PRIVACY

PRIVACY POLICY

Last updated: April 2026

Concord Eyecare takes the privacy of your personal and health information seriously. This policy explains what we collect, how we use it, how we protect it, and the rights you have over your own information. It applies to everything we do — in the practice, over the phone, through our website, and in our online shop.

About Concord Eyecare

We are an independent optometry practice at 161 Concord Road, North Strathfield NSW 2137. Our team includes three therapeutically endorsed optometrists: Dr Mark Joung, Dr Vivian Li, and Dr Nikki Peng. Throughout this policy, "we", "us", and "our" refer to Concord Eyecare.

We comply with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) and the Health Records and Information Privacy Act 2002 (NSW).

What information we collect

The information we collect depends on how you interact with us.

Personal information. Your name, date of birth, address, phone number, email address, emergency contact details, Medicare number, health fund details, and payment information.

Health information. Under Australian privacy law this is treated as "sensitive information" with stricter protections. It includes your medical and ocular history, current medications, eye and general prescriptions, clinical test results and images (including retinal photos, OCT scans, and corneal topography), treatment plans, consultation notes, and information exchanged with other practitioners involved in your care.

Website information. Your IP address, browser type, pages visited, time spent on the site, information entered into contact forms or the booking system, and cookies.

Shop information. Product orders, delivery addresses, and payment processing details. Your full card details are handled by our secure payment provider — we don't store them.

How we collect information

We collect information directly from you wherever reasonably possible — when you book an appointment, attend a consultation, fill out forms, or make a purchase.

We also collect information from:

  • Other healthcare providers involved in your care, with your consent or as permitted by law
  • Medicare and your health fund when processing rebates and claims
  • Our website automatically (cookies, analytics)
  • Third-party services we use to run the practice (our booking system, practice management software)

We only collect information from sources other than you when it's necessary for your care or required by law.

How we use your information

We use your information to:

  • Provide optometry services — consultations, eye tests, treatments, and dispensing of eyewear and contact lenses
  • Communicate with you about appointments, recalls, test results, and follow-up care
  • Process Medicare claims and health fund rebates
  • Refer you to other practitioners when appropriate
  • Maintain clinical records as required by law and professional standards
  • Process online shop orders
  • Run our website and understand how visitors use it
  • Send marketing communications only if you've opted in
  • Comply with our legal and professional obligations under AHPRA, Medicare, and Australian law

Who we share your information with

We share your information only where it's necessary for your care, required by law, or with your consent. This may include:

  • Other healthcare providers involved in your care — your GP, referring doctors, ophthalmologists, and other optometrists if you transfer care
  • Medicare and your health fund, to process rebates and claims with your authorisation at the time of service
  • Our practice management system (Optomate) which stores your records under healthcare-grade security
  • Our online booking provider (MyHealth1st) for appointment scheduling
  • Our payment processor for card transactions
  • Our lens manufacturers when we order custom prescription lenses — we share prescription and measurement information only, not broader medical history
  • Our shop delivery partners, to fulfil online shop orders
  • Regulators, courts, or law enforcement where legally required

We do not sell your information. We do not share your information with advertisers or third parties for their marketing purposes.

How we store and protect your information

Your clinical records are held in Optomate, a practice management system with healthcare-grade security, access controls, and audit logs. Only authorised staff can access your information, and only for purposes related to your care or practice administration.

Our website uses HTTPS encryption. Our online shop payments are processed through a PCI-compliant payment gateway.

Our team is trained in privacy obligations and we review our processes regularly. No system is perfectly secure, but we take all reasonable steps required under Australian privacy law to protect your information against loss, misuse, and unauthorised access.

How long we keep your records

Under Australian health records law, we keep clinical records for a minimum of:

  • 7 years after your last consultation, for adult patients
  • Until the patient turns 25, for patients who were minors when the record was created

Some records are kept longer where there's an ongoing clinical relationship or a legal obligation to retain them.

Non-clinical information (website data, shop orders) is kept only as long as it's needed for the purpose we collected it, or as required by tax and consumer protection law.

Your rights over your information

Under Australian privacy law, you have the right to:

  • Access your information — you can request a copy of your clinical records at any time
  • Correct your information if something is inaccurate, incomplete, or out of date
  • Transfer your records to another practitioner if you change providers
  • Opt out of marketing communications at any time
  • Make a privacy complaint if you believe we've handled your information incorrectly

To request access to or correction of your records, contact us using the details at the bottom of this page. We may charge a reasonable fee to cover the cost of preparing records — particularly for large files — and we'll always tell you what the fee is before we proceed.

Cookies and online tracking

Our website uses cookies — small text files stored on your device — to help the site function and understand how visitors use it.

We use:

  • Essential cookies required for the website to work
  • Analytics cookies (Google Analytics 4) to understand website traffic and improve content
  • Booking system cookies to handle appointment requests through our booking widget

You can turn cookies off in your browser settings, but this may affect how parts of our website work. We don't use cookies for advertising and we don't track you across other websites.

Marketing and recall communications

We may send you:

  • Appointment reminders and clinical recall notices — these are a core part of eye care and continue unless you specifically request otherwise
  • Practice updates relating to your care
  • Marketing communications such as newsletters, health content, or offers — only if you have opted in

Every marketing email includes an unsubscribe link. You can opt out at any time without affecting your ability to receive clinical care or appointment reminders.

Overseas storage of data

Some services we use — including analytics, email, and cloud storage — may store data outside Australia, typically in the United States or Europe. When we use overseas services, we take reasonable steps to ensure they meet Australian privacy standards.

Changes to this policy

We review this privacy policy periodically and may update it as our practices or the law change. The "Last updated" date at the top of the page shows when it was last revised. If we make significant changes, we'll highlight them at the top of this page when you next visit.

Making a privacy complaint

If you believe we've handled your information incorrectly, please contact us first. We'll investigate your concern and respond within 30 days.

If you're not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC):

  • Phone: 1300 363 992
  • Website: oaic.gov.au

For complaints about health records specifically, you can also contact the NSW Information and Privacy Commission:

  • Phone: 1800 472 679
  • Website: ipc.nsw.gov.au

Contact us about privacy

Questions about this policy or how we handle your information?

Concord Eyecare

161 Concord Road, North Strathfield NSW 2137

Phone: (02) 8765 9600

Email: info@concordeyecare.com.au