Privacy Policy
Effective Date: 17th February 2025
Your Privacy and Embrace the Moment Psychology and Wellbeing Coaching ABN 49241696247 (collectively and individually referred to as “Embrace the Moment Psychology and Wellbeing Coaching”, “we”, “us” or “our”).
WHO WE ARE AND HOW YOU CAN CONTACT US
We are Embrace the Moment Psychology and Wellbeing Coaching and we are based in NSW, Australia. We are committed to protecting your privacy and respecting and upholding your rights when you use this Site. This Privacy Policy applies to the products and/or services we provide on our Site and our social media channels (if applicable), and explains how we collect, hold, use and disclose data and comply with the requirements of the Privacy Act 1988 (Cth) and constitutes part of our Website Terms & Conditions. This Privacy Policy does not cover information that you submit on other websites, even if we communicate with you on those sites. For example, if you post something on Instagram, Facebook, Pinterest, X, or YouTube, that information is governed by the privacy policies on those websites and is not governed by this Privacy Policy.
You can contact us for privacy related questions by emailing us at info@embracepsychology.com OR completing this form – https://embracepsychology.com/contact/.
We will only use your personal information (including if applicable, sensitive information) (personal data/data) in compliance with Australian Privacy Laws (Privacy Act (1988 (Cth)), Australian Privacy Principles and to the extent applicable, with the EU General Data Protection Regulation (GDPR) and any replacement legislation or regulation or guidelines and standards governing the use, storage or transmission of data.
OUR ROLE IN YOUR PRIVACY
If you are a customer, subscriber or just a visitor on our Site, this Privacy Policy will apply to you.
OUR RESPONSIBILITIES
As we are the providers of the products and services on this Site, we determine how and why your data is processed. We do not sell or rent your details to any third parties. We are committed to protecting your privacy and we want you to know exactly what information is collected and how we use it.
CHILDREN’S PRIVACY
We provide psychological services to children aged 7 and above. Protecting the privacy of minors is of utmost importance to us. We comply with the requirements of the Children’s Online Privacy Code (COP Code).
Parental Consent
We require the consent of a parent or legal guardian before collecting or processing personal information from a child.
Types of Data Collected
For child clients, we may collect:
- Personal details (name, date of birth, contact details of parent/guardian).
- Medical history relevant to psychological assessments and treatment.
- Any additional information provided by the parent/guardian necessary for therapy.
Use of Information
We use child-related data solely for:
- Scheduling and conducting psychological assessments and therapy.
- Communicating with parents/guardians regarding appointments and progress.
- Meeting legal and ethical obligations in accordance with Australian healthcare regulations.
Data Security
Child records are stored securely and accessed only by authorised personnel.
Disclosure
We do not share children’s personal information with third parties unless required by law or with parental/guardian consent.
Parents and guardians may request access to or corrections of their child’s information by contacting info@embracepsychology.com.
YOUR RESPONSIBILITIES
Please read this Privacy Policy and our Website Terms & Conditions. If you provide us with any data relating to a third party, you confirm that you have the right to authorise us to process that data on your behalf in accordance with this Privacy Policy.
WHEN AND HOW WE COLLECT DATA
From the moment you visit our Site, we are collecting data, sometimes you might provide this data by completing a form or setting up an account, otherwise we might collect the data automatically. We may also collect data when:
- Contact us via telephone or email for general enquiries or to book an appointment.
- Provide us with your full name, telephone number, and email address for appointment scheduling.
- Complete intake forms, consent forms, and demographic details, which are securely stored in our internal system (separate from the website).
- Engage in psychological services, either face-to-face or via telehealth.
- Submit an enquiry through the contact form on our website (used for general enquiries only, not for appointment booking).
- You accept our cookies and tracking technologies, which may include services from third parties that provide analytics, traffic management, content delivery, and load balancing (e.g. CDNs). For more details on the cookies we use, including those from third-party providers that assist with performance, analytics, and functionality, please refer to our [Cookie Policy](insert link).
- You voluntarily submit your data to us for any reason
TYPES OF DATA WE MAY COLLECT
- Personal Information: Name, contact details (email, phone number), and demographic information.
- Health Information: Information relevant to psychological assessments and therapy, stored securely and handled confidentially.
- Payment Information: We do not collect or store financial details on our website. Payments are made via direct bank transfer or in-person at our practice after services have been provided.
