Privacy Policy

THIRD CHAIR COUNSELLING

Effective Date: 23 March, 2025.

Your Privacy and Third Chair Counselling (ABN 19 303 523 693) (collectively and individually referred to as “Thid Chair Counselling”, “we”, “us” or “our”).

WHO WE ARE AND HOW YOU CAN CONTACT US

We are Third Chair Counselling and we are based in Victoria, Australia. We are committed to protecting your privacy and respecting and upholding your rights when you use this Site. This Privacy Policy applies to the services and/or products we provide on our Site Third Chair Counselling (“Site”) and our social media channels (if applicable), and explains how we collect, hold, use and disclose data and comply with the requirements of the Privacy Act 1988 (Cth) and constitutes part of our Website Terms & Conditions. This Privacy Policy does not cover information that you submit on other websites, even if we communicate with you on those sites. For example, if you post something on Instagram, Facebook, Pinterest, X, Bluesky or YouTube, that information is governed by the privacy policies on those websites, and is not governed by this Privacy Policy.

You can contact us for privacy-related questions by emailing us at ray@thirdchaircounselling.com OR completing this form.

We will only use your personal information (including if applicable, sensitive information) (personal data/data) in compliance with Australian Privacy Laws (Privacy Act (1988 (Cth)), Australian Privacy Principles and to the extent applicable, with the EU General Data Protection Regulation (GDPR) and any replacement legislation or regulation or guidelines and standards governing the use, storage or transmission of data.

OUR ROLE IN YOUR PRIVACY

If you are a customer, subscriber or just a visitor on our Site, this Privacy Policy will apply to you.

OUR RESPONSIBILITIES

As we are the providers of the products and services on this Site, we determine how and why your data is processed. We do not sell or rent your details to any third parties. We are committed to protecting your privacy and we want you to know exactly what information is collected and how we use it.

YOUR RESPONSIBILITIES

Please read this Privacy Policy and our Website Terms & Conditions. If you provide us with any data relating to a third party, you confirm that you have the right to authorise us to process that data on your behalf in accordance with this Privacy Policy.

WHEN AND HOW WE COLLECT DATA

From the moment you visit our Site, we are collecting data, sometimes you might provide this data by completing a form or setting up an account, otherwise we might collect the data automatically. We may also collect data when:

  • Register as a client with our practice

  • Provide us with information pertinent to counselling

  • We may also collect personal and sensitive information from third-party medical providers, such as general practitioners, mental health services, community health services, and other healthcare providers. This information may be used to provide you with counselling

  • You purchase an online course, webinar, program or service

  • You interact with us on social media

  • You complete any sign-up forms, landing pages or send us a direct message via social media or an email to any of our nominated emails

  • You participate in events, promotions and giveaways or any request for additional data such as client surveys

  • You accept our cookies and tracking technologies, which may include services from third parties that provide analytics, traffic management, content delivery, and load balancing (e.g. CDNs). For more details on the cookies we use, including those from third-party providers that assist with performance, analytics, and functionality, please refer to our Cookie Policy.

TYPES OF DATA WE MAY COLLECT

  • Your contact details (name, address, email, phone number(s))

  • Details of a person you nominate for contact in an emergency

  • Financial Information (bank details when you are making a purchase)

  • Medical information from your third party medical providers with your consent

  • Your business name (sometimes)

  • Basic information about your business and its history (sometimes)

  • Data about the products or services you purchase

  • Data about your experience with our Site and our products and services

  • Data relating to your circumstances and such other information that is relevant to the products or services we provide to you

  • Data relating to your attendance at seminars or other events held by us (including webinars and podcasts)

  • Data that identifies you (your IP address, login, browser type, time zone, browser plugins, geolocation, what operating system and version) - we do not link this with any personal data

  • Data on how you use our Site (URL clicks, products and services views, how long you are on our pages and other actions)

  • We may also collect technical data via third-party services, such as content delivery networks or font services, to improve the performance and functionality of our Site. These services may collect information like IP addresses to ensure proper delivery and functionality.

