personal information or sensitive information we collect about individuals is dependent on the circumstances from which the information is disclosed to us, and may be collected in various forms including, but not limited to, verbally; or through written notes (hand written or electronic); or audio files; or video files; or through written correspondence. 

3.4 The personal information that we collect includes: personal and business contact details, including email address, street address, and emergency contact; identification details such as name, date of birth, place of birth, gender, employment details, marital status, names and ages of any children, or spouse, educational and professional qualifications and other demographic information, all if provided; transactional information such as service requirements, service satisfaction feedback, and referral mechanisms; if relevant and/or applicable: Medicare number and insurance claim information; Australian Business Number (ABN); any other information you chose to disclose to us; and financial information such as bank account details, and credit card numbers.

3.5 The sensitive information that we collect includes: health information such as prognosis, diagnosis, pre-existing conditions and injuries; information relevant to care requirements, service and clinical practice information; accessibility and dietary requirements; memberships, associations, and other relevant health information; Indigenous status (if provided); and any other sensitive information you provide.

3.6 Other than as disclosed in this Policy, or to the extent which we are authorised or otherwise required by Law, we will not use or disclose any sensitive or personal information other than with your consent. Personal health information is collected in accordance with the Health Records (Privacy and Access) Act 1997 Privacy Principles.

3.7 We may collect personal information about you if you are a Healthcare Professional, or Healthcare Service Provider and you have referred a client to us or you are providing services to a client of ours. This may include such information as your name, medical speciality, or position within the organisation you work for, your Medicare Provider Number, and your contact details.

3.8 We may collect personal information and sensitive information about you if you interact with us on a commercial basis. The type of information we collect is set out in this Policy and will depend on the capacity in which you are interacting with Golden Hour Wellbeing.

3.9 We may also collect personal information and sensitive information indirectly such as through mail and electronic correspondence, quotations received, invoices received; or publications; or your authorised representative, attorney; or surveys; or our service providers; or government agencies and organisations; or social media (please note that social media platforms will handle your personal information for their own purposes, and have their own privacy policies); and internet and publicly available databases.

3.10 If Golden Hour Wellbeing receives unsolicited personal information and/or sensitive information such as job applications, it will be handled in accordance with The Act. We may keep records of unsolicited information if permitted by The Act.

3.11 You do not have to provide us with your personal information. Where you chose to interact with us anonymously, or by using a pseudonym, or chose not to provide us with your personal information and/or sensitive information, we may not be able to provide you with our services or otherwise interact with you.

4. Collecting personal information and sensitive information from third parties

4.1 We may collect your personal information and/or sensitive information from third parties through publicly available sources where it is necessary to do so for the provision of our services. This may include information from publicly available databases; or other healthcare providers and practitioners.

5. How we hold and store your personal information and sensitive information

5.1 Golden Hour Wellbeing collects and holds your personal information and sensitive information in electronic form. We hold your personal information and sensitive information securely on servers and devices specifically designed to do so. Through the course of our services, some personal information and sensitive information may be collected in paper-based documents where access to electronic forms is unavailable or impractical. These documents may be converted to electronic form and when converted, the paper-based documents will be destroyed in a secure manner when it is no longer required. Personal information and sensitive information stored on paper-based documents is stored within secure containers owned by us. 

5.2 We are legally required to hold client’s personal information in accordance with the applicable state or territory laws that it was collected in. In the ACT, we are legally required to keep patient records, which may include personal and sensitive information, for seven years or until the patient turns, or would have turned 25 years of age, whichever is longer.

6. How we protect your personal information and sensitive information

6.1 Golden Hour Wellbeing is committed to protecting and safeguarding your personal information and sensitive information that we have collected. We take all reasonable steps to protect personal information and sensitive information that we hold from misuse, interference, unauthorised access, modification and/or disclosure as well as loss.

6.2 Where we use electronic systems for the storage of personal information and sensitive information, they will be used specifically for this purpose and be designed to be used for this purpose. Where reasonably practicable, we will seek to ensure additional controls and protections are put in place to further protect personal information and sensitive information collected by us. 

6.3 Our security measures and processes meet industry standards. Such standards govern access control procedures, network firewalls, encryption and physical security measures. and are compliant with the 12 privacy principles outlined in the Health Records (Privacy and Access) Act 1997. We strive to protect the sensitive information and personal information we have collected; however we are unable to guarantee that any data you cause to be in motion or data that you transmit to us digitally or physically is 100% secure. 

6.4 In the event that we receive personal information or sensitive information about you from a third party which was not solicited, that personal information and/or sensitive information will be dealt with and handled in accordance with the terms set out by this Policy and The Act. In these circumstances, we will determine, within a reasonable time after receiving the personal information or sensitive information, whether we could have collected that personal information or sensitive information lawfully and fairly if we had solicited the personal information and/or sensitive information and only retain such personal information or sensitive information if we believe these conditions have been met.

