ORO Aesthetics ("we," or "our") is committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of your information in accordance with the requirements of the Commonwealth Privacy Act, and the Australian Privacy Principles (APPs).

We may collect the following types of personal and health information:

- Identification information: This includes your name, contact information (email address, phone number, and address), and other identifiers that can be used to identify you.

- Sensitive information: This includes details of your other doctors, as well as information about your medical history (including previous cosmetic procedures and previous complications, but also including any surgical history including scarring), current health conditions, presenting issues, treatments, prescriptions, and other health-related data. We may also seek some brief family history which is relevant to the potential for complications.

We will only collect information that is necessary for us to provide our services, administer our business, or comply with our legal obligations.

We collect personal information and health information in the following ways:

1. Directly from you: We will ask you for information directly to assist us in the consultation and procedures, by filling out forms and during the consultation.

2. Healthcare providers: We may receive information from general practitioners, other specialists, and health services (including hospitals) who may have been involved in your care.

3. Third parties: We may receive information from health insurers, government agencies, and others when required by law.

We may also collect non-personal information provided to us by your browser when you visit our website, for example; the website you came from, your location information, IP address, web browser and/or device type and the time and date of access.

We collect personal information and health information for the following purposes:

- Providing cosmetic services and treatment to you, including ensuring that the procedure aligns with your best interests and understanding the risks of specific procedures.

- Managing your health records and history.

- Billing and administrative purposes.

- Complying with legal and regulatory requirements, including reporting adverse events or responding to complaints.

If you do not consent to us receiving this information, we will be unable to assess whether our services (and which of our services) are (most) likely meet your stated needs and will therefore be unable to provide treatment.

We may also use and/or disclose your personal information for other purposes which are required or permitted by law. This may include for a secondary purpose that is related to a purpose for which we collected it, and for which you would reasonably expect us to use or disclose your personal information.

We may disclose personal information and health information to:

- Health services (including general practitioners, other specialists and hospitals) involved in your care, in particular those who may need this information if you are experiencing an adverse effect from the products we have supplied;

- entities who assist us to provide services (including website hosting services, data storage providers and debt collectors);

- Government agencies if required by law; and

- Third parties with your explicit consent.

We will not disclose your personal information on social media or our website without your express, informed consent.

We store your information on specialist clinical practice software, operated by a reputable provider.

We take appropriate steps to protect your personal and health information from unauthorised access, disclosure, alteration, and destruction. We use secure methods of data transmission, encryption, and access controls to safeguard your information.

We only hold your personal information for the period necessary to meet our legal obligations. We delete your information seven years after the date on which you last see us.

You have the right to:

- access your information; and

- correct your personal and health information held by us.

To obtain access or if you believe that any information that we hold about you is inaccurate, incomplete, or not up-to-date, please contact us at info@oroaesthetics.com.au to access or update your information. We may require you to verify your identity and to specify what information you require. Administrative charges may apply to such requests.

If you have concerns about our handling of your personal and health information, please contact us at info@oroaesthetics.com.au. If you remain unsatisfied, you can contact the Office of the Australian Information Commissioner (OAIC) on 1300 363 992.

If you have any questions or concerns about this Privacy Policy or the way we handle your personal and health information, please contact us at info@oroaesthetics.com.au.