USE AND DISCLOSURE OF YOUR DATA

Under data laws, we are only allowed to use your data for specific reasons and where we have the legal basis to do so.

We will use your data for the purposes it was collected and related purposes which include:

  • Operating our Site

  • Providing you with counselling

  • Providing you with products, information and services

  • Client and customer support

  • Tracking your purchase history

  • Detecting and preventing fraud

  • Improving our Site

  • Making your experience on our Site more efficient and enjoyable

  • Market research e.g. we may contact you for feedback about our services and products

  • Provide you with information about events, other products or services or opportunities that may be of interest

  • Marketing (with your consent)

  • Monitoring your compliance with our Website Terms and Conditions

Counselling is confidential but with your consent we may disclose your data (including sensitive data) so that you access appropriate healthcare services and treatment:

  • Medical specialists

  • Allied health professionals

  • Community health services

  • Social services

  • Rehabilitation services

We may also use and disclose your personal data for secondary purposes, such as:

  • Quality assurance

  • Research and education

  • Administrative and billing purposes.

  • As required by law subject to our obligations

  • With your consent

  • Within our business

  • To send you marketing material (with your consent)

  • To process your participation in any promotions and giveaways (including contacting you if you win, displaying your name online and on our social media platforms)

  • Share with third parties to enable us to provide our services and/or products

SENSITIVE INFORMATION

Collection of Sensitive Information

We collect sensitive information about our clients with their consent and only for the purposes directly related to their counselling.

The types of sensitive information we may collect includes clients’ personal concerns, relevant details from clients’ medical histories and current health conditions, and any other information required for the provision of counselling.

We collect sensitive information through face-to-face counselling, phone calls, video platforms, online forms, and other secure electronic means.

Use of Sensitive Information:

We use sensitive information for the purpose of providing counselling services for our clients.

Sensitive information may also be used for administrative purposes such as appointment scheduling, billing, and quality improvement activities.

We may use de-identified information for research and statistical purposes, ensuring that patients' identities are protected.

Disclosure of Sensitive Information:

We only disclose sensitive information to other healthcare professionals and organisations involved in the provision of healthcare to our clients. Such disclosures are made on a need-to-know basis and with the patient's consent, except in cases where the law requires or permits the disclosure without consent.

We may disclose sensitive information to government agencies, regulatory bodies, and insurers when required by law or for insurance claims and compliance purposes.

We do not disclose sensitive information to third parties for marketing or commercial purposes.

Data Security and Storage:

We take all reasonable steps to ensure that sensitive information is stored securely and protected from unauthorised access, loss, misuse, or disclosure.

Electronic records are stored in a secure and encrypted manner, and physical records are stored in locked cabinets or secure storage areas.

We regularly review and update our security measures to maintain the integrity and confidentiality of sensitive information.

The unauthorised publishing or sharing of personal data online (commonly referred to as “doxxing”) is strictly prohibited. We take all necessary steps to protect personal data, and any misuse of data may result in legal action, including criminal charges, under Australian privacy law.

META INSIGHTS

In our efforts to continuously improve your experience on our platform, we utilise Meta Insights and Meta Analytics to understand how you interact with our content on our Instagram page www.instagram.com/thirdchaircounselling. This technology helps us to measure and analyse user engagement and effectiveness of our services, ensuring we can enhance our offerings to better meet your needs. For details on how Meta collects and uses your data, we encourage you to review Meta’s Privacy Policy available at https://www.facebook.com/privacy/policy/. Should you prefer to not have personalised as on Facebook based on the data collected, you have the right to modify your ad preferences. This can be done by accessing your Facebook settings and navigating to “Ad Preferences”, where you can adjust your settings according to your preferences.

TURNING OFF COOKIES

Our Site uses cookies and similar technologies to provide certain functionality to our Site. You can turn off cookies by activating the setting in your browser that allows you to do this. You can also delete cookies through your browser settings. If you do decide to turn off cookies, you can continue to use the Site, however, certain services may not work as effectively.

CHOOSING NOT TO PROVIDE PERSONAL DATA

You can choose not to provide us with any personal data. However, if you do this, we will not be able to provide you with any products or services, however, you can continue to use our Site and browse the pages of our Site.

