Mirra Skin Aesthetic Clinic – Privacy Policy
 

Last updated: December 2025

 

Legal Disclaimer
 

The explanations and information provided on this page are general and high-level and are not legal advice. You should not rely on this policy as legal advice or as recommendations regarding your specific legal obligations.
We recommend seeking legal counsel to ensure this Privacy Policy complies with all relevant laws and fits your business operations.

​

​

1. Introduction

​

This Privacy Policy outlines how Mirra Skin Aesthetic Clinic collects, uses, stores, processes, and protects the personal information of clients and website visitors (you).

We are committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our website, booking an appointment, or providing personal information, you agree to this Privacy Policy.

​

​

2. Information We Collect

​

We may collect the following information:

a. Personal Details

• Name

• Email address

• Phone number

• Residential/postal address

b. Health & Consultation Information

• Medical history

• Skin conditions and treatment suitability

• Consultation forms and consent forms

• Patch test results

• Treatment notes

c. Treatment Images

• Clinical photographs taken before, during or after treatment

• Progress images for medical documentation

d. Payment Information

• Payments made online, in clinic, or over the phone

• Tokenised or partial card details stored via TimelyPay

• Transaction details and purchase history

e. Website & Digital Information

• IP address

• Cookies

• Browsing activity

• Online form submissions

​

​

3. How We Collect Information

​

We collect information when you:

• Book an appointment online, in person, or over the phone

• Complete consultation or medical forms

• Make a purchase or payment

• Provide information during treatment

• Subscribe or submit forms via our website

• Use our website or interact with our digital platforms

​

​

4. How We Use Your Information

​

We use your information to:

• Manage appointments and client accounts

• Assess treatment suitability and ensure safety

• Deliver treatments and monitor progress

• Process payments for services and products

• Communicate confirmations, reminders, and aftercare

• Improve service quality and customer experience

• Comply with legal and regulatory requirements

​

​

5. Payment Processing & Credit Card Storage (TimelyPay)

​

• Payments made online, in clinic, or over the phone may be processed using TimelyPay, a secure third-party payment platform.

• When you store a card on file for bookings or cancellation security, the information is encrypted and securely held by TimelyPay.

• We do not have access to your full credit card number, CVV code, or complete payment details.

• We only receive limited tokenised details (e.g., last 4 digits) for identification.

• TimelyPay complies with PCI-DSS security standards for handling payment data.

• If you do not wish to store your card details on our system, you will be required to pre-pay for your services in full.

​

​

5A. Treatment Images, Photography & Medical Records

​

• Clinical photographs may be taken during consultations or treatments to document your skin condition and treatment progress.

• These images are part of your confidential medical record and are stored securely in your client file.

• They are used only for medical, diagnostic, and internal reference purposes.

• We will not use or share your images for marketing, social media, or promotional purposes without your written Photo Release Consent.

• You may choose not to consent to photo release. This will not affect your ability to receive treatment.

​

​

6. Sharing Your Information

​

We do not sell or rent your personal information.
We may share data with trusted third parties when necessary, such as:

• Payment processors (e.g., TimelyPay)

• Booking and record-keeping systems

• IT and website service providers

• Insurers, legal authorities, or regulators where required by law

All third-party providers are required to meet strict privacy and security standards.

​

​

7. Security of Your Information

​

We take reasonable steps to protect your information from:

• Loss

• Misuse

• Unauthorised access

• Modification

• Disclosure

This includes secure digital systems, encrypted payment handling, restricted staff access, and password-protected records.

​

​

8. Your Rights

​

Under Australian privacy law, you have the right to:

• Access the personal information we hold about you

• Request corrections to inaccurate or outdated information

• Request restrictions on how your information is used

• Request deletion of personal information (where legally permitted)

Requests can be made by contacting us directly.

​

​

9. Data Retention

​

We retain personal information only for as long as necessary for:

• Client care

• Medical record legal requirements

• Tax, administrative, or audit obligations

When no longer required, information is securely destroyed or de-identified.

​

​

10. Children & Minors

​

We do not knowingly collect information from individuals under 18 without parental or guardian consent.
If such data is inadvertently collected, we will delete it upon discovery.

A parent or guardian must be present at all appointments for minors. 

​

​

11. Cookies & Website Tracking

​

Our website may use cookies and analytics tools to improve user experience and performance.
You may disable cookies in your browser settings, though some website features may not function fully.

​

​

12. Updates to This Privacy Policy

​

We may update this Privacy Policy from time to time.
Any changes will be posted on this page, and your continued use of our website indicates acceptance of updated terms.

​

​

13. Contact Us

​

For privacy-related enquiries or requests, please contact:

Mirra Skin Aesthetic Clinic
Email: msac.reception@gmail.com
Phone: 0387423271
Address: Shop 2, 19 Synnot Street, Werribee 3030 VIC, Australia