Privacy Policy

Advanced Hair Studio

For the purpose of this Privacy Policy, the Advanced Hair Studio group of associated companies is comprised of the following companies:

  • Advanced Hair Studio Pty Ltd ACN 005 245 143
  • Advanced Hair Studio (Franchising) Pty Ltd ACN 006 236 166
  • Advanced Hair Studio of Australia Pty Ltd ACN 005 784 298 (AHSA)

(together and separately (as applicable), AHS, we, us, our).

AHSA conducts a business known as Advanced Hair Direct (AHD) from a website at https://www.advancedhairdirect.online (AHD Website) which is a health platform that facilitates confidential consultations with Australian registered doctors (Doctors) and health professionals (Practitioners) and which sells personal care products and facilitates the supply by mail of medications by independent pharmacies (Pharmacies) which use the platform.

AHS understands that you value your privacy and wish to have your personal information kept secure.

We have developed this Privacy Policy to inform you of how we manage the personal information that we collect about you.

By providing personal information to us, you are taken to have read, and consent to the collection, use disclosure and handling of your personal (including sensitive) information in accordance with this Privacy Policy.

Doctors, Practitioners and Pharmacies may also collect, use and disclose your personal information (including your sensitive information) in similar ways to those described in this Privacy Policy, but subject to their own Privacy Policies. Doctors, Practitioners and Pharmacies are also required to uphold professional standards for the protection of your personal information. Some of the Practitioners who use our platform work for us, and others are operating their own practice independent of us. While we don’t interfere in the way practitioners provide health care services, we require all Practitioners who use the platform to comply with applicable privacy related laws and standards and professional obligations relating to patient confidentiality.

  1. What personal information we collect about you and how we collect it

Personal information has the meaning given to that term in the Privacy Act 1988 (Cth) (Privacy Act) and includes information or an opinion (whether true or not) about an identified individual, or an individual who is reasonably identifiable.

In this Privacy Policy, ‘personal information’ also includes sensitive information, which is defined in the Privacy Act to include information or an opinion about an individual’s racial or ethnic origin, religious beliefs or affiliations, sexual orientation or practices, health information, or genetic information that is not otherwise health information.

We aim to collect personal information only if it is reasonably necessary to providing the service, product or information you have requested from us.

In the course of providing you with products and services, AHS collects personal information in a variety of ways. Unless it is unreasonable or impracticable to do so, we collect your personal information from you directly, including by using cookies on our Website.

In some cases however, we will collect information about you from a third party, including from our franchisees that operate Advanced Hair Studio retail outlets and third party consultants in relation to assessment of hair loss. If you receive goods or services from us under a finance arrangement, we may also collect personal information about you from the finance provider, which includes Certegy Ezi-Pay Pty Ltd.

We may also collect personal information from publicly available sources and third parties, such as suppliers, recruitment agencies, contractors, our clients and business partners and your relatives and representatives.At the time of collection, or as soon as practicable after we have collected it, we will take such steps as are reasonable in the circumstances to notify you of the collection and of any matters relevant to the collection, unless it is obvious from the circumstances that you would know or would expect us to have the information.

AHS may collect personal information about you when you:

  • are a recipient of our products or services, including through face to face or phone meetings with you, when our third party
  • consultants provide us with information about their assessment of your hair loss, when you complete a Minoxidil request
  • complete a form online, or when you complete any other information sheet or form;
  • visit our website, www.advancedhair.com.au (Website) or the AHD Website;
  • make an enquiry about our products and/or services, whether in person, by phone, mail, fax, email or mobile app, either directly to us, or through a franchisee;
  • become a customer or debtor of AHS;
  • ask to be placed on one of our mailing lists;
  • acquire goods or services through our Website or the AHD Website or otherwise;
  • supply goods or services to us; and
  • apply and/or enter into an agreement to become a franchisee of AHS.

When you attend an online consultation with a Doctor or Practitioner through the AHD Website, your treating practitioner will make, hold and maintain your medical records within AHD’s system. Doctors, Practitioners and Pharmacies may also create and hold medical records in their own systems. Any health information held by us will be managed in accordance with the The Health Records Act Victoria (2001) or other relevant State legislation.