- Website Usage Data: We may collect data about website interactions, such as IP addresses, browser type, and pages visited, to improve user experience. We may also collect technical data via third-party services, such as content delivery networks or font services, to improve the performance and functionality of our Site. These services may collect information like IP addresses to ensure proper delivery and functionality.
USE AND DISCLOSURE OF YOUR DATA
Under data laws, we are only allowed to use your data for specific reasons and where we have the legal basis to do so.
- We use personal information to:
- Provide psychological assessments and therapy services.
- Schedule and manage client appointments.
- Send appointment reminders via automated SMS or email.
- Respond to enquiries and customer support requests.
- Maintain secure client records.
- We do not sell or share your personal information with third parties for marketing purposes.
We may disclose information where required by law or with your explicit consent to:
- Medical professionals involved in your care (e.g., GPs, psychiatrists, allied health professionals).
- Government agencies (e.g., Medicare) for rebate processing.
- Legal or regulatory bodies where legally mandated.
SENSTIVE INFORMATION
Collection of Sensitive Information
We may collect sensitive information about our patients with their consent and only for the purposes directly related to their healthcare.
The types of sensitive information we may collect include personal details, medical history, current health conditions, test results, and any other information required for provision of care.
We collect sensitive information through face-to-face consultations, phone calls, online forms, and other secure electronic means.
Use of Sensitive Information:
We use sensitive information solely for the purpose of providing healthcare services to our patients. This includes but is not limited to diagnosis, treatment planning, monitoring, and managing ongoing care.
Sensitive information may also be used for administrative purposes such as appointment scheduling, billing, and quality improvement activities.
We may use de-identified information for research and statistical purposes, ensuring that patients’ identities are protected.
Disclosure of Sensitive Information:
We only disclose sensitive information to other healthcare professionals and organisations involved in the provision of healthcare to our patients. Such disclosures are made on a need-to-know basis and with the patient’s consent, except in cases where the law requires or permits the disclosure without consent.
We may disclose sensitive information to government agencies, regulatory bodies, and insurers when required by law or for insurance claims and compliance purposes.
We do not disclose sensitive information to third parties for marketing or commercial purposes.
CHOOSING NOT TO PROVIDE PERSONAL DATA
You can choose not to provide us with any personal data. However, if you do this, we will not be able to provide you with any products or services, however, you can continue to use our Site and browse the pages of our Site.
TURNING OFF COOKIES
Our Site uses cookies and similar technologies to provide certain functionality to our Site. You can turn off cookies by activating the setting in your browser that allows you to do this. You can also delete cookies through your browser settings. If you do decide to turn off cookies, you can continue to use the Site, however, certain services may not work as effectively.
YOUR RIGHTS
You can exercise your rights at any time by contacting us via the contact us page on our Site.
ACCESSING INFORMATION WE HOLD ABOUT YOU
We will provide you with the information within 30 days of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we can’t comply with your request and why.
ACCESSING AND CORRECTING YOUR INFORMATION
You have the right to:
- Request access to your personal information.
- Request corrections if any information is inaccurate.
- Withdraw consent for non-essential data processing.
To make a request, contact info@embracepsychology.com.
OBJECTIONS TO USING DATA FOR PROFILING OR AUTOMATED DECISIONS
We may use your data to determine what products and services are relevant to you (e.g. tailoring our emails based on your behaviour). Otherwise, the only circumstances in which we will use this data is to provide our products and services to you.
In cases where we use automated systems to make decisions that may impact your rights or interests, we will ensure transparency. Our privacy policy outlines the types of personal data these systems use, the nature of the decisions being made, and the role these systems play in the decision-making process. You may contact us if you wish to know more about how these systems work or to request human review of any automated decision.
THE RIGHT TO BE FORGOTTEN
You have the right to request for your data to be erased. This means we have to delete all information that we hold about you, except to the extent of any information we are required to hold due to our legal obligations.
MAKING A COMPLAINT
If you have any complaints regarding how your data is handled, please contact us via our contact page [insert link]. If you are not satisfied with our response to your complaint, you may seek a review by contacting the Office of the Australian Information Commissioner (OAIC) via their website https://www.oaic.gov.au.
