Contact | BOOK YOUR FREE HEALTH STRATEGY SESSION
 
Privacy Policy | Kaleidoscope Wellbeing
17178
page-template-default,page,page-id-17178,bridge-core-1.0.7,cookies-not-set,qode-listing-2.0.3,qode-lms-2.0.3,qode-news-2.0.2,qode-quick-links-2.0,ajax_fade,page_not_loaded,,side_area_uncovered_from_content,hide_top_bar_on_mobile_header,qode-child-theme-ver-1.0.0,qode-theme-ver-18.2.1,qode-theme-bridge,qode_advanced_footer_responsive_1000,qode_header_in_grid,wpb-js-composer js-comp-ver-7.6,vc_responsive
 

Privacy Policy

Last updated 28 September, 2023

Introduction

Hello and welcome to the Kaleidoscope Wellbeing® Privacy Policy.

This website, www.kaleidoscopewellbeing.com.au, is owned and operated by Mackay Partners Pty Ltd trading as Kaleidoscope Wellbeing®, ACN: 15 091 232 941.

If you have any questions or need further information, please contact us using the contact form on this website, or write to:

Yasmin Nekula
Kaleidoscope Wellbeing
PO Box 389
WAHROONGA NSW 2076
AUSTRALIA

In this Privacy Policy, “we”, “us”, “our”, “our company”, and “Kaleidoscope Wellbeing®” refer to Mackay Partners Pty Ltd, trading as Kaleidoscope Wellbeing®.

Protecting your private information is of paramount importance to us, as is optimising your experience as a Kaleidoscope Wellbeing® website visitor, subscriber and/or client.

We comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act).

We understand that residents of the UK may access this site and/or become our clients, so we also aim to comply with the UK-GDPR.

This Privacy Policy describes how we collect, manage, and use your personal information. This Privacy Policy applies to all your dealings with us.

The personal information we collect

If you engage with us via this website, or become a Kaleidoscope Wellbeing® subscriber or client, we may collect the following kinds of personal information from you:

  • contact details such as name, email address, mobile/telephone number, residential address, and postal address;
  • information about your requirements and the services you are interested in obtaining from us;
  • if you sign up for one of our events, workshops or programs, information that will allow us to tailor our content to your preferences;
  • when you access our website, information such as your IP address, browser type and/or device type, the dates and times that you access our website, the specific pages you view, the third-party website you arrive from, and your location;
  • when you access or comment on our social media accounts, your social media handle/s and the information you choose to share in your comments;
  • if you become a client, information about your health and medical background and status to allow us to provide you with appropriate health/nutrition services and tailored treatment plans – see “Sensitive information” below for more information;
  • if you are a client, payment data is collected from you by our third-party payment processing partner, Halaxy, to process your payment, such as your name, credit card number, expiry date and security code, and billing address (Kaleidoscope Wellbeing® does not store payment data);
  • if you require an invoice which will allow you to obtain a health fund rebate, your health fund details;
  • if you are a client and have agreed to provide a written or video testimonial, information about your experience working with us and the results you have seen, and potentially photograph/s or video footage of you;
  • if you are a supplier/contractor or prospective supplier/contractor, information about your products, services, prices and relevant skills; and
  • any other personal information that is reasonably necessary for the purposes of running our business.

How we collect your personal information

We may collect your personal information by various means, including when:

  • you sign up for (subscribe to) updates on our website, choose to download a resource from the website, or otherwise opt in to receive communications from us;
  • you submit an enquiry on our website;
  • you email or telephone us or send us an SMS or other message;
  • you book an appointment with us;
  • you complete and send back to us our new client intake form and during face-to-face, telephone or online consultations;
  • we communicate with you as a client over email, phone, SMS or messaging service;
  • we request a written or video testimonial and you provide us with one;
  • you register for one of our events, webinars, presentations, programs or courses;
  • you attend / take part in one of our online or in-person events, webinars, presentations, programs or courses or a third-party event in which we are speaking or participating;
  • you visit our website;
  • you interact with us on social media platforms such as Facebook, Instagram, LinkedIn, YouTube or similar.

Where practicable, we will only collect personal information about you directly from you. However, in some instances we may obtain personal information from a third party, for example, if we receive a referral for you from another healthcare practitioner.

Sensitive information

In order to provide natural medicine and nutrition consultations and services, it is necessary for us to collect certain information from our clients which is especially sensitive. Kaleidoscope Wellbeing® is committed to securely collecting, storing, and handling your sensitive information.

Sensitive information collected
If you become a client, in order for us to be able to develop appropriate, tailored treatment plans for you we will ask for information from you including your:

  • date of birth, age, gender, occupation and living situation;
  • medical history, family history, diagnosed medical conditions, medications and supplements taken, allergies and intolerances;
  • doctors and other health practitioners you are currently seeing, and treatment protocols you are undergoing;
  • blood test and other medical and functional test results;
  • current symptoms;
  • current diet;
  • exercise types, frequency and durations;
  • lifestyle preferences and habits;
  • emotional and mental health; and
  • health objectives.

