Legal
Privacy Policy
Plain English summary
We collect your personal information to book and deliver your sessions safely. We take your health information seriously, it is stored securely, never sold, and only shared with the third-party platforms we use to operate the business: booking, payments and email. You have the right to access, correct or request deletion of your information at any time. If you have any questions, contact us directly at jasovic@mindovermatterpractice.com.au.
1. About this policy
Mind Over Matter Practice (ABN 91 843 004 753) ("we", "us", "our") is committed to protecting the privacy of our clients and website visitors in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act.
This Privacy Policy explains how we collect, hold, use and disclose personal information, including sensitive information such as health information, in the course of operating our wellness and recovery practice. It applies to all information collected through our website, booking system, intake forms, consent waivers, session records and any other interactions with our business.
By using our services, booking a session or providing us with your personal information, you consent to the collection, use and disclosure of your information in accordance with this policy.
We recommend you read this policy in full. If you have any questions, contact us at jasovic@mindovermatterpractice.com.au.
2. What information we collect
We collect the following categories of personal information:
2.1 Identity and contact information
Full name, date of birth, email address, phone number and physical address where provided. This information is collected when you make a booking, sign up to our email list or contact us directly.
2.2 Health information (sensitive information)
We collect health information including medical history, current medications, known health conditions, cardiovascular health status, and physiological measurements taken during sessions (including blood pressure, body temperature, oxygen saturation and heart rate variability). This information is classified as sensitive information under the Privacy Act 1988 and is afforded a higher level of protection.
Health information is collected through our client intake process, consent waiver, and session records. We collect this information because it is directly relevant to the safe delivery of our services. We are unable to provide services safely without this information.
2.3 Payment information
We process payments through Stripe for in-app bookings and membership subscriptions, and Square for in-person payments at our clinic. We do not store your full card details on our systems. Payment card data is handled by Stripe and Square respectively in accordance with Payment Card Industry Data Security Standards (PCI DSS). We retain records of transactions including amounts, dates and services purchased.
2.4 Website analytics and cookies
Our website may collect anonymised analytics data including pages visited, time on site, browser type and device type through cookies and analytics tools. This data does not identify you personally and is used solely to improve our website and understand how visitors use it. You may disable cookies in your browser settings.
2.5 Marketing and communications
If you subscribe to our email communications, we collect your name and email address for the purpose of sending you information about our services, promotions and health content. You may unsubscribe at any time by clicking the unsubscribe link in any email or by contacting us directly.
3. How we collect your information
We collect personal information in the following ways:
We only collect information that is reasonably necessary for the delivery of our services and the operation of our business. Where practicable, we will tell you why we are collecting information and how it will be used at the time of collection.
4. How we use your information
We use your personal information for the following purposes:
We will not use your personal information for any purpose that is not related to the above without your consent, unless we are required to do so by law.
5. Disclosure of your information to third parties
We disclose personal information to the following third-party service providers who assist us in operating our business:
Each of these third parties has their own privacy policy governing how they handle your information. We encourage you to review their policies. We take reasonable steps to ensure that these parties handle your information in accordance with the Australian Privacy Principles. Your session and health records are stored exclusively on servers located in Australia and do not leave Australian jurisdiction.
We do not sell your personal information to any third party. We do not share your health information with any party other than those listed above, and only to the extent necessary to deliver the service you have requested.
We may also disclose your information where required or authorised by law, including in response to a court order, subpoena or other legal process.
6. Storage and security of your information
Your personal information, including health and session records, is stored digitally in a secure cloud database provided by Supabase, hosted in the Sydney, Australia region (AWS ap-southeast-2). Your data does not leave Australia. Supabase employs industry-standard encryption, access controls and security practices to protect data stored on its platform.
We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Access to client records is restricted to authorised personnel only.
We retain your personal information for as long as necessary to provide our services and comply with our legal obligations. When information is no longer required, we will take reasonable steps to destroy or de-identify it securely.
While we take all reasonable precautions, no data transmission over the internet or storage system can be guaranteed to be 100% secure. If you have reason to believe that your information held by us has been compromised, please contact us immediately at jasovic@mindovermatterpractice.com.au.
7. Sensitive information: health data
Health information is sensitive information under the Privacy Act 1988 and is subject to additional protections. We collect health information only where it is necessary for the safe delivery of our services, and only with your express consent.
Your consent to the collection and use of your health information is obtained through the signing of our client consent waiver before your first session. By signing the waiver, you acknowledge and consent to the collection of health information as described in this policy and in the waiver itself.
You may withdraw consent at any time by contacting us. Please note that withdrawal of consent to the collection of health information may mean we are unable to safely deliver certain services to you.
We will not use your health information for any purpose other than the safe delivery of our services and the maintenance of accurate session records, unless required by law.
8. Your rights
Under the Privacy Act 1988 and the Australian Privacy Principles, you have the following rights in relation to your personal information:
8.1 Right of access
You have the right to request access to the personal information we hold about you. We will respond to access requests within a reasonable timeframe, and in most cases within 30 days. We may charge a reasonable administrative fee for providing access in some circumstances.
8.2 Right of correction
If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you have the right to request that we correct it. We will take reasonable steps to correct the information within 30 days of your request.
8.3 Right to deletion
You may request the deletion of your personal information. We will comply with deletion requests where we are not required by law to retain the information and where doing so does not conflict with our legitimate business interests. Note that we may be required to retain certain records, including health records, for a minimum period under applicable law.
8.4 Right to opt out of marketing
You may opt out of receiving marketing communications from us at any time by clicking the unsubscribe link in any email, or by contacting us at jasovic@mindovermatterpractice.com.au. Opting out of marketing will not affect our ability to send you transactional communications about your bookings.
To exercise any of these rights, contact us at jasovic@mindovermatterpractice.com.au. We will verify your identity before processing any request relating to personal information.
9. Cookies and website analytics
Our website may use cookies (small text files stored on your device) to improve your browsing experience and help us understand how visitors use our site. Cookies do not contain personal information and cannot be used to identify you individually.
You may disable cookies by adjusting your browser settings. Please note that disabling cookies may affect the functionality of some parts of our website.
We may use third-party analytics tools such as Google Analytics to collect aggregated, anonymised information about website usage. This data is used solely to improve our website and is not linked to your personal information.
10. Children's privacy
Some of our services may be appropriate for minors with parental or guardian consent. Where we collect personal information about a minor, we require express consent from a parent or guardian. Health information about minors is subject to the same protections as that of adults and will not be used or disclosed without appropriate consent.
11. Complaints
If you believe we have handled your personal information in a manner inconsistent with this policy or the Australian Privacy Principles, please contact us in the first instance so we can attempt to resolve your concern:
Email: jasovic@mindovermatterpractice.com.au
Address: 170b Hindmarsh Road, Victor Harbor SA 5211
We will respond to privacy complaints within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
Website: www.oaic.gov.au
Phone: 1300 363 992
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal obligations. The current version will always be available on our website at mindovermatterpractice.com.au/privacy-policy. We encourage you to review this policy periodically. Continued use of our services following any update constitutes acceptance of the revised policy.
13. Contact us
For any questions, concerns or requests relating to this Privacy Policy or the handling of your personal information, please contact:
Mind Over Matter Practice
170b Hindmarsh Road, Victor Harbor SA 5211
This Privacy Policy has been prepared in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. Mind Over Matter Practice recommends that this policy be reviewed periodically by a qualified legal practitioner to ensure ongoing compliance with applicable laws and regulations.