In general, you can assume that we may collect and hold the following personal information about you:

  • name;
  • address;
  • email address;
  • telephone number and other contact details;
  • details about you to assist in managing our relationship with you;
  • details of the products or services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;
  • billing and shipping information; and
  • your device ID, IP address and web log in information.

If you are a customer participating in, or enquiring about participating in an AHS program or procedure or obtaining goods or services from the AHD Website, we may also collect your date of birth, height, weight, medical history (which may include information about sexual activity / orientation, religious and other beliefs, ethnicity and genetics where relevant), medicare number, individual healthcare identifier, health care and concession care details, health insurance details, take a photograph of your head and scalp and collect health information about you, including in relation to medication, previous medical conditions or problems, and the ongoing condition of your scalp and hair.

If you receive goods or services from us under a finance arrangement, we may also collect proof of identity documents from you (such as a copy of a bank statement, payslip or power bill), which we collect on behalf of the finance provider, which includes Certegy Ezi-Pay Pty Ltd.

For each visitor to our Website or the AHD Website, we may also collect the following non-personally identifiable information:

  • browser type, version and language;
  • operating system;
  • pages viewed while browsing such websites; and
  • page access times and referring website address.
  1. How We Use Cookies

We may use cookies on some areas of our Website and the AHD Website. A cookie is a small file saved on your computer’s hard drive. When you return to our Website or the AHD Website, the data saved in the cookie is sent back to the website. We use cookies to gauge visitor traffic, trends and to help us serve you more efficiently if you revisit the Website and also to direct marketing to you through social media, emails or letters. The cookies we use in no way give us access to your computer or any information about you, other than the information you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our Website and the AHD Website.

In some cases, third parties may place cookies through our Website or the AHD Website. For example:

  • Google Analytics, one of the most widespread and trusted website analytics solutions, may use cookies de-identified data about how long users spend on this Site and the pages that they visit;
  • Google AdSense, one of the most widespread and trusted website advertising solutions, may use cookies to serve more relevant advertisements across the web and limit the number of times that a particular advertisement is shown to you; and
  • third party social media applications (eg, Facebook, Twitter, LinkedIn, Pinterest, YouTube, Instagram, etc) may use cookies in order to facilitate various social media buttons and/or plugins our Website or the AHD Website.
  1. Purpose of collection

We collect, hold, use and disclose personal information about you primarily to:

  • provide you with the goods, services and information that you request from us;
  • provide you with information about AHS’ products and services;
  • suggest AHS products and services to you;
  • manage our relationship with you;
  • enable you to use and access our Website and the AHD Website;
  • to provide facilities to Doctors, Practitioners and Pharmacies who work with or use AHD so that they can arrange consultations with you and provide services and goods to you;
  • to communicate with you in the event that any services requested are unavailable or if there is a query or problem with a scheduled consultation or an order for goods, or with your subscription;
  • to operate, protect, improve and optimise our website and services, business and our users’ experience, such as to perform analytics, conduct research and quality assurance activities, and for advertising and marketing;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
  • to maintain and update our records including medical records. We aim to provide users with continuity of care which requires that records from one consultation or order are available to Doctors, Practitioners and Pharmacies who subsequently provide you with services or goods;
  • subject to our legal obligations and your rights to unsubscribe, to send you marketing messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting; and
  • to comply with our legal obligations, exercise and defend our legal rights, resolve disputes, and perform and enforce our agreements. Some of the laws under which our obligations and rights in respect of collection of Personal Information arise include the Human Services (Medicare) Act, Healthcare Identifiers Act and National Health Act.

If it is reasonable to expect that we would collect, hold use or disclose your personal information for purposes which are related to the above primary purposes, we may also collect, hold use or disclose your personal information to:

  • assist you with enquiries or complaints;
  • develop and improve our client service and relationships;
  • promote, advertise and market any of our products and services, including to invite you to seminars or events hosted by AHS;
  • to comply with our legal obligations (including to comply with any law or any lawful request of a law enforcement agency or government authority), resolve any disputes that we may have with any of our clients and enforce our agreements with third parties such as your employer; and
  • inform you of developments at AHS and other products or services that we can provide.