We may also collect information about:

  • your blood pressure, pulse rate, respiration rate, temperature, weight, height, tongue and nails;
  • the health and functioning of various body systems.

Important considerations
We are legally required to collect the name, address, and date of birth of every client. If you do not provide this information to us we are unable to accept you as a client.

If you are a client, you must answer all our questions as accurately and completely as possible to enable us to develop a safe and appropriate treatment plan for you.

Collection of sensitive information
Sensitive information is collected via methods such as:

  • through our intake form (completed online during the booking process or sent via email before your initial consultation);
  • during a face-to-face, telephone or online consultation or group session;
  • via email, for example if you send us test results, or other information relevant to your health history.

Collection from minors
Kaleidoscope Wellbeing® does not work with infants or children under the age of 18 years, and therefore does not collect sensitive information from minors.

Storage of sensitive information
Your personal and sensitive information is stored electronically on a password-protected PC and laptop and external hard drive backups.

If you completed an intake form online via Halaxy when you booked your appointment, the information you provided is stored in our third-party client booking and management system, Halaxy, and is subject to Halaxy’s privacy policy.

Information you share via email or text message with us may be stored on our mobile phone, which has a security code.

Access to sensitive information
Only our principal practitioner, Yasmin Nekula, has access to your sensitive information.

Retention of sensitive information
We are legally required to retain client files for adults for seven years following the last consultation. After this time, we will delete all electronic files from all devices.

The purposes for which we collect, hold, and use personal information

We may collect, hold, and use your personal information in order to:

  • respond to your enquiries / correspond with you;
  • satisfy the legal requirements of running a health care practice;
  • provide and tailor our services to you if you request them;
  • develop safe and appropriate treatment plans for you if you are a client;
  • monitor visitor and client satisfaction;
  • process payments;
  • send you relevant news and information about our services and health and nutrition in general;
  • improve our services, website and marketing;
  • promote our business, if you have agreed to provide us with a testimonial; and
  • otherwise run our business.

Ethical collection

Where practicable we will only collect personal information about you directly from you or sources managed by you. However, in some circumstances we may obtain personal information from a third party. If this information is obtained contrary to this Privacy Policy and the Privacy Act, we will destroy or de-identify such information within a reasonable period.

Disclosure of your personal information

We may share your personal information with third parties in certain situations.

Company director, employees and contractors
We may share your personal information within our company with our director, employees and contractors in order to deliver our services to you. This does not apply to your sensitive information.

Others involved in your health care
If you are a client, with your consent, we may disclose your personal information to others involved in your health care, including doctors and other health professionals who may be involved in treating you, pathology services, suppliers of supplements (so that we may create a prescription for you) and in emergency situations. This may occur through reports for or referral to other healthcare providers or for functional tests. In such situations, you are in control of what information is shared and with whom.

Third-party service providers and platforms
We may disclose your information to third parties who assist us with various tasks in the running of our business, including online booking and client management platforms, payment processing services, online meeting or webinar platforms, online teaching platforms; pathology testing suppliers, nutritional supplement supply businesses, hosting services, email delivery platforms, analytics services, social media platforms, marketing and advertising services and service providers who assist with our legal, accounting, coaching and mentoring requirements. These providers collect and process personal information from or about you on our behalf, or we may provide it to them. They will have access to the personal information needed to perform their functions. These third-party providers include:

  • Halaxy – for online booking, client management and payment processing services;
  • Stripe – for payment processing services;
  • Zoom – to book and invite you to online consultations;
  • Vital.ly, Natural Chemist and/or Integria – to create prescriptions and supply your nutritional supplements;
  • RN labs or NutriPATH ¬– for functional pathology testing;
  • VentraIP – for website hosting services;
  • Google Workspace – for email and calendar services and management;
  • Mailchimp or Campaign Manager – for delivery of emails, newsletters and downloaded resources;
  • Google Analytics, SEMRush and Facebook Insights – for website and advertising analytics;
  • SWYK Tools – for marketing services;
  • Facebook, Instagram, LinkedIn, Google, and YouTube – we may use these companies to deliver advertising to you after you have visited our website, engaged with us on social media, or subscribed to one of our mailing lists. These companies may use information about your visit to our website and other websites that is contained in web cookies to offer you personalised advertisements about goods and services that might interest you.
  • Other third parties – we may share your personal information with other third parties for the purpose of conducting legitimate business activities.

Some of these third parties are located outside Australia and may not be subject to Australian Privacy Laws. You should consult the respective privacy policies of these third-party service providers for information about their privacy practices.

