The Mind Body Practice Pty Ltd, ABN 22631025440 (“us”, “we”, or “our”) recognises the importance of your privacy and respects your right to control how your Personal Information is collected and used. We are an Australian Privacy Principles Entity (an “APP Entity”) as defined in the Privacy Act 1988 (Cth) (the “Act”) and have a responsibility to manage your Personal Information. We are also a Health Service Provider under the Health Records and Information Privacy Act 2002 (NSW) (“NSW Law”), which regulates how we collect, hold, use, disclose, store and allow access to health information.

​

Compliance with the Australian Privacy Principles etc.

This Privacy Policy (“Privacy Policy”) is aligned with the Australian Privacy Principles as set out in the Act and the Health Privacy Principles as set out in the NSW Law and describes the way that we may collect, access, use and disclose personal information.

​

In this Privacy Policy:

​

“Personal Information” means any information that may identify you, or by which your identity might be reasonably determined. The information you provide us may include, amongst other things, your name, address, email address, and phone number and for the purposes of this Privacy Policy includes Sensitive Information where the context requires.

​

“Sensitive Information” includes, but is not limited to, any Personal Information about your sexual preference or practices or health information such as information about your health, illness, disability or injury. It also includes your expressed wishes about the future provision of healthcare services, or a healthcare service provided or to be provided to you.

​

Collection

The purpose for which we collect Personal Information is to provide you with the best healthcare service experience possible. Some provision of Personal Information is optional. However, if you do not provide us with certain types of Personal Information, we may not be able to provide our healthcare services to you.

​

To provide our healthcare services to you, we may collect Personal Information such as your contact details, including your name, email address, telephone number, your business or company name and your payment and billing information, which we use to bill you for the healthcare services and to process your payments.

​

We collect this information directly from you, when you complete our intake and consent forms, undertake assessments, create a patient account through our online platforms, participate in consultations (in-person or via telehealth) or communicate with us via email or phone. We also collect this information via our employees, agents, and other third parties or through the deployment of third-party AI products and services (such as Heidi AI) which we use to assist us in recording and transcribing our sessions with you.

​

 We will only collect information from third parties such as general practitioners, specialists, hospitals, aged care facilities, NDIS support coordinators, family members, other health providers, government agencies, insurers and legal representatives where it is unreasonable or impracticable to collect it from you and permitted by law. Depending on the nature of your referral, we may also collect forensic, educational, and employment-related information where relevant.

​

We may also collect personal identifiers or information such as Medicare identifier, information directly and indirectly related to provision of healthcare services and details of conversations we have had with you or any other information relevant to us.

An identifier is a unique number assigned to an individual to identify them. Identifiers include Medicare Numbers and Tax File Numbers. We will not adopt, as our own, any of your identifiers or use or disclose an identifier which has been assigned to you by a government agency, unless permitted by law.

​

We automatically collect information that is often not personally identifiable, such as the website from which you came to our website https://www.mindbodypractice.com.au/ (“Site”), IP address, browser type and other information relating to the device through which you accessed the Site. We may combine this information with the Personal Information we have collected about you.

​

Access, Use and Disclosure

We will treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. Your Personal Information is only accessible by our employees and contractors (such as allied health professionals and administrative staff) on a strict-needs basis and on a strictly confidential basis.

​

Personal Information collected by us will generally only be used and disclosed for the purpose it was collected. This includes maintaining your contact details and clinical records, providing you with our healthcare services and processing payments and managing billing. We may disclose your Personal Information to third-party service providers who perform functions on our behalf (e.g. IT services, payment processing, call recordings) and to third-party AI service providers whom we engage to record, transcribe and analyse our sessions. We take steps to ensure the recipients of such information comply with the APPs in relation to the information, by including relevant contractual provisions.

​

We may, from time to time, use Personal Information for another purpose where it would be reasonably expected by you or if permitted by legislation, including to effectuate or enforce a transaction, procuring advice from legal and accounting firms, auditors and other consultants. We may also disclose your Personal Information in circumstances where we are compelled by Australian legislation or a court of law to do so.

​

We do not sell your Personal Information. We may, however, use deidentified or aggregated information for quality improvement, training, case studies, research, service development, or to help improve our services. This will only occur with your consent or where permitted by law.

​

From time to time, provisional students on placements may access case materials for training or university requirements. In these cases, consent will first be obtained and information will be de-identified where possible. Students are bound by confidentiality requirements and will only access information under supervision and for approved educational purposes.

 

We may use transcription technology to assist with efficiently managing inquiries during phone calls with our administrative staff. Your phone calls with admin may be recorded for quality and training purposes only. This information remains confidential and will not be used for any other purpose. In the event that we sell our business, or engage in a transfer, merger, restructure or change of control or other similar transactions, customer information (containing Personal Information) is generally one of the business assets that forms part of the transaction. Your Personal Information may be subject to such a transfer. In the unlikely event of insolvency, Personal Information may be transferred to a trustee or debtor in possession and then to a subsequent purchaser.

