Privacy Policy.

Alternative Balance (ABN 22 620 080 720) is committed to protecting the privacy of your personal information. This Privacy Policy outlines our ongoing obligations to you in respect of how we collect, use, disclose, store, secure, and dispose of your personal information. We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the "Privacy Act"). The APPs govern the way in which we manage your personal information, including sensitive health information collected during the provision of our telehealth consultation services.

1. Information We Collect

Due to the nature of the health services we provide, it is generally impracticable for us to deal with individuals who have not identified themselves. Accurate identification is required to ensure the safety and continuity of clinical care and to comply with our legal and professional obligations under applicable health legislation, and to meet the requirements of Medicare and private health insurance billing.

We collect personal information that is reasonably necessary to provide our telehealth consultation services. The types of personal information we may collect include:

• Full name, date of birth, and gender
• Residential address and postcode
• Email address and phone number
• Medicare number or other healthcare identifiers (where applicable)
• Health information provided during consultation booking and telehealth appointments, including medical history, current medications, symptoms, and the conditions for which you are seeking consultation
• Clinical notes, consultation records, and any treatment plans created by the consulting practitioner
• Payment information processed securely through our third-party payment provider (we do not store full credit card details on our servers)
• Technical and usage data collected automatically when you interact with our website, including IP address, browser type, pages visited, and referring URLs

2. How We Collect Your Information

We collect personal information through the following means:

• Website forms, including consultation booking forms, contact forms, and eligibility questionnaires
• Telehealth consultations conducted via video or phone with our AHPRA-registered practitioners
• Direct communication with you via email, phone, or other correspondence
• Cookies and analytics tools used on our website (see our Cookie Policy for details)
• Third-party service providers who assist in the delivery of our services, where you have consented to sharing your information

Unsolicited Information

From time to time, we may receive personal or health information that we did not solicit. Where we receive unsolicited personal information, we will assess whether that information could have been collected under our standard practices. If not, and if lawful to do so, we will destroy or de-identify that information.

3. Why We Collect Your Information

We collect and use your personal information for the following purposes:

• Providing and facilitating telehealth medical consultations with AHPRA-registered practitioners
• Scheduling, confirming, and managing appointments
• Enabling the consulting practitioner to assess your suitability for treatment and make informed clinical decisions
• Communicating with you regarding your appointments, treatment plans, and follow-up care
• Processing payments for services rendered
• Meeting our legal, regulatory, and professional obligations as a telehealth provider operating in Australia
• Improving our services, website functionality, and user experience
• Sending you relevant health information and service updates (you may opt out of marketing communications at any time)

If you do not provide the information we request, we may not be able to provide our telehealth consultation services to you.

4. Disclosure of Your Information

We do not sell, rent, or trade your personal information. We may disclose your information only in the following circumstances:

• With partnered pharmacies, where a prescription has been issued by the consulting practitioner and you have provided your consent for the prescription to be dispensed
• With AHPRA-registered practitioners who provide consultation services through our platform
• With website hosting providers, telehealth platform providers, payment processors, email service providers, analytics providers (such as Google Analytics), and feedback tools (such as Gleap) who assist us in operating our platform and delivering our services (subject to strict confidentiality obligations)
• Where required or authorised by Australian law, including the Privacy Act 1988 (Cth), applicable state and territory health records legislation, and lawful court orders or subpoenas
• Where necessary to prevent a serious threat to the life, health, or safety of any individual or the public
• With your explicit, informed consent

5. Telehealth Consultation Data

Our telehealth consultations may be conducted via video or phone call. We do not record video consultations unless you are explicitly informed and provide consent. Clinical notes and medical records generated during consultations are stored securely and treated as sensitive health information under the Privacy Act. Access to your health records is restricted to the consulting practitioner and authorised administrative staff on a need-to-know basis.

6. Data Storage and Security

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our security measures include:

• Encrypted data storage for all personal and health information
• TLS encryption for all data transmitted between your device and our servers
• Role-based access controls limiting who can view your information
• Regular security reviews and updates to our systems
• Secure, password-protected access to all administrative systems

We retain health records for a minimum of seven (7) years from the date of last consultation, in accordance with Australian healthcare record retention requirements. Other personal information is retained only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

7. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Request access to the personal information we hold about you
• Request correction of any personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading
• Request deletion of your personal information, subject to our legal obligations to retain certain records
• Opt out of receiving marketing communications at any time
• Lodge a complaint if you believe your privacy has been breached

To exercise any of these rights, please contact us in writing at [email protected]. We will respond to your request within thirty (30) days. We may require identity verification before releasing or amending your information to ensure the security of your records.

8. Cookies

We use cookies and similar technologies to improve your experience on our website. For full details on the types of cookies we use and how to manage or disable them, please refer to our Cookie Policy.

9. Cross-Border Disclosure

Some of our third-party service providers (such as website hosting and analytics platforms) may store data on servers located outside Australia, including the United States (for services such as website hosting, analytics, and email infrastructure). Where this occurs, we take reasonable steps to ensure that the overseas recipient handles your personal information in accordance with the Australian Privacy Principles. By using our services, you consent to this transfer where it is necessary for the provision of our services.

10. Policy Updates

This Privacy Policy may be updated from time to time to reflect changes in our practices, legal obligations, or the services we offer. Material changes will be communicated via our website. We encourage you to review this policy periodically. Continued use of our services after any update constitutes your acceptance of the revised policy.

11. Complaints

If you believe your privacy has been breached, or you wish to make a complaint about how we have handled your personal information, please contact us at [email protected] or by phone on 0408 209 185. We will investigate your complaint and respond within thirty (30) days.

If you are not satisfied with our response, or if we have not responded within thirty (30) days, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Post: Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001

12. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal information, please contact us:

• Email: [email protected]
• Phone: 0408 209 185