Where you do not wish to provide us with your personal information, we may not be able to provide you with requested goods or services or do the other things described in this privacy policy.

We may use information collected through our Website for the purpose of gauging visitor traffic, trends and delivering personalised content to you while you are at our Website. Where possible, we will provide you with a choice to opt-out of any of the above and any of our marketing communications. We will respect your request to decline to receive these marketing communications.

We and/or our carefully selected business partners may send you direct marketing communications and information about the services offered on our Website or the AHD Website. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the information below, or by using the opt-out facilities provided (e.g. an unsubscribe link).

  1. Sharing of your personal information

As well as our franchisees, we may also disclose your personal information to:

  • external providers of services that we may use to operate our business and manage our business systems (for example, this may include file storage service providers, database providers; couriers and/or freight service providers, providers of payment processing and identity verification services and IT technicians who may need access when providing on-site support (although it is our practice for them to work under supervision));
  • third party consultants who assist us in assessing hair loss;
  • our professional advisors and agents;
  • payment systems operators (e.g. merchants receiving card payments);
  • Doctors, Practitioners and Pharmacies (including pharmacists and pharmacy staff);
  • specific third parties authorised by you to receive information held by us;
  • should a Doctor form the professional opinion that a user is at imminent risk of harm, including self-harm, and where it is consistent with his or her professional and ethical obligations to do so, to contact emergency services (such as an Ambulance Service) to request a welfare check or similar intervention; and/or
  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

If you receive goods or services from us under a finance arrangement, we may also disclose personal information about you to the finance provider, which includes Certegy Ezi-Pay Pty Ltd.

We may disclose your personal information to these third parties so that they can assist us with providing the best possible service to you.

Each company in the AHS group of associated companies may also disclose your personal information to other companies within the AHS group of associated companies (which are listed above).

Those companies will be permitted to access only the personal information they need to deliver the service to AHS or to you. AHS takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.

Our Website and the ADH Website are primarily hosted in Australia. From time to time we may engage an overseas recipient to provide services to us, such as cloud-based storage solutions. Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider. However, by providing us with your personal information, you consent to the provision of such information to overseas recipients (such as servers located in the United States of America) and acknowledge that overseas recipients may not be bound by the Privacy Act, and you may not be able seek redress under that Act from them or us.

We will only disclose your personal information overseas (for example, to a third-party service provider or to cloud servers which are based outside of Australia), in accordance with the Australian Privacy Principles (APPs), particularly APP 8. Where we do transfer your personal information to another country, we will ensure that:

  • the receiving person or organisation is subject to a binding agreement to protect that information in accordance with Australian standards; or
  • the receiving person or organisation is subject to a law or a scheme substantially similar to the APPs, including mechanisms for enforcement; or
  • you have provided your prior consent to the disclosure.

Where we do this, we will take reasonable steps to ensure these parties take appropriate measures not to breach the APPs.

The privacy and collection practices of entities to which we disclose personal information are governed by their own privacy policies and collection notices.

Where our Website or the AHD Website contains links to third parties, the collection, use and care of your personal information is governed by that third party’s privacy policy and collection notice.

We will not otherwise disclose information about you unless the disclosure:

  • is required or authorised by law; or
  • you have consented to our disclosing the information about you.
  1. Prescriptions, tokens and active script list (ASL)

Where a prescription is issued to you by a Doctor, AHD offer a range of options for facilitating the dispensing to you of the relevant medications. The manner in which your personal information relating to the prescription is managed will depend on the option you select. We have, or are working towards having, capability for Doctors to issue prescriptions via all channels which are permitted in Australia.

If you opt for a paper prescription, the Doctor will send it to a Pharmacy which uses the platform.  Where the law allows, the Doctor may send a scan, photo or fax of the prescription with the original paper prescription to follow, where required.

