Privacy Policy

Business name: Health by Hayley
Address: Shop 9/61 Burnett St, Buderim QLD 4556, Australia
Email: info@healthbyhayley.com.au
Phone: +61 437 482 553

The type of information we collect depends on the services you use and how you interact with us (in clinic, phone, email, online forms, or our website).

General personal information may include:

• Name, date of birth, gender (if provided)
• Contact details (phone, email, address)
• Emergency contact details
• Occupation and lifestyle information relevant to care (if provided)
• Appointment and attendance history
• Payment details (we generally do not store full card details if processed by a provider)
• Correspondence with us (emails, messages, contact form enquiries)

Health and sensitive information (health information) may include:

• Health history, symptoms, injuries, and relevant diagnoses (where applicable)
• Clinical notes, assessments, treatment plans, and progress notes
• Referrals and reports (e.g., from or to GPs, specialists, imaging providers)
• Medications and supplements (where relevant)
• Results from movement screens, muscle testing, neurological checks, and similar assessments
• Consent records and preferences

Website and device information may include:

• IP address, device type, browser type
• Pages visited, time on site, referring site
• Cookie data (see section 10)

• Directly from you (forms, intake questionnaires, bookings, calls, emails, messages)
• During consultations and treatment
• From third parties with your consent (e.g., healthcare providers, imaging clinics)
• Automatically via website technologies (cookies, analytics, server logs)

• Provide chiropractic and related wellbeing services safely and effectively
• Assess your needs and develop a care plan
• Communicate with you (appointments, follow-ups, exercise plans, updates)
• Process payments and manage accounts
• Maintain accurate clinical records and meet professional obligations
• Operate our practice (scheduling, record keeping, quality and safety)
• Comply with legal and regulatory requirements

Use of health information: We use health information primarily to deliver healthcare and to support continuity of care and practice administration where relevant.

We only disclose personal information when necessary and consistent with this policy, including:

Service providers who help us operate (e.g., booking systems, IT support, website hosting, email providers, payment processors, SMS/email reminders, accounting/admin).

Other healthcare providers (with your consent where required), such as GPs, specialists, allied health providers, and imaging providers.

Legal requirements, including where required by law, to prevent a serious threat, or to comply with a court order/regulatory request.

We do not sell your information.

By engaging our services and providing information, you consent to us collecting, using, and disclosing your information as described in this policy.

You may withdraw consent for certain uses (where practical), however this may affect our ability to provide services safely and appropriately.

We take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification, or disclosure.

• Secure digital systems with access controls and authentication
• Staff confidentiality expectations
• Secure storage of paper records (if any)
• Regular maintenance and updates of systems

We keep records for as long as required by law and professional standards, and when no longer required we take reasonable steps to destroy or de-identify them securely.

Some service providers (such as cloud software, email, website analytics, or hosting) may store or process data outside Australia. Where this occurs, we take reasonable steps to ensure your information is handled consistently with this policy and Australian privacy obligations.

You may request access to, or correction of, the personal information we hold about you by contacting us at info@healthbyhayley.com.au.

We may need to verify your identity before releasing information. In some cases we may decline access where lawful, and we will explain why where permitted.

Our website may use cookies and analytics tools to improve your experience and understand how visitors use our site. You can disable cookies in your browser settings, though some features may not work as intended.

We may send communications relevant to your care (e.g., appointment reminders and follow-ups). If we send marketing communications (if any), you can opt out at any time by contacting us or using an unsubscribe option where provided.

We take additional care with information relating to minors. For children and young people, we may collect information from a parent/guardian and/or the child, depending on capacity to consent and the circumstances.

If a data breach occurs that is likely to result in serious harm, we will comply with Australia’s Notifiable Data Breaches (NDB) scheme. This may include notifying affected individuals and the Office of the Australian Information Commissioner (OAIC), where required.

If you have concerns about how we have handled your personal information, please contact us first so we can try to resolve the issue promptly.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).

We may update this Privacy Policy from time to time. The latest version will be published on our website with an updated effective date.