Nervous System School

Privacy Policy

This document describes the privacy policy of¬†Jessica¬†Kelly¬†Maguire¬†(ACN: 655 672 165)¬†trading as¬†‚ÄėJessica Maguire Pty Ltd t/a Nervous System School‚Äô,¬†(‚ÄúJessica Maguire Pty Ltd t/a Nervous System School‚ÄĚ, ‚Äúwe‚ÄĚ, ‚Äúus‚ÄĚ)¬†for protecting the privacy of personal information we collect about you, including through our website, located at https://www.nervoussystemschool.com¬†as well as through the provision of¬†products¬†and/or services¬†or directly¬†from¬†you.¬†

As a health service provider, we are bound by the legal requirements of the Australian Privacy Principles set out in the Privacy Act 1988 (Cth). 

If you do not wish for your personal information to be collected in a way anticipated by this Privacy Policy, we may not be in a position to provide our services to you. In some circumstances, you may request to be anonymous or to use a pseudonym, unless it is impracticable for us to deal with you, or if we are required or authorised by law to deal with identified individuals. 

 

Personal Information We Collect  

 The types of personal information we collect may include: 

  • Name,¬†date of birth,¬†address(es), contact numbers, email address and other¬†contact details;¬†

  • Demographic data such as age and location;¬†

  • Transaction data (including details about payments to and from you and other details of products you have purchased from us);¬†

  • Technical data (including your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website);¬†

  • Profile data (including your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses);¬†

  • Usage data (including information about how you use our website, products and services); and¬†

  • Marketing and communications data (including your preferences in receiving marketing from us and our third parties and your communication preferences).¬†

 We may collect the above types of personal information from people including website visitors, email subscribers, social media fans, employment applicants, potential clients and service providers. 

Mailing List

By signing up for any courses or other educational materials you agree to subscribe to our mailing list.

Sensitive Information 

 We may also collect the following sensitive information: 

  • Health information,¬†including medical history, adverse events¬†such as trauma events, social history¬†and family history.¬†

We usually will only collect sensitive information from clients we are providing services to, or potential clients who have requested our services. 

How We Collect Personal Information 

We are committed to using lawful and fair means to collect personal information and collecting it from others only when it is unreasonable or impracticable to obtain certain information from our clients directly.  

 We may collect personal information in a number of ways: 

  • When¬†someone¬†visits¬†our website;¬†¬†

  • When someone makes a¬†scholarship application with us;¬†¬†

  • When¬†someone¬†makes¬†an enquiry with us (for example, by telephone or email);¬†¬†

  • When¬†someone¬†purchases¬†a product¬†or service¬†from us;¬†¬†

  • When¬†someone¬†signs¬†up to a marketing subscription, such as a newsletter sign-up form;¬†¬†

  • When¬†someone¬†contacts¬†us via¬†email, our website or via¬†social media such as Facebook or Instagram;¬†¬†

  • When someone completes a new client sign-up form; and¬†

  • When someone participates in one of our programs or services.¬†

We collect sensitive information in more limited circumstances, such as: 

  • When someone makes an enquiry with us and the sensitive information is disclosed to us to facilitate referral to an appropriate service provider; and¬†

  • When someone makes a scholarship application with us;¬†

  • When someone participates in one of our programs or services¬†and the sensitive information is disclosed to us to facilitate the delivery of the program or service.¬†

We limit the circumstances in which we collect personal and sensitive information indirectly. This may be where a person has authorized us to collect information from other health service providers they have disclosed information to (for example, information provided via referral or medical reports).  

