Privacy Policy

1. INTRODUCTION:
This Is Wellbeing (ABN: 74 576 816 634) (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This policy sets out how we collect, use, disclose, store, secure and dispose of your Personal Information (including Health Information) in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable state laws.

2. WHAT INFORMATION DO WE COLLECT?

• Personal Information includes your name, address, date of birth, email address, telephone number, emergency contact, etc.

• Sensitive Information / Health Information may include details about your physical or mental health, medical history, treatments, wellbeing preferences, etc., where relevant to the services we provide.

3. HOW WE COLLECT INFORMATION:

• Directly from you: during appointments, sessions, via registration forms, phone or email.

• Indirectly: via our website (contact forms), social media, from third party providers (e.g. referring practitioners), or publicly available sources.

• Via website technologies: cookies, analytics tools (e.g. to improve the website).

When we collect Health Information, we will usually obtain your consent; we will also provide you with a collection notice explaining why we are collecting it and how it will be used.

4. PURPOSES FOR WHICH WE COLLECT, HOLD, USE AND DISCLOSE INFORMATION:
We collect your information so that we can:

• Provide wellbeing / yoga / reiki / meditation / sound healing / coaching services to you;

• Communicate with you (appointments, updates, newsletters if you opt-in);

• Manage our business: billing, accounting, compliance, quality assurance;

• Respond to enquiries, feedback or complaints;

• Meet legal or regulatory obligations;

We will only use or disclose your Personal Information (including Health Information) for the purpose(s) for which it was collected, or for a related purpose you would reasonably expect, or where required or permitted by law.

5. THIRD PARTIES AND OVERSEAS DISCLOSURES:
We may disclose your Personal Information to service providers who assist us (e.g. IT, payment processors, marketing tools, cloud storage), always ensuring they comply with privacy obligations.

If we are likely to disclose Personal Information to overseas recipients (e.g. cloud servers, website hosting, software providers based overseas), we will inform you of that, including which countries (where practicable), and take reasonable steps to ensure your information is protected.

6. DATA SECURITY AND STORAGE:
We take reasonable steps to protect your Personal Information from misuse, loss, unauthorized access, modification or disclosure. This includes using secure electronic systems, password protection, restricted access, secure backups, and physically securing paper records.

We retain your records, including health records, for at least 7 years (or as required under applicable law). For minors, or in other special legal circumstances, longer retention may apply. When no longer needed, or if required by you and possible by law, we will securely destroy or de-identify your information.

7. ACCESS AND CORRECTION:
You have the right to request access to the Personal Information we hold about you and to request corrections if you believe it’s inaccurate, out-of-date, incomplete or misleading.

We will respond to such requests within a reasonable period (for example, within 30 calendar days).

We may require proof of identity prior to providing access to ensure privacy and security.

8. ANONYMITY OR PSEUDONYMITY:
Where lawful and practicable, you may deal with us anonymously or under a pseudonym. However, for many services (e.g. health assessments, insurance, rebates etc.), this may not be possible.

9. MARKETING COMMUNICATIONS AND YOUR CHOICES:
If you have opted in, we may send you newsletters, offers or other marketing materials. You may opt out at any time via email, phone or using unsubscribe links.

Even if you opt out of marketing, we may still contact you for non-marketing purposes (appointments, important service updates, etc.).

10. COOKIES, WEBSITE AND ONLINE NOTICES:
Our website may use cookies, tracking or analytics to improve user experience and collect aggregated data. We may collect information such as your IP address, browser type, operating system, pages visited etc.

We will provide you with notice at first visit (e.g. via cookie banner) if required, and/or a link to a cookie policy if applicable.

11. DATA BREACHES AND NOTIFICATION:
We have procedures in place to respond to data breaches. If your Personal Information is lost, accessed or disclosed without authorization, we will assess the risk of harm to you, and if required under the Privacy Act’s Notifiable Data Breaches scheme, we will notify you and the Office of the Australian Information Commissioner (OAIC).

12. CHANGES TO THIS PRIVACY POLICY:
We may change this privacy policy from time to time. The latest version will always be posted on our website. If changes are significant, we will take reasonable steps to notify you (e.g. via email or notice on our website).

13. CONTACT AND COMPLAINTS:
If you have any enquiries or complaints regarding our privacy policy, contact us at:

Name: Sheree Inglis / This Is Wellbeing

Email: [email protected]

Phone: +61 4 23 149 226

Address: 11A Ararat Road, Stawell, Victoria, Australia 3380

We take all complaints seriously. We will respond to your complaint within a reasonable time (for example, 30 calendar days).

If you are not satisfied with our resolution, you may contact the OAIC:
Office of the Australian Information Commissioner
Phone: 1300 363 992
Website: www.oaic.gov.au