Crescent Healthcare is committed to providing quality services to you, and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act), the Privacy and Data Protection Act 2014 (VIC), the Health Records Act 2001 (VIC) (where applicable), and the Spam Act 2003 (Cth). These laws govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at https://www.oaic.gov.au/.

What is Personal Information and why do we collect it?

Personal Information is defined as information or an opinion that identifies an individual. Examples of Personal Information we collect include names, addresses, email addresses, phone numbers and facsimile numbers.

We collect Personal Information through various means, including interviews, correspondence, phone and email communications, our website (www.crescenthealthcare.com.au), social media, promotional adverts, publications, cookies and from third parties. When collecting information from third parties, we will take reasonable steps to ensure you are made aware of this information, and we will always seek your consent where necessary. We do not guarantee the privacy policies of third-party websites linked to or from our site.

We collect your Personal Information for the primary purpose of providing services to you, assisting with customer enquiries and for marketing purposes. We may also use your information for secondary purposes closely related to the primary purpose, where this is within your reasonable expectations.

Email Marketing: Crescent Healthcare may send you promotional emails about our products, services and other updates. You can opt in to receive these communications when you provide us with your contact information or sign up for our newsletter.

Opt-Out/Unsubscribe: If you no longer wish to receive marketing emails, you can easily unsubscribe at any time by clicking the unsubscribe link at the bottom of any email we send or by contacting us directly at [email protected]. We will promptly remove you from our mailing list in accordance with the Spam Act 2003 (Cth).

Online Purchases: When you make a purchase or interact with our website, we collect the necessary personal information such as your name, address and email. We also automatically collect information about your device and browsing activity, such as your IP address, which helps us improve user experience and the functionality of our website.

We strive to collect only the information necessary for the purposes described above, and we will, where appropriate, inform you of the reasons for collecting your personal data and how it will be used.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

Sensitive information will be used by us only:

• For the primary purpose for which it was obtained

• For a secondary purpose that is directly related to the primary purpose

• With your consent; or where required or authorised by law.

Health Records Act 2001 (VIC) Compliance (Where Applicable):

We are committed to ensuring the privacy and security of your health information. If we collect, use, or store any health-related information, we do so in compliance with the Health Records Act 2001 (VIC). This includes ensuring that your health information is handled securely, only used for the purposes for which it was collected, and that you have access to your health records as required by law.

Third Parties

We strive to collect your personal information directly from you whenever possible. In cases where third parties provide us with your information, we will take reasonable steps to inform you.

Third-party service providers, such as payment processors, collect, use and disclose your information only as needed to perform their services for us. These providers may have their own privacy policies, which we encourage you to review, particularly if they operate in jurisdictions with different privacy laws.

If your data is transferred internationally, it may become subject to the laws of that jurisdiction. For example, data processed in the United States may be disclosed under U.S. laws, such as the Patriot Act.

Once you leave our website or interact with third-party links, our Privacy Policy no longer applies. We recommend reviewing the privacy practices of any third-party platforms you engage with.

Disclosure of Personal Information

Your Personal Information may be disclosed under the following circumstances:

  • With Your Consent: We may share your information with third parties when you have provided explicit consent.
  • Legal Requirements: Disclosure may occur when required or authorised by law, such as in response to a court order, subpoena or other legal processes.
  • Service Providers: To facilitate services on our behalf, we may share your information with trusted third-party providers, such as IT service providers, payment processors, or marketing partners, under strict confidentiality agreements.
  • Business Transactions: In the event of a merger, acquisition, or sale of business assets, your information may be disclosed to the involved parties as part of the transaction.
  • Protection of Rights: Where necessary, we may disclose information to protect the rights, property, or safety of our business, employees or others.

In all cases, we will ensure that any disclosure is limited to the extent necessary and complies with relevant laws.

Security of Personal Information

We take reasonable steps to ensure your Personal Information is protected from misuse, loss, and unauthorised access, modification or disclosure.

  • Encryption & Industry Standards: If you provide credit card information, it is encrypted using secure socket layer (SSL) technology and stored with AES-256 encryption. We adhere to PCI-DSS requirements and implement industry best practices to safeguard your data.
  • Additional Measures: Security measures include restricted access, multi-factor authentication, secure data storage, and staff training to ensure all personnel understand their obligations to protect your information.
  • Retention Period: Personal Information is retained for a minimum of 7 years or as required by applicable laws, regulations or business needs.
  • Data Destruction: When no longer needed, Personal Information is destroyed or permanently de-identified using secure methods.
  • Data Breaches: In the unlikely event of a data breach, we will follow applicable laws to notify affected individuals and relevant authorities, taking immediate steps to mitigate potential harm.
  • Ongoing Security Reviews: Security practices are reviewed regularly to ensure they remain effective and compliant with evolving legal standards.

While we strive to use the most secure methods available, no method of transmission over the Internet or electronic storage is completely secure. We take all reasonable precautions to protect your data but cannot guarantee absolute security.

Age of consent

By using our website (www.crescenthealthcare.com.au), you confirm that you are at least the age of majority in your state, territory or province of residence. If you are not the age of majority, you confirm that you have obtained consent from your parent or legal guardian to use this site.

If you are a minor accessing the site with parental or guardian consent, your parent or guardian assumes full responsibility for your actions, including any transactions or communications made on this site.

The age of majority may vary by jurisdiction, and users are responsible for complying with the laws applicable in their location. Crescent Healthcare is not responsible for misuse of the site by individuals who misrepresent their age or provide false consent.

Access to your Personal Information

You have the right to access the Personal Information we hold about you and to request corrections to ensure its accuracy, completeness and currency, subject to certain exceptions as permitted by law.

If you wish to access or correct your Personal Information, please contact us in writing. We will respond to your request within a reasonable timeframe, typically within 30 days.

Crescent Healthcare will not charge any fee for your access or correction request. To protect your Personal Information, we will require you to verify your identity before releasing the requested information.

In certain circumstances, access may be denied as permitted by law, such as if providing access would have an unreasonable impact on the privacy of others or if it would be unlawful. If we deny your request, we will provide a written explanation of the reasons and outline the available dispute resolution options.

Maintaining the Quality of your Personal Information

We take it seriously to ensure that your Personal Information remains accurate, complete, and up-to-date. We will take reasonable steps to ensure the quality of your Personal Information, and we encourage you to notify us if you believe any of the information we hold is inaccurate, incomplete or out of date.

If you find that the information we have is incorrect or needs updating, please advise us as soon as possible by contacting us at [email protected], so we can update our records and continue providing you with quality services. We may also periodically review the information we hold to ensure it remains accurate and relevant.

We will take reasonable steps to correct any inaccuracies as soon as practicable.

Policy Updates

Crescent Healthcare is committed to keeping this Privacy Policy up to date in accordance with evolving legal standards. We conduct regular audits and reviews to ensure compliance with the Privacy Act 1988 (Cth), the Privacy and Data Protection Act 2014 (VIC), and the guidance issued by the Office of the Australian Information Commissioner (OAIC).

We will update this Privacy Policy promptly following any changes to applicable laws or our business practices. Updates to this policy will be posted on our website, and where necessary, significant changes will be communicated to you directly by email or other communication methods.

Privacy Policy Complaints and Enquiries

We respect your right to privacy and are dedicated to addressing any concerns regarding the protection of your personal information. If you believe your privacy has been compromised, please contact us at [email protected] to discuss your concerns and explore possible solutions.

Crescent Healthcare

26 Metrolink Circuit, Campbellfield, VIC, 3061

[email protected]

1300 04 05 06