How We Hold and Protect Personal Information 

We store all personal information we collect electronically, including on or within: 

  • The backend of our website¬†

  • The backend of our social media accounts, such as Facebook and Instagram¬†

Security   

We are committed to ensuring that the personal information we hold is secure and protected from misuse, interference, loss and unauthorised access, modification or disclosure. We undertake the following precautions to protect personal information we hold: 

  • our website contains pages encrypted with SSL (Secure Sockets Layer) to ensure the safety of any data that is submitted through use of this website;¬†

  • we limit access to personal information to a ‚Äúneed-to-know‚ÄĚ basis;¬†

  • the backend of our website and social media accounts is password protected;¬†

  • we protect devices we use to collect, hold, use and disclose personal information with industry-standard anti-virus software;¬†

  • our devices are protected by¬†passwords¬†and are stored in secure premises;¬†

  • data is securely stored on cloud servers;¬†

  • all conversations involving the discussion of personal information take place in private, where conversations are unable to be overheard by¬†unauthorised¬†personnel; and¬†

  • if we no longer need personal information, we take reasonable steps to delete or de-identify the information.¬†

We take extra precautions to protect sensitive information, including: 

  • all sensitive information is held in secure storage systems protected by passwords;¬†

  • we limit access to¬†sensitive¬†information to a ‚Äúneed-to-know‚ÄĚ basis;¬†

  • we protect devices we use to collect, hold, use and disclose¬†sensitive¬†information with industry-standard anti-virus software;¬†

  • our devices are protected by¬†passwords¬†and are stored in secure premises;¬†

  • data is securely stored on cloud servers;¬†

  • all hard copies of¬†sensitive¬†information are kept in secure storage with access by¬†authorised¬†personnel only; and¬†

  • all conversations involving the discussion of¬†sensitive¬†information take place in private, where conversations are unable to be overheard by¬†unauthorised¬†personnel.¬†

If a data breach occurs involving personal information and the breach is likely to cause harm, we will notify the individual as soon as possible after the occurrence in accordance with our obligations under the Privacy Act and related legislation. 

Why We Collect, Hold, Use and Disclose Personal Information 

We collect, hold, use and disclose personal information as is reasonably necessary for us to operate our business and provide our services, including for the following purposes: 

  1. to contact and communicate with clients and potential clients; 

  2. for the purpose of booking and delivering health services; 

  3. to deliver digital and physical products;  

  4. to assess your eligibility for a scholarship;  

  5. to ensure we are the right fit for clients; 

  6. to ensure the accurate and safe provision of services; 

  7. to communicate with other healthcare providers involved in a person’s care; 

  8. to conduct activities relating to research, quality assurance and improvement processes, accreditation, audits, risk and claims management, client satisfaction surveys and staff education and training; 

  9. to market to you and others, including remarketing (this may involve the use of a Facebook pixel or similar technology to allow us to display our advertising to you elsewhere on the internet, for example, on Google or Facebook); 

  10. when required for administrative and internal record keeping for a minimum of 7 years after our last contact;  

  11. for statistical purposes; and 

  12. as required by law. 

We only collect, hold, use and disclose sensitive information where it is necessary for us to provide a service we have been engaged to perform, and not for any unrelated purposes (for example, for research or marketing), unless we have received the person’s prior informed consent. 

We do not disclose personal information to overseas recipients. 

We never sell or rent personal or sensitive information we collect.  

Requests to Access, Correct or Delete Information 

Access  

You can request details of personal information that we hold about you in certain circumstances set out in the Privacy Act 1988 (Cth) (the Act). We may refuse to provide you with information that we hold in certain circumstances set out in the Act. Otherwise, we will provide access to the information if it is reasonable and practicable to do so. In most cases we will do this free of charge, but if your request requires significant effort or expense on our part, we might ask for compensation for that. 

Correction

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details set out below.  

We will endeavour to promptly correct any information found to be inaccurate, incomplete, or out of date and to notify of the correction, unless it is impracticable or unlawful to do so. 

Deletion

If you want us to delete personal information we hold about you or to not collect information from you for a specific purpose, please contact us using the details set out below.  

Please note that if we agree to delete information, because of backups and records of deletions, it may be impossible to completely delete the information without retaining some residual information.  

We will respond to any request to access, correct or delete information within a reasonable time.  

