Privacy Policy

We may collect personal information that is reasonably necessary to operate our business and provide physiotherapy services. 

Personal information may include: 

• Name 
  
• Date of birth 
  
• Email address 
  
• Phone number 
  
• Postal or business address 
  
• Emergency contact details 
  
• Medicare, DVA, NDIS, or private health insurance details 
  
• Billing and payment information 

Health (Sensitive) Information: 

As a healthcare provider, we may also collect sensitive information, including health information such as: 

• Medical history and injury details 
  
• Treatment notes and clinical records 
  
• Referrals, reports, and correspondence 
  
• Diagnostic and assessment information 

Health information is collected only with your consent, unless required or authorised by law. 

Automatically collected information: 

When you visit our website, we may automatically collect: 

• IP address 
  
• Device and browser information 
  
• Pages visited and time spent on the site 
  
• Cookies and similar tracking technologies 

We collect personal information through: 

• Online booking systems and website forms 
• Patient intake and consent forms 
• Email, phone, or in-person communication 
• Social media interactions 
• Cookies, analytics tools, and website tracking technologies 
• Shape 

We collect and use personal information to: 

• Provide physiotherapy assessment and treatment 
• Maintain accurate clinical records 
• Communicate with patients and respond to enquiries 
• Manage appointments, billing, and payments 
• Process Medicare, DVA, NDIS, and private health insurance claims 
• Improve our services and website functionality 
• Send service-related communications and marketing (with opt-out available) 
• Comply with legal and regulatory obligations 
  

By providing your personal information, you consent to its collection, use, and disclosure in accordance with this Privacy Policy. 

You may withdraw your consent at any time by contacting us. Please note that withdrawing consent may limit our ability to provide healthcare services. 

Our website may use cookies and third-party analytics tools (such as Google Analytics) to: 

• Monitor website traffic 
• Improve website performance 
• Understand visitor behaviour 
• Enhance user experience 

You can disable cookies through your browser settings; however, some website features may not function correctly. 

We store personal information in secure systems, which may include: 

• Practice management software 
• Website content management systems 
• Secure cloud-based storage 
• Email and communication platforms 

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure, including: 

• Secure passwords and restricted access 
• Encryption where appropriate 
• Regular system updates and security measures 

We may disclose personal information to trusted third parties where necessary to operate our business and provide services, including: 

• Practice management and clinical software providers 
• Medicare, DVA, NDIS, and private health insurers 
• Payment processors and banks 
• IT, website hosting, and cloud service providers 
• Professional advisers (such as accountants or insurers), where required 
• We do not sell personal information. 

Some third-party service providers may store information outside Australia (including the United States, Europe, or Asia). 

We take reasonable steps to ensure overseas recipients handle personal information in a manner consistent with Australian privacy laws. 

We may send communications such as: 

• Appointment reminders 
• Service updates 
• Newsletters or promotions 

You may opt out of marketing communications at any time by using the unsubscribe link or contacting us directly. 

You may request access to, or correction of, the personal information we hold about you. 

Requests can be made by contacting us using the details below. We will respond within a reasonable timeframe and in accordance with applicable laws. 

We retain personal and health information for as long as required to: 

• Provide healthcare services 
• Meet legal and regulatory obligations 
• Maintain accurate medical records 

When information is no longer required, it is securely destroyed or de-identified. 

In the event of a data breach that is likely to result in serious harm, we will comply with the Notifiable Data Breaches (NDB) scheme and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law. 

Where we collect personal information about individuals under 18 years of age, consent will generally be obtained from a parent or legal guardian, unless otherwise permitted by law. 

Our website may contain links to external websites. We are not responsible for the privacy practices of those websites. 

If you believe your privacy has been breached or have concerns about how we handle your information, please contact us. 

We will investigate all complaints and respond within a reasonable timeframe. 

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC): 

• Website: www.oaic.gov.au 
• Phone: 1300 363 992 

We may update this Privacy Policy from time to time. The most current version will always be available on our website. 

For privacy enquiries, access requests, or complaints, please contact: 

Cassowary Coast Physiotherapy Pty Ltd 

Email: admin@cassowarycoast.physio

Phone: (07) 4068 2074

Address: 1a Webb Street, Tully QLD 4854, Australia