With Grace Skin Management - Data and Privacy Policy
Effective Date: 1st April 2025. Last Updated: 12th March 2025.

At With Grace Skin Management, we are committed to safeguarding your personal information and ensuring your privacy is respected. This Data and Privacy Policy outlines how we collect, use, store, and protect your data, as well as your rights regarding your personal information. Our policy is in compliance with Australian Privacy Principles under the Privacy Act 1988 and other relevant Australian regulations.

We believe in transparency, and we want our clients to be fully informed about how their data is handled. By engaging with our services, you agree to the practices outlined in this policy.

1. Information We Collect. We may collect and process the following types of personal data:

Personal Identification Information: This includes your name, contact details (email, phone number), and date of birth.

Medical and Skin History: Details about your skin type, previous treatments, medical history, allergies, and any other information relevant to providing skincare services.

Treatment and Product Information: Records of the treatments you have received, products purchased, and the results.

Financial Information: Information related to your purchases, including payment details (processed through secure payment systems).

Demographic Information: Information like gender, location, and preferences to improve our services. We collect this information only when it is necessary for the provision of services, ensuring that it aligns with your treatment and experience at With Grace Skin Management

2. How We Use Your Information. The information we collect is used solely for the purpose of providing, improving, and personalizing our services. Specific uses include:

Providing Treatments and Services: To ensure we can deliver personalized skincare treatments and products that are safe and effective for you.

Client Communication: To send appointment reminders, updates about services, promotions, or follow-up communication regarding your treatments and progress.

Administrative and Legal Requirements: For billing purposes, compliance with regulations, and maintaining client records as required by law.

Marketing and Engagement: To inform you about new products, services, or promotions, but only if you have not opted out of receiving such communications.

Feedback and Improvement: To gather feedback on your experience to improve our services and customer satisfaction.

3. Consent and Control Over Data Sharing. We value your control over your personal data and offer you the following options:

Opting in or out of Photo Sharing: We may request photos to track the progress of treatments or showcase results. You will always have the option to opt-in or opt-out of sharing these photos publicly or within our clinic. We will not use or share your photos for promotional purposes without your explicit consent.

Opting in or out of Marketing Communications: You can choose whether to receive marketing emails, newsletters, or promotions from us. You will be asked to opt-in to these communications, and you can withdraw your consent at any time by unsubscribing via email or contacting us directly.

Access and Correction: You have the right to access the personal information we hold about you, and you can request corrections if any information is inaccurate or incomplete. You may change your preferences regarding data sharing at any time by contacting us.

4. Data Storage and Retention. We will retain your personal data for as long as it is necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law or regulation. After this period, your data will be securely disposed of or anonymized.

Retention Period: Your personal data will be retained for no longer than 12 months after the last interaction with our services unless otherwise required for legal or operational purposes. We ensure that all data is stored securely using industry-standard encryption and access controls to prevent unauthorised access.

5. Security of Your Data. We are committed to protecting your personal information. We have implemented appropriate technical, physical, and organisational measures to safeguard your data from unauthorised access, loss, alteration, or destruction. These measures include secure storage, access restrictions, regular security audits, and staff training on data protection.

6. Sharing of Your Data. We will never sell, trade, or rent your personal data to third parties. We may, however, share your information with third-party service providers who help us operate our clinic (e.g., payment processors), but only to the extent necessary for them to perform their services. These third parties are contractually obligated to protect your data and are prohibited from using your data for any other purpose. We will only disclose your personal data to government authorities or other organizations if required by law, or if you have consented to such a disclosure (e.g., in the case of sharing information for legal or insurance purposes).

7. Privacy Rights Under Australian Law. As a client, you have the following rights under the Privacy Act 1988 and Australian Privacy Principles:

Right to Access: You have the right to request access to the personal data we hold about you.

Right to Correction: You can request corrections to any inaccurate or incomplete information.

Right to Erasure: You have the right to request that we delete your personal data, provided we have no legal obligation to retain it.

Right to Opt-out of Marketing Communications: You may withdraw your consent to receive marketing communications at any time.

Right to Lodge a Complaint: If you believe your privacy rights have been violated, you can lodge a complaint with us or the Office of the Australian Information Commissioner (OAIC).

8. Contacting Us. If you have any questions or concerns regarding your personal data or this policy, please contact us using the following details:

With Grace Skin Management

44 Smith St, Collingwood VIC 3066

(03) 9417 5312

hello@withgraceskinmanagement.com

9. Updates to This Policy. We may update this Data and Privacy Policy from time to time to reflect changes in our practices or in response to legal or regulatory developments. Any updates will be posted on this page, and the effective date will be updated accordingly. We encourage you to review this policy regularly to stay informed about how we protect your privacy.

10. Acknowledgment. By engaging with With Grace Skin Management, you acknowledge that you have read and understood this Data and Privacy Policy, and you consent to the collection, use, and storage of your personal data in accordance with the terms outlined herein. Thank you for trusting With Grace Skin Management with your skin and personal information. We are dedicated to protecting your privacy and ensuring you have a positive and secure experience with us.