Legal disclosure
We will also disclose your information if required by law in response to a subpoena, discovery request or a court order, in compliance with mandatory reporting obligations, or in circumstances permitted by the Privacy Act – for example, where we have reasonable grounds to suspect that someone is engaging in unlawful activity, or misconduct of a serious nature, that relates to our work with you. We may also make a disclosure to an appropriate authority if we have serious concerns about your health, safety or wellbeing.

Sale or bankruptcy
In the event that our company is sold, goes out of business, or enters bankruptcy, your information may be transferred to a third-party successor. Such a successor is not bound by our Privacy Policy and may have its own.

Notification of sale, bankruptcy or closure will be disclosed in our Terms and Conditions and Privacy Policy on our website.

Disclosure of information outside Australia
We will use all reasonable means to protect the confidentiality of your personal information while it is in our possession. We will not knowingly disclose your personal information to any third party other than the those who assist us to conduct our legitimate business activities. If we do share your personal information with a third party, we will ensure they have comparable privacy practices to those described in this Privacy Policy. Please note that some of our service providers are located outside Australia and may not be subject to Australian Privacy Laws. Please contact us if you have any questions or concerns.

Security

We take all reasonable steps to protect your personal information from misuse and loss and unauthorised access, modification, and disclosure. We store files securely, limit access to sensitive information, share information to third parties only if it is absolutely necessary, and regularly review our cybersecurity procedures and policies.

However, some of your personal information may be stored by third-party service providers as described above, and that information will be subject to those providers’ privacy policies.

If you are communicating with us via electronic means such as email, SMS, messaging apps, Zoom, contact forms or social media, we may not have full control over the transmission or storage or any personal information disclosed (although we try to employ best practice cybersecurity standards at all times). You agree that by participating in such forms of communication you understand and accept that there is an inherent risk of disclosure or loss of your personal information for which we cannot be held responsible. If you are concerned about transferring particularly sensitive information, please ask us about alternative options that may be more secure.

Cookies and analytics

Cookies are small text files that are commonly used by websites to improve a user’s experience, collect statistics or marketing information and provide access to secure areas.

We use cookies on our website to recognise you and your preferences and provide you with the best browsing experience, to analyse website traffic, and to measure the effectiveness of campaigns.

We may also use cookies to serve relevant advertisements to our website visitors through third party services, for example, Google Adwords. These advertisements may appear on this website or other websites you visit. By using our site, you consent to the use of cookies, unless you have disabled them by changing your browser settings.

You can choose to configure your browser settings not to accept cookies but this may interfere with the functioning of this website.

We use Google Analytics to collect information about your use of our website so we can understand how our website is being used and improve its functionality. You can find out more about the information Google collects and how it is used here:  https://support.google.com/analytics/answer/11593727

Google also provides an add-on for your browser that you can use to opt-out and prevent your data being used by Google Analytics. You can access that add-on here: https://tools.google.com/dlpage/gaoptout

Access to your personal information

You can contact us to access, correct, update, or delete the personal information we hold about you at any time. Please email [email protected] and we will endeavour to provide access or carry out your request within 30 days. However, there are some circumstances, which are permitted by law under the Privacy Act, in which we may deny access. Some examples of these circumstances include:

  • access would pose a serious threat to the life, health, or safety of any individual;
  • access would have an unreasonable impact on the privacy of others;
  • access would be unlawful;
  • denying access is required or authorised by or under law.

If we deny access to your personal information, we will provide reasons.

Third party sites

On various pages, our website includes links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute our sponsorship or endorsement or approval of these websites. Please be aware that Kaleidoscope Wellbeing® is not responsible for the privacy practises of these websites. We encourage our users, when they leave our website, to read the privacy policies of each and every website that collects personal information.

Children

Our website and social media handles are not designed for use by children under the age of 18, and we do not knowingly collect personal information via these channels from anyone under the age of 18. If you become aware that we have collected personal information from anyone under the age of 18 via our website or social media, please contact us so that we may delete that information.

Opting out of marketing communications

From time to time we may send you newsletters, invitations or updates about our services. We will only do so if you have opted in to receive such communications. You can opt out of receiving these communications at any time, by clicking on the “unsubscribe” option at the bottom of any marketing email from us, or by sending us an email requesting to be unsubscribed, using the contact details provided at the top of this page.

Complaints

If you believe a breach of this Privacy Policy has occurred, you may contact us by using the contact form on this website, or writing to us using the address provided at the top of this page. We will reply within 30 days. If you are not satisfied with our response, you may contact:

Changes and updates to this Privacy Policy

If we decide to change our Privacy Policy, we will post a copy of the revised policy on our website.

Notification of breach

If we have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, we will immediately assess the situation and take appropriate remedial action. If we still believe that you are at risk, we will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.