MARKETING

We will always let you know before we collect any data from you what the intended use is and if we intend to use it for marketing and if third parties are involved we will obtain your consent (which you can withdraw at any time). You can change your mind about marketing material by opting out by:

  • completing the contact us form on our contact page; or

  • unsubscribing within the email if you have previously subscribed to our newsletter.

SMS MARKETING AND NOTIFICATIONS

By providing your phone number and opting in to SMS marketing, you agree to receive text messages from us regarding your purchases, promotions, and updates. Message and data rates may apply. You can opt out at any time by following the instructions provided in the messages.

How We Use Your Information for SMS

When you provide your phone number, we collect and store this information for purposes such as managing appointments, sending order updates, promotional offers, and marketing messages. We do not share your phone number with third parties except as required to process your requests or when required by law.

Opt-Out and Data Removal

You can opt out of SMS marketing at any time by replying 'STOP' to any of our text messages. Once opted out, you will no longer receive SMS marketing from us, but you may still receive essential transactional messages regarding your orders.

YOUR RIGHTS

You can exercise your rights at any time by contacting us via the contact us page on our Site www.thirdchaircounselling.com/contact

ACCESSING INFORMATION WE HOLD ABOUT YOU

We will provide you with the information within 30 days of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we can't comply with your request and why.

INACCURATE INFORMATION

You can contact us to ask us to correct any information we hold about you that you believe is inaccurate.

OBJECTIONS TO USING DATA FOR PROFILING OR AUTOMATED DECISIONS

We may use your data to determine what products and services are relevant to you (e.g. tailoring our emails based on your behaviour). Otherwise, the only circumstances in which we will use this data is to provide our products and services to you.

In cases where we use automated systems to make decisions that may impact your rights or interests, we will ensure transparency. Our privacy policy outlines the types of personal data these systems use, the nature of the decisions being made, and the role these systems play in the decision-making process. You may contact us if you wish to know more about how these systems work or to request human review of any automated decision.

THE RIGHT TO BE FORGOTTEN

You have the right to request for your data to be erased. This means we have to delete all information that we hold about you, except to the extent of any information we are required to hold due to our legal obligations.

MAKING A COMPLAINT

If you have any complaints regarding how your data is handled, please contact us via our contact page: www.thirdchaircounselling.com. If you are not satisfied with our response to your complaint, you may seek a review by contacting the Office of the Australian Information Commissioner (OAIC) via their website https://www.oaic.gov.au.

If you are located in the European Union and feel your data has been mishandled, you may lodge a complaint with your local data protection authority, which you can find through the European Data Protection Board (EDPB) at https://edpb.europa.eu/about-edpb/board/members_en.

Under Australian privacy laws, individuals may take legal action for serious invasions of privacy, including intrusion upon seclusion or misuse of private information. If you believe your privacy has been intentionally or recklessly breached, and the invasion is serious, you have the right to seek compensation or other remedies through the courts.

SECURITY OF THE DATA WE COLLECT

We realise that our customers trust us to protect their data and whilst we cannot guarantee the security of any information you transmit to us, or receive from us, we take that task seriously and maintain reasonable and appropriate physical, electronic and procedural safeguards to help protect your data. This includes the following:

  • Firewalls

  • Password access to accounts

  • Storing electronic data with reputable third party storage providers who have appropriate security protections

  • Limit access to personal information to individuals who need to know.

  • Using payment providers who are PCI DSS compliant

  • We do not store your payment details

WHERE WE STORE DATA

We use service providers based in Australia. We may share your data with overseas organisations in countries or under privacy frameworks approved by the Australian Government. These countries are deemed to have privacy protections similar to Australia’s. Where applicable, we take steps to ensure that your data remains protected in line with Australian privacy laws.

HOW LONG WE STORE DATA FOR

We will retain your data for as long as it is reasonably necessary for the purposes for which it was collected, and as required by Australian law. The specific retention period will depend on your interactions with us. If you have made a purchase, we will keep a record of your purchase for the period necessary to fulfill our invoicing and tax obligations as mandated by Australian tax laws. Once we no longer require your information for the stated purposes, we will securely delete it or anonymise any data that is no longer necessary, in accordance with applicable Australian privacy regulations.