‘Tokens’ are unique identifiers – such as a barcode or QR code – for your prescription (also called an e-script). They can be printed or sent by email, SMS or via an app. Your Doctor can send a token to you, or you can elect to have AHD hold and manage the tokens associated with the prescriptions issued by the Doctor(s) on your behalf and forward them to a Pharmacy which uses the AHD platform, (this includes managing tokens relating to repeat prescriptions). Where AHD is holding and managing tokens on your behalf, they will continue to do so unless and until all such prescription(s) (including any repeats) have been dispensed or you revoke your consent. You may at any time require that any tokens held which have not already been dispensed are instead sent to you.

An ASL is a central repository of a patient’s tokens. If you have an ASL, and we are able to do so at the relevant time, tokens for your prescriptions will be added to your ASL unless you ask your Doctor not to do so. Any pharmacy (including any Pharmacy which uses the AHD platform) which dispenses your prescription will need to access your ASL. AHD, Doctors, Practitioners, Pharmacies and third parties may collect, use and disclose information about your prescriptions in accordance with the options you select and the directions you give us as described above.

  1. Quality of your personal information

We aim to ensure that your personal information is accurate, complete and up to date. To assist us in this, you need to provide true, accurate, current and complete information about yourself as requested and properly update the information to us to keep it true, accurate, current and complete.

If you believe that the information we hold is inaccurate or incomplete, please contact us and we will use all reasonable efforts to correct the information.

If we do not believe the information to be incorrect, we will take reasonable steps to add a statement to the information claiming that you believe the information is inaccurate, incomplete, out of date.

  1. Securing your personal information

We may hold your personal information in electronic or hard copy form. We will take reasonable precautions to protect your personal information from misuse, interference and loss, as well as from unauthorised access, modification or disclosure. We use a number of physical, administrative, personnel and technical measures to protect your personal information. For example:

  • our offices are securely locked after hours;
  • all computers have password protection;
  • our office are monitored with a 24 hour security system; and
  • our Website and servers are protected by a firewall.

We take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed.

We may retain your personal information as long as you are registered to the AHD Website. You may close your account by contacting us. However, we may retain personal information for an additional period as is permitted or required under applicable laws. Even if we delete your personal information, it may persist on backup or archival media for an additional period of time for legal, tax or regulatory reasons or for legitimate and lawful business purposes.

  1. Changes to this Privacy Policy

AHS reserves the right to make amendments to this Privacy Policy at any time for any reason. We will publish any updated Privacy Policy on our Website and the AHD Website.

  1. Accessing and correcting your personal information

You have a right to request access to, or the correction of, your personal information that we hold about you, subject to exceptions allowed by law. You may be required to put your request in writing for security reasons.

We will give you access to, or correct, your personal information unless there is a lawful reason for refusing your request for access or correction. If we refuse your request we will give you a written notice explaining our reasons for that refusal and how you may complain about that refusal.

  1. Change in control of AHS

If we sell or otherwise transfer part or the whole of AHS, our assets, or our business to another organisation (including in the course of a transaction like a sale, merger or acquisition or as part of a dissolution, liquidation, administration, receivership or other form of insolvency), you agree that your personal information that is collected by AHS may be disclosed to a third party, prospective buyer, transferee or insolvency practitioner and that this is reasonable to enable that party to continue or manage the business.

  1. Complaints

If you have a complaint about our collection, use or disclosure of your personal information, or you wish to make a complaint about a breach of the APPs, please contact our Privacy Officer at the details set out below.

In your complaint, please set out the details of your complaint and your contact details. Our Privacy Officer will contact you to acknowledge your request and ask for any other applicable information. Our Privacy Officer will then investigate the issue and advise you in writing of the outcome.

You can also make a complaint to the Office of the Australian Information Commissioner. Further information is available at www.oaic.gov.au.

  1. Contacting us

If you have any questions about this Privacy Policy or our privacy practices, would like to make a complaint or request access to or correction of your personal information, please contact us by any of the following means.

Our contact details in respect of any issues in relation to privacy are:

Telephone

For AHD, Email

Post

Attn: Privacy Officer

15-17 Lansdowne Street, East Melbourne, Victoria 3002