LOCATIONS:

1

7 Ashgrove Ave, Ashgrove.

2

Cnr Beckett & Hamilton Rds, McDowall.

7 Ashgrove Ave, Ashgrove.

Cnr Beckett & Hamilton Rds, McDowall.

Book Online Here

Privacy Policy

Last updated: 11 August 2025
RECOVERWISE Physio (“we”, “us”, “our”) provides physiotherapy and related health services at 1/109
Beckett Rd, McDowall and 7A Ashgrove Ave, Ashgrove and via telehealth. This policy explains how we
collect, use, disclose and protect your personal information, including sensitive health information, in
accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).


1) Who we are

We are a private physiotherapy practice delivering in-clinic and telehealth services. This policy applies to
all services we provide and interactions with our website and booking tools


2) Scope

his policy applies to patients/clients, website visitors, carers/guardians, referrers, job applicants,
contractors and suppliers who interact with us online and offline (including bookings, payments,
email/SMS reminders, telehealth, and social media).


3) The kinds of information we collect

  • Personal details: name, date of birth, contact details, emergency contact, Medicare/DVA/private
    health fund details, claim/insurer info, concession status
  • Health information (sensitive information): presenting complaint, medical and treatment history,
    GP/specialist/referrer details and reports, imaging/pathology results, treatment notes, outcome
    measures, clinical photos/videos (where needed for care), AI notes scribes and telehealth
    recordings (only with explicit consent).
  • Payment & admin: billing records, receipts, HICAPS/terminal transaction references.
  • Digital/website: online form submissions, IP address, device/browser, cookies/analytics, and
    appointment preferences.

We collect health information only where necessary for your care, with consent or as otherwise
permitted by law.


4) How we collect information

  • Directly from you: new patient forms, during consultations, by phone/email/SMS, telehealth
    sessions, online bookings.
  • From others with authority or as permitted by law: your GP/specialist, insurer/compensation
    scheme, other treating providers, aged care/NDIS coordinators, or a parent/guardian/carer.
  • From technology you use: our website, patient portal, practice/booking software, secure messaging, and integrated payment systems.

 

We will notify you of collection purposes and any third-party recipients as required by APP 5.


5) Why we collect, use and disclose information (purposes)

  • Provide assessment, diagnosis, treatment, and continuity of care.
  • Communicate with you (bookings, reminders, clinical follow-up, reports).
  • Liaise with your GP/specialist/other providers.
  • Process payments, claims and rebates (e.g., Medicare/DVA/private insurer/WorkCover).
  • Manage and improve our practice (quality assurance, accreditation, staff training, audit, incident
    response).
  • Conduct recalls and send important service notifications.
  • Send optional health information, updates and promotions (direct marketing) in compliance with
    the Spam Act 2003—you can opt out at any time.

 

We only use or disclose your information for the primary purpose of providing healthcare, or for a
secondary purpose where you would reasonably expect it or we have your consent, or where
required/authorised by law (e.g., a serious threat to life/health, mandatory reporting).

6) Anonymity and pseudonymity

Where lawful and practicable (e.g., general inquiries), you may interact with us anonymously or using a
pseudonym. Identification is usually required to provide clinical care, process claims, or meet
legal/clinical record-keeping obligations

7) Disclosing information to third parties

  • Your authorised representatives.
  • Other treating providers (GPs/specialists/allied health), imaging/pathology providers.
  • Medicare/DVA/private health funds/compensation schemes.
  • Our practice vendors who support care and operations (e.g., clinical/booking software, secure
    messaging, payment processors, SMS/email providers, IT/cloud/security providers, document
    storage and shredding services). These parties are bound by privacy/confidentiality obligations and
    only access information they need to provide their services.
  • Regulators, courts/tribunals or law enforcement where required by law.


Cross-border disclosure: some vendors may store data outside Australia. Before disclosing personal
information overseas, we take reasonable steps so the overseas recipient does not breach the APPs (for
example, by using contracts and due diligence).


8) Direct marketing

We may send you health tips, clinic updates and promotions where permitted by the APPs and the Spam
Act. We will always include a simple opt-out. If you opt out, we will still send essential service messages
(e.g., appointment reminders, clinical instructions).


9) Telehealth and clinical images

For telehealth, we use secure platforms and do not record sessions unless we tell you and you consent.
Clinical photos/videos are only taken where reasonably necessary for assessment/treatment and are
stored in your clinical record—not used for marketing without your explicit written consent.


10) Website, cookies and analytics

Our website and online booking tools may use cookies and analytics to operate the site, remember
preferences and understand usage. You can adjust your browser settings to refuse cookies, though
some features may not work. We do not combine analytics data with your clinical record unless you
submit an online form or booking that identifies you.


11) Data security

We take reasonable steps to protect information against loss, misuse, unauthorised access,
modification or disclosure. Measures include: access controls and role-based permissions, staff training
and confidentiality agreements, encrypted transmission where available, secure disposal, vendor due
diligence, backups and monitoring.


12) Retention and destruction

We retain health records for at least 7 years from the last entry for adults and, for children, until the
patient turns 25 (or longer if required), after which we securely destroy or de-identify the information
when no longer needed for lawful purposes


13) Access to and correction of your information

You can request access to your personal information and request corrections if it is inaccurate,
out-of-date, incomplete, irrelevant or misleading. We will respond within a reasonable time, explain any
refusal (and how to complain), and take reasonable steps to correct records. Identification may be
required. Fees (if any) will only cover reasonable administration costs.


14) Data breaches

If a data breach is likely to result in serious harm, we will assess promptly and notify affected individuals
and the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches
(NDB) scheme. We maintain a data breach response process appropriate to a health practice.


15) Children and young people

We collect information about children with the consent of a parent/guardian or as otherwise permitted
by law. Mature minors who can consent to treatment may also control access to their information, in
line with clinical and legal standards.


16) Government identifiers

We will not adopt, use or disclose government identifiers (e.g., Medicare number) as our own identifier
except as permitted by APP 9.


17) Changes to this policy

We may update this policy to reflect changes in law or our operations. The latest version will be
published on this page with the effective date.


18) Contact us

Email: info@recoverwise.com.au
Phone: 07 33536881
Address: 1/109 Beckett Rd, McDowall


You may also contact the Office of the Australian Information Commissioner (OAIC): 1300 363 992 or
contact them via the OAIC website.