top of page

Our Privacy Policy

Core to Floor Rejuvenation

ABN: 75 367 758 176 

1. Introduction and Compliance 

Core to Floor Rejuvenation (the "Practice," "we," "us," or "our") is a health service provider bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We are committed to protecting the privacy of your personal information, including sensitive health information.

This Policy outlines how we manage your personal information, including how we collect, use, disclose, and store your data, and how you can access and correct that information or make a complaint.

Contact Details for Privacy Matters:

Margaret Jones - Business Owner

Address: Suite 18, 429 Peel Street, Tamworth NSW 2340

Email: info@coretofloorrejuvenation.com.au

Phone: 0427 423 749

 

2. Collection of Personal and Sensitive Information 
2.1. Kinds of Information We Collect

We collect information reasonably necessary for, or directly related to, providing you with our aesthetic and rejuvenation services. This information includes:

  • Personal Information: Full name, date of birth, residential address, email address, and phone numbers. 

  • Sensitive Health Information (requires explicit consent):

    • Medical history, pre-existing conditions, patient consultation notes, and treatment records relevant to the treatments being sought. 

    • Details of past and future treatments and procedures.

  • Financial Information: Transaction history and payment details (processed by Square).

  • Clinical Images/Photos: Collected only with express consent for promotional and marketing material. These images are not for clinical record-keeping.

 
2.2. How We Collect and Hold Personal Information

We collect personal information directly from you when you:

  • Complete a patient registration form or consent forms (digital).`

  • Provide information during a consultation or treatment.

  • Book services via the Wix Bookings application.

  • Engage us via phone or email.

All patient records are stored digitally and are paperless. All records, including sensitive health information, are stored on the Wix platform, which includes the Wix Bookings application.

 
2.3. Government Identifiers 

We do not collect or use government identifiers such as Medicare numbers or driver's licence numbers, except where legally required for identity verification by our payment processor (Square) or other government agencies.

 
3. Use and Disclosure of Personal Information 

We collect, hold, use, and disclose your personal information only for the following purposes:

Purpose of Use

Details and Disclosure

Primary Purpose (Health Service)

To provide you with safe, professional, and personalised health and rejuvenation treatments. This includes assessment, diagnosis, treatment planning, and maintaining mandatory clinical records.

Administration, Booking & Billing

To process appointments via Wix Bookings and manage payments via Square.

Promotional/Marketing Material

To market our services, only if you have provided separate, explicit written consent for the use of your images and/or testimonials. We do not use patient contact details or health records for direct marketing.

External Disclosure

We do not disclose your personal or health information to external Australian health professionals, private health insurers, or Medicare.

Legal Compliance

To comply with any mandatory reporting, insurance, medico-legal requirements, or a court order.

4. Dealing with Your Information Anonymously 

Due to our professional and legal obligations as a health service provider, it is not practicable for us to deal with you anonymously or by pseudonym. We require your accurate identity and medical history to ensure your health, safety, and continuity of care.

 
5. Data Quality and Security 
5.1. Data Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure by:

  • Using industry-standard security measures provided by our digital hosts (Wix and Square).

  • Restricting internal access to client records to only the Practice owners and authorised staff.

  • Operating as a paperless business, thereby eliminating physical security risks.

5.2. Data Destruction

We retain health information for the minimum period required by NSW health and medical record legislation. Once this period has passed, and the information is no longer needed, we ensure the secure digital destruction or de-identification of the records.

 
6. Disclosure to Overseas Recipients

Your personal information, including sensitive health information, will be transferred and stored outside of Australia by our third-party service providers:

  • Wix (Hosting & Patient Records): Wix is a global company that stores information (including patient information and bookings via Wix Bookings) in data centres located in the United States, Ireland, Israel, and South Korea.

  • Square (Payment Processing): Square systems and data (including transaction history) are hosted in the United States.

By providing your personal information to us, you acknowledge and consent to the disclosure of your information to overseas recipients in these countries.

Important Warning (APP 8.2): We are required to inform you that by consenting to this disclosure, we will not be accountable under the Privacy Act 1988 (Cth) for any actions of these overseas recipients that may breach the Australian Privacy Principles.

 
7. Access to and Correction of Personal Information 

You have a right to request access to and correction of the personal information we hold about you.

  • Access: We will respond to your request within a reasonable time (usually 30 days) and may charge a small administrative fee for providing access in the form requested.

  • Correction: We will take reasonable steps to correct your information upon request. If we refuse your request, we will provide you with a written notice setting out the reasons for our refusal and the mechanisms available to you to complain.

 
8. How to Make a Complaint

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us using the contact details in Section 1.

If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC):

  • OAIC Phone: 1300 363 992

  • OAIC Website: www.oaic.gov.au

  • OAIC Address: GPO Box 5218, Sydney NSW 2001

 

Policy Last Updated: 6 October 2025

bottom of page