7. Why we collect your personal information and sensitive information

7.1 We collect your personal information and sensitive information where it is necessary for us to do so in order to carry out functions or activities such as, but not limited to;

(a) assessing the appropriateness of our services to you and your circumstance

(b) sending you communications via SMS and/or email where it is necessary for us to do so for the provision of our services such as reminding you of your appointment times, providing you with resources and questionnaires, and sending you copies of your invoices

(c) enabling you to receive the correct entitlements, benefits, and funding based on the information you have disclosed to us through the course of the provision of our services from third party payers and to comply with their requirements.

(d) providing you with psychological services such as assessing, diagnosing, and treating psychological issues, or for the purpose of preparing reports

(e) responding to your enquiries, requests and feedback

(f) updating our records and keeping your information up to date

(g) enabling third parties to provide services on our behalf

(h) complying with regulatory, governance, and funding reporting requirements

(i) contacting a next of kin in case of emergency.

7.2 As outlined in paragraph 3.7, you do not have to provide us with sensitive information or personal information. However, providing us with accurate and complete information is important to ensure the safety, quality, and effectiveness of the services we provide. If the personal information or sensitive information you provide us is incomplete, or inaccurate, we may not be able to provide you with the services you are seeking. 

7.3 We do understand that over the course of your interactions with us, your personal information or sensitive information may change such as address, payment details, banking details, diagnosis and/or prognosis. If this is the case, it is your responsibility to update us on these changes. If you have any concerns or questions about the personal information or sensitive information we have asked you to provide or have collected, please address your correspondence to the Golden Hour Wellbeing Privacy Officer via email at admin@goldenhourwellbeing.com.

8. How can you access and correct your personal or sensitive information?

8.1 Subject to the rights and exceptions set out in the Health Records (Privacy and Access) Act 1997, you may ask for access to or a correction to be made to your personal information and sensitive information, if you believe it to be inaccurate. This request should be made in writing and addressed to the Golden Hour Wellbeing Privacy Officer via email at admin@goldenhourwellbeing.com. We will respond within 30 business days of receipt of your request in writing. We may ask you to verify your identity or we may discuss the contents of your personal information and/or sensitive information, subject to the exceptions of the aforementioned Acts before we provide you access to your information or to correct it. An appointment may be made and fees charged (if necessary) for clarification purposes or where requests are unreasonable or onerous as determined by us. 

8.2 If a correction is made and we have disclosed the original information with another third party, you may ask us to inform those third parties of the correction. We must do so unless there is a valid reason for us not to.

8.3 If we do not agree with the corrections you have requested, we are not required to make the corrections. These situations can include, but are not limited to, where we consider that the personal information or sensitive information you have provided or that we have collected is accurate, up to date, complete, relevant and not misleading. 

8.4 In situations where we have refused your request, we will provide you a notice, in writing, setting out the reasons. You may also request that we make a record of your claim and associate that record with the personal information or sensitive information that is disrupted. 

8.5 We do not provide copies of any file information without a court subpoena as clinical records contain sensitive information relevant to your treatment and may be harmful if read without a psychologist present to explain the information appropriately. 

8.6 Should a person requesting access to your personal information be an authorised representative of yours, such as a lawyer, or guardian, we will ask the representative to provide evidence of their authority as part of their request. We also reserve the right to ask you to provide current and informed consent to us before releasing your personal information.

9. Interactions with you through the internet

9.1 We may display advertisements on our website. We may add cookies to a users’ browser and use measurement software and tools on our websites to enable analytics and the service of ads. If you prefer to not have cookies collected or added, you can disable this option in your browser’s settings. By doing so, you may be unable to access certain features or pages within our website.

9.2 Our internet service provider (ISP) may make a record of your visit and log information specific to your visit. They do so within their own legal remit and collect and store this information in accordance with their own privacy and security policies.

9.3 Our website contains links and/or references to other websites and organisations, such linkages do not indicate our endorsement or support for that particular website, organisation, or business nor should it provide you with any assurances about the content you will be served when accessing that site. We are not responsible for the privacy practices or content of the linked websites, organisations, or businesses. These websites, organisations, and businesses should have their own privacy and security policies, of which, we strongly recommend you read before supplying any personal information or sensitive information to them.

