Privacy Policy

Effective: 1 January 2026 · Last updated: 15 April 2026 · Version: 3.2

Overview

Being Physio Pty Ltd (ABN 78 629 275 869) ("Being Physio", "we", "us", "our") is committed to protecting the privacy of every patient, client, NDIS participant, employee and website visitor we work with. This policy explains how we handle personal and health information in line with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Health Records and Information Privacy Act 2002 (NSW), and the National Disability Insurance Scheme Act 2013 (Cth).

By using our services or this website, you consent to the practices described here.

What information we collect

The information we collect depends on how you interact with us. It typically includes:

Personal information

• Your name, date of birth, address, phone number and email address
• Medicare number, DVA number, private health fund details and HICAPS information
• NDIS participant number, plan dates and nominated plan manager (if applicable)
• Emergency contact and next-of-kin details

Health information

• Medical history, current symptoms and treatment goals
• Clinical assessment findings, diagnoses and treatment notes
• Referral letters, imaging reports and correspondence from other providers
• Photographs or video taken with your written consent for clinical or progress purposes

Website & technical information

• IP address, browser type, device and operating system
• Pages visited, time on page and referring source
• Information you submit through booking, contact or feedback forms

How we collect information

We collect information directly from you wherever practical — usually through new-patient forms, in-clinic conversations, phone bookings or our online booking system. With your consent, we may also collect information from your GP, specialist, NDIS plan manager, support coordinator, family member or another treating provider when this helps us deliver coordinated care.

How we use your information

We only use your information for purposes you would reasonably expect, including:

• Providing physiotherapy, occupational therapy, podiatry, exercise physiology and related allied-health services
• Communicating with you about appointments, treatment plans and follow-up
• Processing claims through Medicare, DVA, private health funds, workers compensation insurers and the NDIS
• Improving the quality of our services through internal audit, peer review and supervision
• Meeting our legal, professional and regulatory obligations

When we disclose information

We do not sell your information. We will only share it with third parties where it is necessary, with your consent, or where required by law. This may include:

• Your treating GP, specialist or other allied-health providers as part of your care
• Your NDIS plan manager, support coordinator or the National Disability Insurance Agency for plan reporting and invoicing
• Medicare, DVA, your private health fund, workers compensation insurer or motor accident insurer for claims
• Our practice-management software providers (Cliniko, HICAPS) under appropriate confidentiality and data-handling agreements
• Government agencies, regulators or courts where we are required by law to disclose information

Some of our service providers may store data on servers located outside Australia. We take reasonable steps to ensure any overseas recipient handles your information consistently with the Australian Privacy Principles.

Storage and security

Clinical records are stored electronically in our secure, access-controlled practice-management system. Paper records, where they exist, are kept in locked cabinets at our clinics. We use encrypted connections, multi-factor authentication for staff accounts, and routine staff training on confidentiality.

In line with NSW health-records legislation, we retain adult health records for at least seven years from the date of your last visit, and records for patients under 18 until they turn 25. After this period, records are securely destroyed.

Accessing or correcting your information

You have the right to ask for a copy of the personal and health information we hold about you, and to request that we correct anything that is inaccurate, incomplete or out of date. We will respond to your request within 30 days. A reasonable administrative fee may apply to cover the cost of retrieval and copying.

To make a request, contact our Privacy Officer using the details below.

Cookies and website analytics

Our website uses cookies and similar technologies to remember your preferences, keep your booking session active, and help us understand how the site is used. We use Google Analytics with IP-anonymisation enabled. You can disable cookies in your browser settings, but some parts of the site may not work as intended.

Privacy complaints

If you believe we have mishandled your information, please raise it with our Privacy Officer in the first instance — we take all complaints seriously and will acknowledge your concern within five business days.

If you are not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992. NSW residents can also contact the Information and Privacy Commission NSW at ipc.nsw.gov.au.

Contact us

Privacy Officer

Being Physio Pty Ltd

15 Amarco Circuit, The Ponds, NSW, 2769

Email: info@beingphysio.com.au

Phone: 1300 208 601

We may update this policy from time to time. The current version, and the date it took effect, will always be available on this page.