This document sets out the policy of Marli International Pty Ltd trading as Eyes Right Optical (“ERO”) in relation to the collection and handling of personal information. It applies to all customers, staff and other individuals. Further information about our information handling processes may be available on request.
The term “personal information” refers to information from which an individual’s identity can be reasonably ascertained. It includes information such as an individual’s name, address, telephone numbers, email addresses, date of birth, credit and banking details and if and where applicable includes “sensitive information” such as health information.
In this policy the term “customer” means optometrists who are customers of ERO and “personal information” in the context of a customer means personal information about the individuals within that practice.
ERO treats all personal information it collects in accordance with the Privacy Act 1988 and the Australian Privacy Principles.
Collection and use of personal information
ERO collects and uses personal information (such as name, email address, contact details) of individuals who make enquiries through its website, over the telephone, face to face, through email or in other written communications. ERO uses these types of personal information for the purposes of responding to such enquiries and otherwise for the purpose for which the contact is made or information is provided. ERO also may collect use and display information provided by individuals through social media in circumstances where it can be inferred that the individual consents.
ERO collects and uses personal information of customers to represent the individual interests of customers, to provide them with the business services and products needed to keep them competitive and profitable. and to the extent necessary (and with the consent of the individuals concerned) the independent full scope optometry profession.
Information ERO collects about customers includes:
- The customer’s name
- Contact address(es), phone number(s) and contact email address(es). Contact addresses may include practice or work addresses, home address where supplied by the customer, and postal address.
- Date of joining ERO
- customership category or type
- Payments for purchases
- customer’s key staff names, positions, phone number(s) and contact email address(es).
- Contact history including notes on all ERO services/programs provided/attended and related business results (to the extent personal information is involved)
We may collect additional personal information where this is provided or supplied by a customer, including:
- Optometry professional interest areas
- customerships/fellowships of optometric organisations
- Hours worked
- A customer’s practice position
- Personal testimonials and prospective customer referrals
A customer may elect to provide, or not provide, any of this additional information.
The specific uses to which ERO puts customers’ personal information includes to develop, coordinate and implement ERO’s business services and products, to communicate, provide and inform customers of services that are available from ERO, to support the business needs of customers, to manage customer monthly accounts, as a source of information for both the customers and the public.
ERO obtains a customer’s personal information primarily from the customer themselves, although ERO also obtains personal information about customers from other publicly available sources where it is reasonably necessary to do so and it is permitted under the Privacy Act.
Use and Disclosure of Personal Information
ERO may use and disclose personal information of individuals for purposes such as for responding to enquiries, conducting financial transactions and sending marketing materials in circumstances where the individual has asked for or reasonably expects to receive marketing materials (and where opt-out mechanisms exist).
Data quality and security
ERO will take reasonable steps to ensure that the personal information it collects is accurate, complete, up-to-date and secure. (It requests individuals (including customers) to contact ERO directly if they have any concerns or require changes to or corrections of their personal information.)
The personal information of customers is stored on servers that are protected in controlled facilities locally and a secure cloud server. Unfortunately, no data transmission over the internet can be guaranteed to be completely secure. Although ERO strives to protect such information, ERO does not warrant the security of any information transmitted to it over the internet and customers do so at their own risk.
ERO takes all reasonable steps to ensure that access to personal information is restricted to those within the organisation who have a need to know.
Access to and correction of personal information
Customers and other individuals may request access to, and ask ERO to make corrections to the personal information that ERO holds about them.
This can be done:
- In writing (e.g. by email)
- In person
- By telephone (in this case, ERO’s staff will ask relevant questions to confirm the identity of the caller)
ERO will, on request, provide a customer with access to the information it holds about that customer, unless there is an exception which applies under relevant privacy laws. If ERO refuses to provide access to the information, it will provide reasons for the refusal and inform the customer of any exceptions relied upon.
If the personal information ERO holds about a customer is inaccurate, incomplete or out of date and the customer asks ERO to correct this information, ERO will take reasonable steps to either correct this information or if necessary discuss alternative actions with the customer.
ERO will not adopt, use or disclose any identifier assigned to an individual or customer by a government agency, except where required by law.
It is an individual’s right to be dealt with anonymously, provided that it is lawful and practicable. ERO will try to accommodate this wherever possible. However, it may not be possible for ERO to fully comply with any request for service or information that the individual may request, without access to that individual’s personal information.
Transborder data disclosure
ERO does not disclose personal information outside Australia.
ERO does not normally collect sensitive information (as defined under the Privacy Act), such as information about the health status of customers or other individuals. If it is necessary to collect sensitive information, it will be done in accordance with applicable laws. Further, in accordance with the Australian Privacy Principles, ERO will not collect sensitive information about an individual (including a customer) unless that person consents to the collection of the information and the information is reasonably necessary for one or more of ERO’s functions or activities.
Requests, Complaints or Questions about privacy and personal information
If a person (including a customer) wishes to gain access to his or her personal information, has a complaint about a breach of privacy or has any questions on how their personal information is collected or used, they can forward a request, complaint or question to the address below:
Eyes Right Optical
Attention: National Privacy Officer
PO BOX 62
VIC 3156 AUSTRALIA
Or 1800 637 654
Or by email: firstname.lastname@example.org and marked attention National Privacy Officer.
ERO will assess each such request, complaint or question in relation to , and respond to a customer’s request, complaint or question within 14 days.