Privacy Policy
Claremont Dental Rooms Pty Ltd (ACN 696 777 143), trading as Claremont Dental Rooms ("we", "us", "our").
Last updated: 13/07/2026
1. About this policy
We are a dental practice. Because we provide a health service and hold health information, we are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), regardless of our turnover.
This policy explains what personal information we collect, why we collect it, who we share it with, and how you can access, correct or complain about it. It applies to patients, prospective patients, website visitors, suppliers and other people we deal with.
We are also bound by professional obligations under the Health Practitioner Regulation National Law and the Dental Board of Australia's codes and guidelines.
2. The information we collect
Personal information Name, date of birth, address, phone number, email address, emergency contact, next of kin, Medicare number, Department of Veterans' Affairs number, private health fund and membership details, concession card details, and (for children) parent or guardian details.
Health information Health information is a type of sensitive information under the Privacy Act and receives higher protection. We collect your dental and medical history, medications, allergies, clinical notes, treatment plans, X-rays, CBCT scans, intraoral scans, clinical photographs, referral correspondence and specialist reports.
Financial information Payment details, invoices, receipts, payment plan and account information. We do not store full card numbers. Card payments are processed by our payment provider.
Employment information If you apply to work with us, we collect your application, resume, references, qualifications and registration details.
Website information IP address, device and browser type, approximate location derived from IP address, pages visited, time on page, referring website, and information collected through cookies and similar technologies. We also use a third party service that seeks to identify individual website visitors. See section 8.
3. How we collect it
We collect information:
directly from you, in person, by phone, by email, or through forms you complete
through our online booking systems
through our website, including any enquiry or contact form
from your other treating practitioners, with your consent, for example referrals, specialist reports and medical history
from Medicare, the Department of Veterans' Affairs, or your health fund, in connection with a claim
from a parent, guardian or authorised representative
from a third party data provider, which may identify you as a visitor to our website even if you do not contact us or fill in a form (see section 8)
through cookies and analytics tools when you use our website
Where reasonably practicable we collect health information directly from you. If we collect it from someone else, we will tell you unless you would reasonably expect that collection or it would be unlawful or impracticable to do so.
4. Why we collect and use it
to provide dental care, including diagnosis, treatment planning and treatment
to communicate with you about appointments, recalls, reminders and results
to bill you and process payments, claims and rebates
to communicate with your other treating practitioners as part of your care
to comply with our legal, professional and record-keeping obligations
to manage complaints, incidents, insurance and legal claims
to run and improve our practice, including our website
to send you practice news and other communications, where you have consented or have not opted out (see section 9)
We will only use or disclose your health information for a purpose other than the one it was collected for if you consent, or if that other purpose is directly related to your care and you would reasonably expect it, or where the Privacy Act otherwise permits or requires it.
5. Anonymity and pseudonymity
You may deal with us anonymously or under a pseudonym where it is lawful and practicable. In most clinical situations this is not practicable, because we need to identify you to treat you safely, keep accurate records, and claim from Medicare or your health fund.
6. Who we disclose your information to
other health practitioners involved in your care, including specialists, dental laboratories, radiologists and your general practitioner
Medicare, the Department of Veterans' Affairs, and your private health fund, for claiming and rebate purposes
our practice management software provider and its hosting infrastructure
our online booking, patient communication and SMS reminder providers
our email communications provider, where you receive practice communications
our payment terminal and merchant services provider
our accountants, insurers, lawyers and professional advisers
our IT support and website providers, who may incidentally access information in the course of maintaining our systems
a third party website visitor identification provider, which receives information about your visit to our website (see section 8)
regulators, courts, tribunals and law enforcement, where required or authorised by law
a purchaser of the practice, if we sell or transfer the business, subject to the Privacy Act
anyone else with your consent
We do not sell your personal information. We do not disclose your health information or clinical records to advertising platforms.
7. Overseas disclosure
Some of the providers we use to run the practice store or process information outside Australia. The countries in which those recipients are likely to be located are the United States, Ireland and the United Kingdom.
In practical terms:
Email. Our practice email runs on Microsoft 365. For tenants provisioned in Australia, Microsoft stores mailbox content, calendar entries and email attachments at rest within Australia. Some related service data may be processed in other countries in which Microsoft operates.
Practice communications and recalls. Our patient email communications provider is based in the United Kingdom and stores contact lists in Ireland. The mail delivery services it relies on are based in the United States.
Website. Our website platform stores website content and form submissions in the United States.
Website analytics and advertising. These providers process information in the United States and in other countries in which they operate.
Website visitor identification. Our provider is likely to store and process information in the United States. We are confirming this with the provider.
Payments and health fund claiming. Payment and health fund information is processed in Australia. Our provider discloses some information to service providers in the United States, Ireland and the United Kingdom.
Clinical records. Your clinical records are held in our practice management system, which runs on secure cloud infrastructure. We are confirming the storage location with our provider and will update this policy when confirmed.
