Invoke Spirit Privacy Policy
1. Introduction
This website, www.invokespirit.com, is owned and operated by Invoke Spirit [ABN 24411415241]. If you have any questions or need further information, please contact:
Leah Foley invoke.spirit@gmail.com
This Privacy Policy lets you know how your personal information is managed when you interact with this site. As a general overview, I aim to:
Leah Foley invoke.spirit@gmail.com
This Privacy Policy lets you know how your personal information is managed when you interact with this site. As a general overview, I aim to:
- voluntarily comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Act).
- comply with the General Data Protection Regulations (GDPR), especially for visitors from the EU.
2. Personal Information
Note that if you engage with this website and any available opt-in forms, or choose to become a client via links on this site, the following kind of personal information may be collected:
- CONTACT DETAILS
- Name and email address
- Phone number (optional)
- PREFERENCES
- Your opinion about future topics or services that may interest you
- Information that allows me to tailor my content to be more relevant or interesting, when signing up for any promotional events
- INTERNET
- With your consent, I may collect your IP address and information about your browsing history to help me improve the appeal of my website
3. Collection & Use
Personal information is collected via:
This information is used to provide you with relevant news or the freebie/service you requested.
Your personal information is only collected:
- Opt-in forms (such as signing up to my email list, or freebies)
- Paying for a service
- Google analytics
This information is used to provide you with relevant news or the freebie/service you requested.
Your personal information is only collected:
- with your full awareness and consent, such as when you email me, tick a checkbox or fill in a form to provide the information
- if I’m legally required to collect it
- for necessary administrative processes if you become my client
- in order to provide you with information or services that you request
- if I believe that I can demonstrate a legitimate interest in using your data for marketing purposes, although I will always give you a choice to opt out. This does not include any personal identifiers unless I get your consent first.
4. Sensitive Information
Some personal information is particularly sensitive and I respect that.
Sensitive information will only be collected by methods that are reasonably secure, such as:
The reason why I collect this information is so that I can provide you with appropriate services you have requested or have booked in for.
This may include:
I’m committed to securely storing and handling your sensitive information. This means:
Sensitive information may be collected from children under the age of 18 under the following circumstances:
All information collected from minors is securely stored in accordance with this privacy policy.
All archived sensitive information may be securely destroyed after a minimum of 5 to 7 years.
Sensitive information will only be collected by methods that are reasonably secure, such as:
- My intake form in Acuity when you book an appointment
- In a Zoom consultation
- Any health history forms when booked in for sessions that require this
- When you send me information in an email or personal message via social media
The reason why I collect this information is so that I can provide you with appropriate services you have requested or have booked in for.
This may include:
- your medical history, including injuries, medication, diagnosis, family history, etc
- your birth date
- your home and email address
I’m committed to securely storing and handling your sensitive information. This means:
- I keep sensitive information on a non-publicly shared computer data storage
- I only have access to this data
- I will only send information to another health practitioner/professional with your consent or if legally required to do so
- I don’t store sensitive data in the cloud
Sensitive information may be collected from children under the age of 18 under the following circumstances:
- in the presence of their parents/guardian
- with their parent or guardian’s full consent
All information collected from minors is securely stored in accordance with this privacy policy.
All archived sensitive information may be securely destroyed after a minimum of 5 to 7 years.
5. Professional Considerations
I owe you a professional duty of confidentiality and take this seriously. You may choose NOT to provide your personal information however please note that this may limit the service that I can provide for you.
6. Use of Personal Information
Reasons why your personal information may be disclosed is under the following circumstances, but not limited to:
This means I may need to share some relevant personal information on a strictly need to know basis, such as with Australia Post or courier companies.
Your information will also be disclosed if required by law to do so or in circumstances permitted by the Privacy Act – for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.
If you have any concerns regarding the disclosure of your personal information, please feel free to get in touch and discuss this with me personally.
I’ll use all reasonable means to protect the confidentiality of your personal information while in my possession or control, and will not knowingly share any of your personal information with any third party other than the service providers who assist me in providing the information and/or services I’m providing to you.
To the extent that I do share your personal information with a service provider, I would only do so if that party has agreed to comply with our privacy standards as described in this privacy policy. However, some of my service providers may be overseas and may not be subject to Australian Privacy Laws or compliant with GDPR. Please contact me if you have any concerns about the potential disclosure of your information.
- if things need to be sent to you via mail (rare)
- to provide you with services you have requested or purchased
This means I may need to share some relevant personal information on a strictly need to know basis, such as with Australia Post or courier companies.
Your information will also be disclosed if required by law to do so or in circumstances permitted by the Privacy Act – for example, where I have reasonable grounds to suspect that unlawful activity, or misconduct of a serious nature, that relates to my functions or activities has been, is being or may be engaged in, and in response to a subpoena, discovery request or a court order.
If you have any concerns regarding the disclosure of your personal information, please feel free to get in touch and discuss this with me personally.
I’ll use all reasonable means to protect the confidentiality of your personal information while in my possession or control, and will not knowingly share any of your personal information with any third party other than the service providers who assist me in providing the information and/or services I’m providing to you.
To the extent that I do share your personal information with a service provider, I would only do so if that party has agreed to comply with our privacy standards as described in this privacy policy. However, some of my service providers may be overseas and may not be subject to Australian Privacy Laws or compliant with GDPR. Please contact me if you have any concerns about the potential disclosure of your information.
7. Security
All reasonable physical, technical and administrative safeguards are taken to protect your personal information from misuse, interference, loss, and unauthorised access, modification and disclosure.
These risks are managed by:
As mentioned previously, your personal information may also be stored with a third-party provider, where it will be managed under their security policy:
From time to time I may combine information provided by you with information gathered from:
If you do not wish this to occur, please contact me.
These risks are managed by:
- storing files in a secure location
- ensuring that only I have access to sensitive information
- releasing information to service providers on a strictly need-to-know basis, and
- conducting regular audits of my security systems (including virus/malware protection).
As mentioned previously, your personal information may also be stored with a third-party provider, where it will be managed under their security policy:
From time to time I may combine information provided by you with information gathered from:
- Facebook/LinkedIn
- Google Analytics
- personal contacts
If you do not wish this to occur, please contact me.
8. Access to Information
You can contact me to access, correct or update your personal information at any time. Unless I’m subject to a confidentiality obligation or some other restriction on giving access to the information which permits me to refuse you access under the Privacy Act, and believe there is a valid reason for doing so, I will endeavour to make your information available you within 30 days.
Begin the process by sending an email requesting access to your information to me at invoke.spirit@gmail.com and I will do my best to respond within 7 days.
Begin the process by sending an email requesting access to your information to me at invoke.spirit@gmail.com and I will do my best to respond within 7 days.
9. Complaints
If a breach of this Privacy Policy occurs, or if you wish to a request a change to your personal information, you may contact me by sending an email outlining your concerns at invoke.spirit@gmail.com and I will do my best to respond within 48 hours.
If you are not satisfied with my response to your complaint you may seek a review by contacting:
If you are not satisfied with my response to your complaint you may seek a review by contacting:
- the Office of the Australian Information Commissioner using the information available at http://www.oaic.gov.au/privacy/privacy-complaints
- the health ombudsman in your state or territory.
10. Notification of Change
If I decide to change my Privacy Policy, I will post the most up-to-date copy on my website.
11. Notification of Breach
If I have reason to suspect that a serious data breach has occurred and that this may result in harm or loss to you, I will immediately assess the situation and take appropriate remedial action. If I still believe that you are at risk, I will notify the Office of the Information Commissioner and either notify you directly, or if that is not possible, publicise a notification of the breach on this website.