Unsubscribe 

We like to keep our customers and website visitors up to date, so from time to time¬†we will¬†send you newsletters, invitations and updates. Not to worry: our emails will always come with an "Unsubscribe" button, so you can opt out at any time. To unsubscribe from our email database, or opt out of communications, use the ‚ÄúUnsubscribe‚ÄĚ button in our communication or contact us using the details set out below.¬†

Do you live in the EU?‚ÄĮ¬†

Jessica Maguire Pty Ltd t/a Nervous System School is committed to looking after our customers in the EU and we make every effort to comply with the European General Data Protection Regulation (GDPR), including by processing your personal data in accordance with the principles of data processing set out in the GDPR. 

Your rights 

You have the following rights under the GDPR: 

  1. the right of access (the right to access personal information we process) 

  2. the right of rectification (the right to require us to rectify inaccurate personal information or complete our records) 

  3. the right to be forgotten (the right to require us to erase all your personal information in certain circumstances) 

  4. the right to restriction of processing (the right to restrict how or why we process your personal information) 

  5. the right to data portability (the right to receive a copy of your personal information) 

  6. the right to object (the right to object to us processing your personal information) 

  7. the right of review (the right to request a human review of automated decision making or profiling) 

You can exercise any of these rights by emailing us at [email protected].¬†¬†¬†

What is personal data?‚ÄĮ¬†

Any information relating to you.‚ÄĮ‚ÄĮ¬†

What is processing?‚ÄĮ¬†

Any operation on personal data like recording, structuring, storing etc.‚ÄĮ‚ÄĮ¬†

Who is a Controller?‚ÄĮ¬†

The person or body who‚ÄĮdetermines how and‚ÄĮwhy‚ÄĮpersonal data is‚ÄĮprocessed. In this case that's us ‚ÄstJessica Maguire Pty Ltd t/a Nervous System School.¬†¬†

Nervous System School's¬†Commitment‚ÄĮ‚ÄĮ¬†

The personal data we collect‚ÄĮis:‚ÄĮ¬†

  • processed lawfully, fairly and transparently;‚ÄĮ¬†

  • collected for the specified, explicit and legitimate purposes including creating our mailing list,‚ÄĮdirect marketing, taking payments¬†and¬†delivering goods or services¬†to you;‚ÄĮ¬†

  • adequate, relevant and limited to what is necessary for our purposes;‚ÄĮ¬†

  • accurate, and where necessary, kept up to date‚ÄĮ(we will take every reasonable step to ensure that inaccurate personal data is erased or rectified without delay);‚ÄĮ¬†

  • not stored than for longer than is necessary;‚ÄĮand‚ÄĮ¬†

  • processed in a manner that ensures appropriate security of the personal data.¬†

Your Consent‚ÄĮ¬†

Jessica Maguire Pty Ltd t/a Nervous System School requests your consent to the processing of your personal data for the purpose of creating our mailing list, marketing, taking payment and distribution/deliveries. You give us consent to process your personal data. You can withdraw that consent at any time by sending an email to‚ÄĮ[email protected].‚ÄĮIf you ask us to, we will stop using your personal data as soon as possible.¬†

How¬†Nervous System School¬†will work with your personal data‚ÄĮ¬†

To help you to understand how¬†Jessica Maguire Pty Ltd t/a Nervous System School¬†will work with your personal data we set out some key information below. As always if you have any questions just ask ‚Äď we are here to help!‚ÄĮ¬†

Nervous System School Data Processing Information  

Who is the controller of the data?  

Jessica¬†Kelly¬†Maguire¬†-¬†Privacy contact:‚ÄĮ[email protected].¬†¬†¬†

What are the purposes for processing the personal data?‚ÄĮ¬†

  1. To contact and communicate with clients and potential clients;  

  2. to book clients in and deliver health information; 

  3. to deliver digital and physical products;  

  4. to assess eligibility for scholarships;  

  5. to conduct activities relating to research, quality assurance and improvement processes, accreditation, audits, risk and claims management, client satisfaction surveys and staff education and training;  

  6. to market to you and others, including remarketing (this may involve the use of a Facebook pixel or similar technology to allow us to display our advertising to you elsewhere on the internet, for example, on Google or Facebook);  

  7. when required for administrative and internal record keeping for a minimum of 7 years after our last contact;  

  8. for statistical purposes; and 

  9. as required by law. 

