Privacy policy.

Last updated: November 2025

The Derm Clinic ("we," "our," or "us") is committed to protecting your privacy and safeguarding your personal and health information. This policy explains how we collect, use, disclose, store, and protect your information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

A copy of the APPs is available from the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

1. What Personal Information We Collect and Why

Personal Information refers to information or an opinion that can identify you.
We may collect details such as:

  • Your name, date of birth, address, email, and phone number

  • Medical history, current medications, allergies, and previous treatments

  • Clinical photographs and skin imaging (e.g. Canfield NEXA ST system)

  • Health information relevant to your aesthetic or dermatologic care

  • Payment and billing details (if applicable)

We collect this information for the primary purpose of providing safe and effective clinical care, maintaining accurate medical records, and managing our business operations.

Your information may also be used for secondary purposes that are directly related to your care such as reminders, follow-up communication, or internal clinical audit, where you would reasonably expect such use.

With your consent, we may also use limited information for marketing communications (e.g. updates, events, or educational content). You can unsubscribe from these communications at any time.

2. How Information Is Collected

We collect personal and health information in several ways, including:

  • When you complete our online or in-clinic forms

  • During telehealth or in-person consultations

  • Through email, SMS, or social media correspondence

  • When you use our website or Dapple OS patient app

  • From referring practitioners, pharmacies, or laboratories (with consent)

We may also collect information automatically through cookies or website analytics. You can choose to disable cookies through your browser settings.

3. Sensitive Information

Sensitive information (including medical and health data) is collected only where it is necessary for your treatment, or where required by law.

This information will only be used or disclosed:

  • For the purpose for which it was collected (e.g. diagnosis, treatment, or follow-up)

  • For a directly related secondary purpose (e.g. clinical quality improvement)

  • With your explicit consent

  • Where required or authorised by law

4. Third Parties

Where practical, we collect information directly from you. In some cases, we may receive information from other health professionals (e.g. referring doctors, pathology providers). When this occurs, we take reasonable steps to ensure you are aware of the information received and the reasons for its use.

5. Disclosure of Personal Information

Your information may be shared only where necessary to support your care or comply with legal obligations. This includes:

  • Treating practitioners, laboratories, or compounding pharmacies involved in your care

  • Software providers such as Dapple OS (used for secure telehealth and records management)

  • Regulatory or government authorities when required by law

We will not share, sell, or rent your personal data to third parties for unrelated commercial purposes.

6. Security of Personal Information

We maintain rigorous safeguards to protect your information from misuse, loss, unauthorised access, modification, or disclosure.

All electronic records are stored in Dapple OS, a secure, encrypted, Australian-based clinical platform compliant with the Privacy Act and the Australian Digital Health Agency’s requirements.

When information is no longer required for its original purpose, it is securely destroyed or permanently de-identified in accordance with legal and professional standards.

7. Access and Correction

You have the right to access the personal information we hold about you, and to request correction if it is inaccurate or incomplete.

Requests should be made in writing to the contact details below. For security reasons, we may ask for identification before releasing information. There is no fee to access or correct your information.

8. Maintaining Accurate Information

We take reasonable steps to ensure your details remain accurate and current. Please notify us if your personal or health information changes so that we can update your record and maintain safe, effective care.

9. Policy Updates

This Privacy Policy may be updated periodically to reflect changes in practice, legislation, or technology. The most recent version will always be available on our website at www.thedermclinic.com.au.

10. Contact and Complaints

If you have any questions, concerns, or complaints regarding our privacy practices, please contact us at:

The Derm Clinic
Email: admin@thedermclinic.com.au
Address: 15/11–13 Pearl Street, Kingscliff NSW 2487

We take privacy concerns seriously and will respond promptly. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au/privacy/privacy-complaints.