Privacy Policy

How we collect, use, and protect your information.

Last updated: 21 May 2026

Westside Eyecare (“we”, “us”, “our”) is committed to protecting the privacy of personal and health information we collect from patients and visitors to our website. This policy explains what information we collect, how we use it, and how we handle it in line with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Health Records Act 2001 (Vic).

Who we are

Westside Eyecare is a boutique optometry practice located at 837B Ballarat Road, Deer Park VIC 3023. The practice is owned and operated by Dr Steven Vu (BVisSc, MOptom), a registered optometrist with the Australian Health Practitioner Regulation Agency (AHPRA).

Information we collect

Much of what we collect is classified as “sensitive information” or “health information” under the Privacy Act and Victorian health legislation. This includes details about your eye health, medical history, prescriptions, and clinical findings. Sensitive information is subject to stricter handling requirements, and we will only collect, use, or disclose it with your consent or where required by law.

The information we collect depends on how you interact with us:

  • When you book an appointment: your name, contact details, date of birth, Medicare details, health fund details, and the reason for your visit.
  • During a consultation: clinical findings, prescriptions, medical history, ocular health records, and any images or measurements relevant to your eye care.
  • When you call or email us: the information you choose to provide.
  • When you visit our website: basic technical information your browser provides (such as IP address and user-agent) that our hosting provider uses to serve the site and protect against abuse. We do not run analytics, tracking pixels, or advertising cookies on this site.

Children and family eyecare

We provide eye examinations and ongoing care for children. For patients under the age of 18, a parent or legal guardian provides consent for treatment and for the collection and handling of their personal and health information. Parents and guardians may access their child's records on their behalf. Records of patients first seen as children are retained until the patient turns 25, in line with Australian record-keeping requirements for minors.

Online bookings

Our online booking system is provided by MyHealth1st, an Australian healthcare booking platform operated by 1st Group Limited. When you book through our website, the booking details you enter are submitted directly to MyHealth1st and are governed by their privacy policy in addition to ours. We receive these details to schedule and prepare for your appointment.

You can review MyHealth1st's privacy practices at myhealth1st.com.au/privacy-policy.

How we use your information

We use the information we collect to:

  • Provide optometry care and clinical advice.
  • Book, confirm, reschedule, and remind you about appointments.
  • Process Medicare, health fund, and HICAPS claims on your behalf.
  • Communicate with other healthcare providers involved in your care, with your consent.
  • Maintain accurate clinical records as required by law and professional standards.
  • Comply with our legal and regulatory obligations, including AHPRA and Optometry Board of Australia requirements.

Who we share information with

We do not sell your information. We may share it only where necessary:

  • With other treating practitioners (such as your GP or ophthalmologist) where this is required for your care and you have consented.
  • With Medicare, your private health fund, or HICAPS to process claims.
  • With our service providers (such as MyHealth1st for bookings, and our practice management software provider), under confidentiality obligations.
  • Where required or authorised by law, including in response to a court order, subpoena, or regulatory request.

My Health Record

Optometrists in Australia can choose to participate in the national My Health Record system. We do not currently upload your records to My Health Record. If our position on this changes, we will notify you and seek your consent before uploading any of your information.

Communications and reminders

We may send you appointment confirmations, reminders, and recall notices for scheduled examinations (such as your two-year eye exam recall). These messages are sent on our behalf through MyHealth1st and are part of providing your care.

We do not currently send marketing communications. If we ever begin to do so (for example, a practice newsletter), each message will include a clear opt-out option in line with the Spam Act 2003 (Cth).

How we store and protect your information

Clinical records are stored in secure practice management software with access restricted to authorised practice staff. Paper records (where they exist) are stored in locked facilities at the practice. We retain health records for the minimum periods required by Australian law, which is generally seven years from your last consultation, or until age 25 for records of patients seen as children.

Our website is served over HTTPS and uses standard security headers to protect against common web attacks. While we take reasonable steps to protect your information, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

Notifiable data breaches

If we experience a data breach that is likely to result in serious harm to any individual whose personal information is involved, we will notify affected patients and the Office of the Australian Information Commissioner (OAIC) in line with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth). We have processes in place to detect, contain, and assess potential breaches.

Cookies

Our website does not set tracking, analytics, or advertising cookies. The MyHealth1st booking widget may set its own cookies when you interact with it, which are necessary for the booking flow to function. You can disable cookies in your browser settings, but this may prevent the booking widget from working.

Accessing and correcting your information

You have the right to request access to the personal and health information we hold about you, and to ask us to correct it if it is inaccurate. To make a request, contact us using the details below. We will respond within a reasonable period, usually 30 days, and may need to verify your identity before releasing information.

Complaints

If you believe we have mishandled your personal or health information, please contact us first so we can try to resolve the issue. If you are not satisfied with our response, you can lodge a complaint with:

  • Office of the Australian Information Commissioner (OAIC) at oaic.gov.au
  • Health Complaints Commissioner (Victoria) at hcc.vic.gov.au

Changes to this policy

We may update this policy from time to time. The date at the top of this page indicates when it was last revised. We encourage you to review it periodically.

Contact us

For any privacy-related questions or requests:

Westside Eyecare

837B Ballarat Road, Deer Park VIC 3023

Phone: (03) 9361 2777

You can also visit our contact page for more ways to reach us.