THIRD PARTIES WHO ACCESS YOUR DATA

We share data with third parties in the following circumstances:

Other companies in our group of companies, as necessary to operate our Site

Our suppliers and service providers working for us e.g. payment processors such as Stripe and Medipass

  • Our professional and legal advisors

  • Third party medical providers for the purposes of providing healthcare services and treatment

  • Your personal and sensitive information (to the extent applicable) may also be disclosed to government bodies, such as Medicare and Centrelink, for the purposes of claiming and verifying healthcare benefits and entitlements

  • Third parties engaged in fraud prevention and detection

  • Law enforcement or other government authorities

  • Share with third parties who enable us to provide our products and services which may include:

    • payment processors such as Stripe, PayPal, Xero, Shopify who may process your payment for any products and services bought from us;

    • Social media and analytics such as Facebook, Instagram and Google Adwords for purpose of custom audience generation and the development of targeting criteria;

    • Other third parties such as Mailchimp, Klaviyo, Timely, Active Campaign, for processing and holding data that enables us to ensure you are kept informed of all course information, logins and marketing material, offers, promotions, newsletters, blogs and video training.

Where we have your consent to do so or otherwise where we are legally permitted to do so.

PAYMENT SECURITY

All of our real-time credit card authorisations are handled by secure third party gateway providers and these are secured by the highest level of security. The following measures are taken to protect your data:

  • Payments are fully automated with an immediate response.

  • Your complete credit card number cannot be viewed by us or any outside party.

All transaction data is encrypted for storage within our third party gateway suppliers bank-grade data centre, further protecting your credit card data.

Our third party gateway provider is an authorised third party processor for all the major Australian banks.

Our third party gateway provider will at no time touch your funds, all monies are directly transferred from your credit card to the merchant account held by us.

We use third-party gateway providers that are widely respected for providing secure and reliable online payment solutions. We have chosen to deal with the best so you can feel safe that your personal information is kept safe and secure at all times. While we attempt to protect the information in our possession, no security system is perfect, and we cannot promise that information about you will remain secure in all circumstances.

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for all organisations that handle branded credit cards from major card schemes. PCI DSS is a standard mandated by the card brands like Visa, Mastercard, American Express and Discover and is managed by the PCI Security Standards Council.

PCI-DSS requirements help ensure the secure handling of credit card information through our Site and the service providers. We engage Cliniko for our bookings and payment Please see their terms and conditions: www.cliniko.com/policies/terms/

AGE OF CONSENT

By using this site, you warrant that you are at least the age of majority in your State or Territory of residence. Our Site should not be used by anyone under the age of majority, and we do not knowingly collect data from anyone under the age of majority.

COOKIES AND HOW TO BLOCK THEM

Our Site uses cookies and similar technologies to provide certain functionality to our Site. “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies can also be used to analyse traffic and for advertising and marketing purposes. They do not harm your systems and the HELP function in your browser will tell you how to restrict or block the cookies.

You can turn off cookies by activating the setting in your browser that allows you to do this. You can also delete cookies through your browser settings. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. If you use browser settings to block all cookies, you may not be able to access all or parts of our Site.

WEB BEACONS

We may use web beacons (or clear gifs) on our website and in our emails. So basically when we send emails, we can track behaviour such as who opened the emails, who clicked the links and collect information such as your IP address, your browser or email type, we then put this information together to improve the performance of our email campaigns and provide you with better and/or services specific to your needs. You will always have the ability to opt out of any emails we send just click the link in the email that says “unsubscribe”.

GOVERNING LAW

This Privacy Policy and your use of this Site is governed in all respects by the laws of Australia.

UPDATES TO OUR PRIVACY POLICY

Please make sure to check in on our Privacy Policy periodically, as we may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. We will always ensure that the current date of the Privacy Policy also known as the “Effective Date” is prominently displayed at the very top of this Privacy Policy, so you know it's the latest version.