If you are located in the European Union and feel your data has been mishandled, you may lodge a complaint with your local data protection authority, which you can find through the European Data Protection Board (EDPB) at https://edpb.europa.eu/about-edpb/board/members_en.
Under Australian privacy laws, individuals may take legal action for serious invasions of privacy, including intrusion upon seclusion or misuse of private information. If you believe your privacy has been intentionally or recklessly breached, and the invasion is serious, you have the right to seek compensation or other remedies through the courts.
SECURITY OF THE DATA WE COLLECT
We take all reasonable steps to ensure that personal information is securely stored and protected against unauthorised access, modification, or disclosure.
Security measures include:
- Secure storage systems for client records (both digital and physical).
- Access controls to limit personal data access to authorised personnel only.
- Regular data security reviews to maintain best practices.
- Firewalls and encrypted electronic storage to protect sensitive information.
- Use of reputable third-party storage providers with appropriate security measures in place.
- Restricting access to personal information only to those who need to know.
- Using payment providers that comply with PCI DSS standards to ensure financial transaction security.
We do not store client payment details on our systems.
WHERE WE STORE DATA
We use service providers based in Australia.
HOW LONG WE STORE DATA FOR
We will retain your data for as long as it is reasonably necessary for the purposes for which it was collected, and as required by Australian law. The specific retention period will depend on your interactions with us. If you have made a purchase, we will keep a record of your purchase for the period necessary to fulfill our invoicing and tax obligations as mandated by Australian tax laws. Once we no longer require your information for the stated purposes, we will securely delete it or anonymise any data that is no longer necessary, in accordance with applicable Australian privacy regulations.
THIRD PARTIES WHO ACCESS YOUR DATA
We share data with third parties in the following circumstances:
- Other companies in our group of companies, as necessary to operate our Site
- Our suppliers and service providers working for us e.g. payment processors such as Stripe and Medipass
- Our professional and legal advisors
- Third party medical providers for the purposes of providing healthcare services and treatment
- Your personal and sensitive information (to the extent applicable) may also be disclosed to government bodies, such as Medicare and Centrelink, for the purposes of claiming and verifying healthcare benefits and entitlements
- Third parties engaged in fraud prevention and detection
- Law enforcement or other government authorities
- Share with third parties who enable us to provide our products and services which may include:
- payment processors such as Stripe, PayPal, Xero, who may process your payment for any products and services bought from us;
- Social media and analytics such as Facebook, Instagram and Google Adwords for purpose of custom audience generation and the development of targeting criteria;
Where we have your consent to do so or otherwise where we are legally permitted to do so.
PAYMENT SECURITY
While we do not process online payments through our website, we take data security seriously. Our payment methods include direct bank transfer or in-person payment, and we do not store credit card information.
We ensure that any financial transactions comply with industry standards, including the Payment Card Industry Data Security Standard (PCI DSS), to protect sensitive payment information when handled by third-party banking institutions.
AGE OF CONSENT
By using this site, you warrant that you are at least the age of majority in your State or Territory of residence. Our Site should not be used by anyone under the age of majority, and we do not knowingly collect data from anyone under the age of majority.
COOKIES AND HOW TO BLOCK THEM
Our Site uses cookies and similar technologies to provide certain functionality to our Site. “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. Cookies can also be used to analyse traffic and for advertising and marketing purposes. They do not harm your systems and the HELP function in your browser will tell you how to restrict or block the cookies.
You can turn off cookies by activating the setting in your browser that allows you to do this. You can also delete cookies through your browser settings. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. If you use browser settings to block all cookies, you may not be able to access all or parts of our Site.
WEB BEACONS
We may use web beacons (also known as clear gifs) on our website and in our emails. These enable us to track behaviours such as email opens and link clicks, as well as collect information like your IP address, browser type, or email client. This data helps us analyse and improve the performance of our email campaigns, ensuring we can provide you with services that better meet your needs. You can opt out of receiving emails from us at any time by clicking the “unsubscribe” link included in each email.
GOVERNING LAW
This Privacy Policy and your use of this Site is governed in all respects by the laws of Australia.
UPDATES TO OUR PRIVACY POLICY
Please make sure to check in on our Privacy Policy periodically, as we may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. We will always ensure that the current date of the Privacy Policy also known as the “Effective Date” is prominently displayed at the very top of this Privacy Policy, so you know it’s the latest version.