Because you are a patient of a dental practice, the fact that we hold your contact details is itself health information under the Privacy Act. Where your name and email address are held by an overseas provider so that we can send you recalls or practice communications, that is a disclosure of health information to an overseas recipient.
We take reasonable steps to ensure overseas recipients handle your information consistently with the Australian Privacy Principles, including through contractual terms. You should be aware that once information is held overseas it may be subject to the laws of that country, and that we may remain accountable under the Privacy Act for how an overseas recipient handles it.
If you would prefer that we do not send you practice communications by email, you can tell us at any time and we will contact you another way
8. Cookies, analytics and advertising
Cookies. Our website uses cookies and similar technologies. Some are necessary for the site to function. Others help us understand how the site is used, or support our advertising. You can block or delete cookies through your browser settings, though some parts of the site may not work properly if you do.
Analytics. We use Google Analytics to understand how visitors use our website. Google Analytics collects information such as your IP address, the pages you view and how long you spend on them. Information about your use of our website may be transmitted to and stored by Google. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout.
Website visitor identification. Our website uses a third party service that attempts to identify individual visitors, including visitors who do not fill in a form or otherwise give us their details. It uses cookies, your IP address, and technical characteristics of your device and browser to match you against a commercial database maintained by the provider. Where a match is made, we may receive your name, email address and postal address, along with a record of the pages you viewed on our website.
This means that if you browse our website, including pages about particular dental treatments, we may learn who you are and which pages you looked at, even if you never contact us.
You can reduce or prevent this by blocking third party cookies in your browser, using a private or incognito browsing window, or using a browser or extension that blocks tracking scripts. If you would like us to delete any information we hold about your visit, contact our Privacy Officer using the details in section 14 and we will do so.
Advertising. We advertise our practice using Google Ads search advertising. If you reach our website by clicking one of our ads, Google may set a cookie on your device so that we can measure whether our advertising is effective, for example whether an ad click led to an enquiry. We do not use website visitor lists to target advertising at people who have visited our site, and we do not provide patient information to advertising platforms.
If we materially change how we advertise, we will update this policy first.
How to opt out of personalised advertising.
Google: manage or turn off ad personalisation at https://myadcenter.google.com
Industry-wide: https://optout.aboutads.info and https://www.youronlinechoices.com.au
9. Direct marketing and communications
We may send you appointment reminders, recall notices and clinical follow-up. These are part of your care and are not marketing.
We may also send you practice news, health information and offers by email or SMS. Every marketing message will identify us and include a working unsubscribe facility, as required by the Spam Act 2003 (Cth). You can opt out at any time by using the unsubscribe link, replying STOP, or contacting us using the details in section 14. Opting out of marketing will not affect your appointment reminders or your care.
We do not use or disclose your sensitive information for direct marketing without your consent.
10. Security and retention
We take reasonable steps to protect your information from misuse, interference, loss, and unauthorised access, modification or disclosure. These include access controls and individual logins, encrypted storage and transmission, physical security at the practice, staff confidentiality obligations and training, and vetting of our service providers.
We retain adult clinical records for at least seven years from the date of the last entry. For patients treated as children, we retain records until they turn 25. Other records are kept for as long as we need them or as required by law, and are then securely destroyed or de-identified.
If we experience a data breach that is likely to result in serious harm, we will assess it and, where required, notify affected individuals and the Office of the Australian Information Commissioner under the Notifiable Data Breaches scheme.
11. Access and correction
You may request access to the personal information we hold about you, and ask us to correct it if it is inaccurate, out of date, incomplete, irrelevant or misleading.
Requests should be made in writing to our Privacy Officer (section 14). We will respond within a reasonable period, usually 30 days. We may ask you to verify your identity. A reasonable administrative fee may apply to providing access to clinical records, but not to making a request or to a correction.
There are limited circumstances in which we may refuse access, for example where giving access would pose a serious threat to the life, health or safety of any person, or would unreasonably affect another person's privacy. If we refuse, we will tell you why in writing and explain how to complain.
12. Complaints
If you think we have breached the Australian Privacy Principles, please contact our Privacy Officer first using the details below. We will acknowledge your complaint and aim to respond within 30 days.
If you are not satisfied with our response, you may complain to:
Office of the Australian Information Commissioner Phone: 1300 363 992 Website: https://www.oaic.gov.au Post: GPO Box 5218, Sydney NSW 2001
You may also contact the Health and Disability Services Complaints Office (HaDSCO) in Western Australia, or the Australian Health Practitioner Regulation Agency (AHPRA), about the conduct of a practitioner.
13. Changes to this policy
We may update this policy from time to time. The current version is always available on this page, and the date it was last updated appears at the top.
14. Contact us
Privacy Officer Claremont Dental Rooms 3B/206 Stirling Highway, Claremont WA 6010
Phone: (08) 6166 6342 Email: manager@claremontdentalrooms.com.au