10. Disclosure of personal information 

10.1 Sometimes circumstances may arise where we are permitted or required by law to disclose your personal information and sensitive information to third parties such as law enforcement organisations and courts. Some common situations in which we may disclose your personal information to third parties are when:

(a) it is subpoenaed by a court; or

(b) a failure to disclose the information would, in the reasonable belief of us, place you or another person at serious risk to life, health and/or safety; or 

(c) you have consented to the disclosure; or

(d) there is a reasonable expectation, either by you or us, that your personal information needs to be disclosed and that disclosure to that third party is for a purpose directly related to the primary purpose for which your personal information or sensitive information was collected. Refer to section 7 of this Policy; or

(e) it is required or authorised by or under an Australian law or a court/tribunal order

10.2 We do not directly disclose your personal information to overseas recipients or third parties, unless specifically requested and consented to by you, or such disclosure is required by law. Personal information and sensitive information may be indirectly disclosed overseas through our use of cloud services, the location of which is not reasonably available. This indirect disclosure is primarily related to the transmission or storage of the personal or sensitive information and where possible and practical, reasonable steps will be taken to ensure the data collected by us is protected in accordance with extant Australian law.

10.3 We do not, and will never use, sell, rent, or disclose your personal information and sensitive information for any other purpose.

10.4 We take reasonable steps to protect and safeguard personal and sensitive information provided to us, and comply with our legal obligations under the Act. Our staff are trained and required to respect the confidentiality of the information we store.

10.5 In the event of any unauthorised access or unauthorised disclosure, or loss of your personal information that is likely to result in serious harm to you or other individuals, we will investigate and notify both you and the Office of the Australian Information Commissioner in accordance with our obligations outlined in the Act.

10.6 Should you have any questions about any privacy-related issue outlined in this policy, or you wish to make a complaint about a breach of the Australian Privacy Principles or the handling of a client’s personal information and/or sensitive information by us, please contact our Privacy Officer. You may lodge a complaint in writing and it will be investigated by our Privacy Officer. You will be notified of the outcome of the investigation relating to your complaint as soon as practicable after it has been made.

10.7 If you are not satisfied with our response or you wish to lodge a formal complaint about our use, disclosure or access to your personal information and/or sensitive information, you may do so with the Office of the Australian information Commissioner by phone on 1300 363 992. These phones are staffed Monday to Thursday 10 am to 4pm AEST/AEDT. Alternatively, you can submit your complaint by following the relevant steps at this link - https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us. You may also submit your complaint in writing via post to: Office of the Australian Information Commissioner, GPO Box 5288, Sydney NSW 2001.

Changes to our privacy policy

This policy will be periodically reviewed and updated in order to reflect changes to existing laws and obligations, the creation of new laws and policy, the introduction of new technology as part of Golden Hour Wellbeing, any significant changes to our operations or any other necessary development that warrants this policy be updated.

Collection Notice 

1. Golden Hour Wellbeing ABN 66682467652, our employees collect personal information for the purpose of providing psychological services.

2. Golden Hour Wellbeing may collect your personal information and sensitive information from you through our use of electronic and paper forms, in discussions with you and from any information you provide to Golden Hour Wellbeing.

3. Golden Hour Wellbeing collects your personal information and sensitive information for the purpose of informing and enabling the services we provide and to enable us to conduct our business functions and activities including:

1. The administering of psychological health services;

2. The administering of your interactions and transactions with us;

3. Enabling third parties to conduct services or functions on our behalf;

4. The facilitation of payment for our services;

5. Maintaining and providing access to our website;

6. Providing you with information and educational resources;

7. Enabling communication in the form of providing newsletters, marketing, media releases, appointment remainders and invitations;

8. Assisting you with enquiries;

9. Data processing and analytics;

10. Ensuring our compliance with regulatory, governance, and funding reporting requirements; and

11. Contacting next of kin and emergency contacts where needed

4. If you do not wish for your personal information and/or sensitive information to be collected in a way outlined in Golden Hour Wellbeing’s Privacy Policy, Golden Hour Wellbeing may not be able to provide you with psychological services. 

5. All personal information and sensitive information is retained by Golden Hour Wellbeing in accordance with its Privacy Policy.

6. Golden Hour Wellbeing’s Privacy Policy  contains pertinent information on the process you may take to complain about a breach of Golden Hour Wellbeing’s Privacy obligations and how such a complaint will be handled as well as to seek access to correct your personal information held by Golden Hour Wellbeing.

7. Golden Hour Wellbeing may disclose your personal information or sensitive information where it is reasonable to do so or where Golden Hour Wellbeing is authorised to do so. Such situations may include where Golden Hour Wellbeing is legally required to disclose your personal information and/or sensitive information in the case of mandatory reporting, where there is risk to life, health and safety should it not be disclosed, or if subpoenaed by a Court.

8. Golden Hour Wellbeing may disclose the personal information or sensitive information to:

1. The Office of the Australian Information Commissioner; or

2. A regulatory or law enforcement body or an Australian court, for the purpose of aiding investigations, or defending claims made against Golden Hour Wellbeing.

9. Golden Hour Wellbeing does not directly disclose personal information to overseas parties, however indirect disclosure in the form of cloud storage and transmission may occur by Golden Hour Wellbeing’s use of cloud services. The location of which is not reasonably available.

10. For further information, please contact Golden Hour Wellbeing’s Privacy Officer at admin@goldenhourwellbeing.com.