What is the legal basis for processing the personal data?‚ÄĮ¬†

Where we have collected data from you for direct marketing purposes, the legal basis is‚ÄĮyour‚ÄĮfreely given, informed and explicit‚ÄĮconsent, which‚ÄĮyou have given by a positive act‚ÄĮ(i.e.¬†accepting this Privacy Policy)‚ÄĮknowing that you can withdraw it at any time.‚ÄĮIf you are arranging a¬†delivery¬†it is a contractual requirement to take the payment/billing details and delivery information. Where we have collected data from you other than pursuant to an‚ÄĮengagement or your consent, we have collected data to facilitate our pursuing our legitimate business interests.¬†¬†¬†

Who receives your personal data?‚ÄĮ¬†

Your data is received by us, ‚ÄĮJessica Maguire Pty Ltd t/a Nervous System School, and¬†by¬†our marketing platforms like Facebook and Instagram. When we offer collaborative events,¬†your details¬†are shared with other health professionals that Jessica collaborates with.

Will we transfer data to a‚ÄĮthird‚ÄĮcountry?‚ÄĮ¬†

No, all data is stored in Australia. 

How long will your personal data be stored?  

  1. We store all personal data indefinitely. This is necessary for our legitimate business purposes and to fulfil the purpose for which we collected the data, for example, to deliver our services to you, to contact you for marketing purposes and to facilitate your easy and convenient use of our website. 

  2. You may request access‚ÄĮto, rectification or erasure of your personal data,‚ÄĮrestriction of¬†processing or‚ÄĮobject to processing‚ÄĮfor automated decision-making. You also‚ÄĮhave the‚ÄĮright to data portability.‚ÄĮWe may request a reasonable fee to process a data portability request that is manifestly unfounded or excessive, based on the administrative costs of complying with the request. We will contact you promptly and inform you if we require payment of a fee. We will not be obliged to comply with the request until we have received the fee.‚ÄĮJust contact us by phone or email¬†at [email protected] if you have a request like this.‚ÄĮ‚ÄĮ‚ÄĮ¬†

  3. You have the right to lodge a complaint with a supervisory authority.‚ÄĮJessica Maguire Pty Ltd t/a Nervous System School hopes that you will not have complaints but if you do,¬†please raise them with us. You also have a right to lodge a complaint with the supervisory authority in the EU Member state where you live or work.‚ÄĮ‚ÄĮ¬†

  4. Where we have collected data from you‚ÄĮwhere you have ‚Äėopted in‚Äô‚ÄĮfor direct marketing purposes‚ÄĮpursuant to an offer,‚ÄĮthe provision of your personal data is a contractual requirement‚ÄĮfor the delivery of an opt in material.‚ÄĮSimilarly, if you are arranging a delivery,¬†it is a contractual requirement to take the payment/billing details and delivery information.¬†If you do not provide personal data, we will not be able to provide our products to you.‚ÄĮ¬†

  5. Is there automated decision making (including profiling)?  
    We utilise Facebook, Instagram and Google advertising services, which may utilise automated decision making. Please refer to their privacy statements, available at https://www.facebook.com/policy.php for more information. Please note that we are not affiliated with nor sponsored by Facebook, Instagram or Google. 

  6. We may collect other personal data about you from other sources, as set out in this Privacy Policy.  

 
Concerns 

 

If¬†you¬†have a concern about management of¬†your¬†personal information,¬†please¬†contact¬†Jessica Maguire¬†at [email protected].¬†We can¬†also¬†provide you with a¬†copy of the Australian Privacy Principles, which describe¬†your¬†rights and how¬†your¬†personal information should be handled, on request.¬†¬†

 

If unsatisfied with our response, you may lodge a formal complaint about the use of, disclosure of, or access to, your personal information, with the Office of the Australian Information Commissioner by phone on 1300 363 992, online at https://www.oaic.gov.au/privacy/privacy-complaints or by post to: Office of the Australian Information Commissioner, GPO Box 5218, Sydney, NSW 2001.  

 

Changes to this policy 

If we decide to change our Privacy Policy, we will let you know by posting such changes on our website.