Privacy Policy – Thrive Physio Studio

Effective Date: 12/11/2025
Last Updated: 12/11/2025
Business Name: Thrive Physio Studio Pty Ltd
Owner / Principal Physiotherapist: Grace Brennan
ABN: 30 691 053 479
Location: Warwick, Queensland, Australia
Contact Email: gracewellsco@gmail.com
Phone: 0404642184

1. Overview

At Thrive Physio Studio, your privacy is our priority. We are committed to protecting your personal and health information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, store, and disclose your personal information and how you can access or correct it. It applies to all clients, website visitors, and anyone interacting with our services — whether in-person, via telehealth, or online.

2. What Personal Information We Collect

We may collect the following types of personal and health information:

General Information

  • Full name, address, date of birth, contact details (email, phone)

  • Emergency contact details

  • Billing and payment information

Health Information (Sensitive Information)

As a registered physiotherapy and women’s health provider, we may also collect sensitive health information including:

  • Medical history and current conditions

  • Treatment records and physiotherapy assessments

  • Pregnancy, postpartum, and pelvic floor details (if relevant)

  • Referrals, imaging, or reports from other healthcare providers

Online and Technical Information

When you visit our website or book online, we may collect:

  • IP address, browser type, and device information

  • Cookies and analytics data (to improve your website experience)

  • Communication preferences, feedback, or enquiry details

We only collect information that is necessary and relevant to your care or interaction with our business.

3. How We Collect Information

We collect personal information directly from you when you:

  • Book an appointment or complete an intake form

  • Communicate via email, phone, text, or social media

  • Attend a consultation (in-person or online)

  • Subscribe to our mailing list or participate in promotions

  • Access our website, telehealth platform, or digital forms

We may also receive information from:

  • Your referring GP, specialist, or allied health professional (with your consent)

  • Health fund providers, insurers, or third-party payers

  • Online booking or payment systems (e.g., Splose, Stripe, Square)

4. Purpose of Collection

We collect, hold, and use your information to:

  • Provide physiotherapy and related health services

  • Assess, diagnose, and treat your condition appropriately

  • Manage bookings, communication, and payments

  • Coordinate care with other health professionals (with your consent)

  • Maintain accurate clinical and administrative records

  • Comply with legal, professional, and regulatory requirements

  • Send appointment reminders, receipts, and relevant updates (you can opt out anytime)

  • Improve our services, website, and client experience

5. Use and Disclosure of Personal Information

Your information will only be used for the purpose for which it was collected, or as permitted by law.

We may disclose your personal or health information:

  • To other treating practitioners or specialists (with your consent)

  • To Medicare, private health insurers, or third-party payers (for claiming purposes)

  • To practice management or telehealth software providers that securely store your data

  • When required by law (e.g., court order, subpoena, or mandatory reporting)

We do not sell, rent, or trade your personal information.

If we use your data for research, training, or marketing purposes, it will be de-identified unless you have provided written consent.

6. Data Storage and Security

We take all reasonable steps to protect your personal and health information from:

  • Loss, misuse, interference, unauthorised access, modification, or disclosure.

Information is stored securely in:

  • Password-protected digital practice management systems (e.g., Splose)

  • Secure cloud storage with encryption and access control

  • Locked filing cabinets for any physical records

We retain your records for at least 7 years from the date of your last visit, or until a child reaches 25 years old (whichever is later), in line with AHPRA and Physiotherapy Board of Australia record-keeping requirements.

After this period, records are securely destroyed or de-identified.

7. Telehealth and Online Services

If you engage in telehealth consultations or digital programs:

  • Your data will be transmitted through secure, encrypted platforms (e.g., Splose Telehealth).

  • You acknowledge that while all reasonable security measures are taken, online communication carries some inherent risk.

  • You are responsible for ensuring your environment is private and safe during telehealth sessions.

8. Access and Correction of Information

You have the right to:

  • Request access to the personal information we hold about you

  • Request correction of inaccurate or outdated information

Requests can be made in writing to:
📧 gracewellsco@gmail.com
We will respond within a reasonable time (usually within 30 days).

If access is restricted (e.g., due to legal reasons), we will explain why.

9. Data Breach Management

In the unlikely event of a data breach involving your personal or health information:

  • We will act promptly to contain the breach

  • We will assess potential risks and notify you if there is likely to be serious harm

  • We will comply with the Notifiable Data Breaches Scheme under the Privacy Act and report to the Office of the Australian Information Commissioner (OAIC) where required.

10. Website, Cookies, and Analytics

Our website may use cookies, tracking pixels, and analytics tools to:

  • Monitor website traffic

  • Improve functionality and user experience

  • Deliver relevant content and marketing

You can disable cookies through your browser settings, though this may affect website functionality.

11. Marketing and Communication

We may send you relevant updates, offers, or educational content from time to time.
You can opt out of marketing communications at any time by clicking “unsubscribe” or contacting us directly.

We will never share your contact details with third parties for their own marketing.

12. Complaints and Feedback

If you believe your privacy has been breached, please contact us immediately.

Contact:
Grace Wells – Principal Physiotherapist
📧 gracewellsco@gmail.com
📞 0404 642 184

We take all concerns seriously and will respond promptly.

If you are not satisfied with our response, you can contact:

  • Office of the Australian Information Commissioner (OAIC)
    Website: www.oaic.gov.au
    Phone: 1300 363 992

or, for clinical concerns:

13. Policy Updates

This policy may be updated from time to time to reflect changes in legislation or business practices.
The most current version will always be available on our website.
We encourage clients to review it periodically.

14. Acceptance of Policy

By using our services (including website, telehealth, or in-person consultations), you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as outlined.