Last updated 11th of March, 2020.
Plain speak summary
The details below this section are all pretty “jargon heavy” and so we wanted to do a quick explanation in regular language for anyone that’s interested.
The point of www.activebodiesphysiotherapy.com.au is to give our clients an easy place to find out about our health services and make bookings. We also use the website to find new clients and educate people in general about physiotherapy related topics.
We aim to always use the most up-to-date information but, like any health services, you need to carefully decide whether it applies to your own situation, and always seek advice before implementing anything new.
As far as data goes, we use Google Analytics and Google Adwords to better understand our traffic and find new clients, and these services both place cookies on your computer. We have anonymised this data within our Google account.
We also use some WordPress plugins that collect some data. For example, our security plugins are designed to detect and block users that it deems to be a threat. To do this, it needs to look at IP addresses and other browser activity. This is all very standard on the Internet.
We never ever share your data without permission, and we don’t collect anything personally identifiable unless you make a booking to come and see one of our staff. Understandably we then need things like your name, phone number and other details.
Our clients are our most important asset. As health professionals we care most about your well being, and that continues all the way to our website. If you have any concerns or questions just get in touch and we’ll do our best to answer.
When we collect personal information from an individual, we will ensure that we do so in a fair manner and that we let the individual know where and how to contact our organisation. We will only collect information that is necessary for one or more of our functions or activities.
We will advise individuals of the purpose for which their personal information is collected.
By providing us with your contact details you consent to us contacting you in the future with relevant information to our company services.
If we collect sensitive information (as defined under the Act), we will treat it with the utmost security and confidentiality. We will ensure that it is not collected for any purposes, other than those for which we have obtained the individual’s consent, unless the law requires otherwise, or other exceptional circumstances prevail as described under the Act.
Where an individual chooses not to provide requested information, we will advise that individual of what consequences this non-disclosure may have. For example, withholding certain information may limit our ability to provide relevant offers or services to individuals.
We will only disclose personal information in accordance with the Privacy Act.
This means that personal information may be disclosed:
- For the purposes for which we have advised that we are collecting it, and for related purposes that the individual would reasonably expect
- Where we have the consent of the individual to do so
- As required by law
- Under other circumstances where permitted under the Act
- In the course of our business activities, we may need to disclose some of your personal information to relevant staff.
Unauthorised Disclosure Or Access
Our practice is committed to protecting the privacy of individuals, we will view unauthorised disclosure of, or access to, personal information by our employees or contractors, as a serious breach of this policy. Appropriate action (which may include disciplinary or legal action) will be taken in such cases.
We will always provide individuals with a nil-cost way of contacting us to register a request to “opt-out” from receiving any product offers.
Access To Personal Information
Individuals will be able to access their personal information upon request. However, our practice may occasionally need to deny access to information in accordance with the exemptions contained in the Act.
Our goal is to protect the personal information collected by our practice) and its associations. Personal information will be managed confidentially and securely and destroyed appropriately when no longer required.
We will monitor and implement appropriate technical advances or management processes, to safeguard personal information.
We will take all reasonable steps to ensure that the data we collect, use or disclose is accurate, complete and up to date, and has been obtained directly from individuals or other reputable sources.
Privacy related inquiries or concerns can be directed to our practice.
Availability And Review Of Policy
This policy will be reviewed from time to time and any amendments will be incorporated into the updated policy.
GDPR Privacy Notice
Active Bodies Physiotherapy Pty Ltd
Active Bodies Physiotherapy Pty Ltd is committed to protecting your personal information and this privacy notice relates to our use of your personal information collected from you either in person, by letter, e-mail or over the telephone. It also relates to information about you that is shared with us from someone else e.g. your doctor, solicitor, insurance company, employer or case management company.
‘Personal data’ means any information that is identifiable about you.
‘Special categories personal data’ means ‘sensitive data’ such as health data.
‘We’ means Active Bodies Physiotherapy Pty Ltd.
We collect and process data because we have a legal or contractual obligation to do so and we ensure that it is adequate, relevant and limited to what is necessary to provide a health care service to you.
What information we collect
We collect and process information when you telephone the clinic to make an enquiry or appointment, when you email us, when we receive a referral about you, or if you visit the clinic in person.
At the point of enquiry or booking we will ask you for personal data:
- Full name
- Date of birth
- Telephone number, either landline or mobile or both
- E-mail address
- Health condition outline
Our lawful basis for processing your general personal data is contractual in order to be able to offer you a health care service, appointments and billing.
At your appointment at the clinic, we may ask for information regarding:
- General health
- Previous health
- Social, personal and employment history relevant to your case
- Information regarding the condition you are seeking advice about
- Activities you undertake
- Medication you take
- We will also record the findings of your physical assessments and continue to keep a record of your treatments each time you attend the clinic.
We may access information about medical investigations (scans and X-ray) via your GP or medical advisor.
Our lawful basis for processing your special categories of personal data is a legal obligation as we have to fulfil documentation criteria to meet professional standards.
How we use this information.
We use an electronic diary, note taking software and accounts package.
We use the information;
1. To provide a legal record of any treatment or advice we provide.
2. To ensure continuity of care.
3. For accounts purposes.
4. To contact you about your ongoing treatment including sending information by e-mail.
5. To contact you if new information or treatments become available that may be of benefit to you.
6. To liaise with other medical professionals who may be involved in your care. This may include GP’s, consultants, occupational health departments, class instructors, other health care professionals – or anyone involved in your claim in a professional capacity who requires information to assist in your care.
7. For quality feedback and audit purposes.
We do not pass on your information for commercial purposes.
We take all reasonable steps to ensure that our information is kept up to date and rectified if necessary. It is your responsibility to inform us if any personal information changes, in order that our records are accurate.
How long do we keep personal information?
We keep your personal data for no longer than reasonably necessary.
We may retain electronic records indefinitely for use if you return for another episode of care within 8 years and for analytical purposes.
How do we protect your information?
We are committed to ensuring that your information is secure. In-order-to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
Sharing your personal data.
We may pass information, with your permission, to other medical professionals or insurance companies who are involved in your care. This may include GP’s, consultants, occupational health departments, class instructors, other health care professionals – or anyone involved in your claim in a professional capacity who requires information to assist in your care.
This information may be passed on in the form of a written letter which is given to you – if this is the case, the letter becomes your responsibility and the protection of its contents is your responsibility.
If the information is passed electronically by email we will take reasonable precautions to transmit the information securely.
Providing us with your personal data.
You are under no statutory or contractual requirement or obligation to provide us with your personal data but failure to do so may mean we are unable to offer services at our clinics.
Controlling your personal information
You are entitled, to request a copy of the personal information we hold about you and to have any discrepancies rectified if appropriate. If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us and we will promptly correct any information where legally possible.
You are entitled to request that we transfer your data directly to another controller and to request that your personal data is erased where it is no longer necessary to retain it.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
We confirm that we do not transfer data abroad or use any form of automated decision making in our business.
All changes will be notified on our website.