​

We may provide Personal Information to other healthcare service providers, such as your allied health professionals, general practitioner and specialist medical practitioners. We will only supply this information with your consent, or in circumstances where it is required for the delivery of healthcare services, such as referral to another healthcare service provider, billing and liaising with government offices regarding Medicare entitlements and payments, where it is necessary to prevent or lessen a serious threat to a patient’s life, health or safety, or other reason as permitted by law.

​

Telehealth Consultations

We offer telehealth consultations via secure video conferencing or phone platforms. While we use secure platforms to protect your privacy, there are still potential risks associated with telehealth, such as technical difficulties. You can ask your psychologist about these risks before your consultation.

​

Your Access and Accuracy of Personal Information

You can access and/or correct information we hold about you at any time by contacting us at admin@mindbodypractice.com.au. We encourage you to contact us to keep your Personal Information accurate and up to date. We will respond to your request for Personal Information, or to correct Personal Information, within a reasonable time or as otherwise required by law. You will not be charged for requesting access, but we may charge a reasonable administration fee to cover the costs of responding to your request, for example, where Personal Information is held in storage, subject to applicable laws and regulations. If required by law or where the information may relate to existing or anticipated legal proceedings, we may deny your request for access to your information. We will respond to your request, setting out the reasons for our refusal in writing.

​

Storage and Security

We will take reasonable steps to protect your Personal Information from misuse, loss, unauthorised access and modification or disclosure. We use commercially reasonable physical, technical, and administrative measures to protect Personal Information that we hold, including, where appropriate, password protection, encryption, access controls, staff training, and SSL to protect our Site. Despite taking appropriate measures to protect your Personal Information used and collected by us, please be aware that no data security measures can guarantee 100% security all the time. We cannot guarantee the security of any information transmitted to us via the internet and such transmission is at your risk. If we no longer require the use of your Personal Information, we will take reasonable steps to destroy or permanently de-identify it unless we are otherwise required by law.

Personal Information may be stored electronically on our local server and by way of back up on a secure third-party server/data centre, located in Australia, or in physical storage at our practice or third-party secure storage facilities (e.g. on paper). We may also transfer your Personal Information to third parties located in other countries including our related entities or employees, external healthcare service providers such as administration providers or information technology providers such as cloud storage and data processing. We only transfer information where we reasonably believe that the recipient is legally or contractually bound to principles that are substantially similar to the Australian Privacy Principles. We take steps to ensure the recipients of such information comply with the APPs in relation to the information, by including relevant contractual provisions.

​

We retain records for a minimum of 7 years after your last contact with us, or for clients under 18 years of age, for a minimum of 7 years after they turn 18.

​

We maintain a Data Breach Response Plan consistent with the Notifiable Data Breach (NDB) Scheme. If an eligible data breach occurs, we will notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with the law.

​

Anonymous Health Care

You may request to remain anonymous when you seek healthcare services from us. While we endeavour to comply with any request to use our healthcare services anonymously or using an alias, there may be circumstances in which it is unlawful, dangerous or impracticable to do so. For instance, we cannot provide Medicare rebates or access to Veterans Affairs entitlements without properly identifying you.

​

Third-party websites

At times, our Site may contain links to other third-party websites. Any access to and use of such linked websites is not governed by this Privacy Policy, but, instead, is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites. You should access and read those privacy policies to satisfy yourselves about their compliance with the APPs.

​

Marketing emails

We may send you direct marketing emails and information about healthcare services that we consider may be of interest to you. These communications will only be sent via email and in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth) as you consented to upon registering for our healthcare services. If, at any time, you would like to stop receiving these promotional emails, you may follow the opt-out instructions contained in any such email (e.g. by clicking “Unsubscribe”). Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails or promotions from us, we still may send you email about your account, your account or any healthcare services you have requested or received from us, or for other customer healthcare service purposes. We do not provide your Personal Information to other organisations for the purposes of direct marketing.

​

Consent to international transfer

We may transfer your Personal Information to third parties located in other countries including our related entities or employees, external healthcare service providers such as administration providers or information technology providers such as cloud storage and data processing. We only transfer information where we reasonably believe that the recipient is legally or contractually bound to principles that are substantially similar to the Australian Privacy Principles.

​

Changes to this policy

We may change this Privacy Policy from time to time. Any updated versions of this Privacy Policy will be posted on our Site. Your continued use of any of our Site and healthcare services constitutes your acceptance and understanding of the Privacy Policy as in effect at the time of your use. This Policy is current as of 24th November 2025.

​

Complaints and Enquiries

If you have any questions or complaints regarding privacy, or if at any time you believe we may have wrongfully disclosed your Personal Information or breached our Privacy Policy, please contact us at 02 8091 7867 or lodge your complaint in writing to:

Name: Dr Shilpa Madiwale

Role: Director of Mind Body Practice

Address: Suite 315, Level 3, 29-31 Lexington Drive, Bella Vista NSW 2153

or via email at admin@mindbodypractice.com.au.

​

If you are not satisfied with our response, you are entitled to contact the Office of the Australian Information Commissioner, by phoning 1300 363 992 or writing to the Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 1042. You are also entitled to contact the NSW Privacy Commissioner via email at ipcinfo@ipc.nsw.gov.au, or by phoning 1800 472 679.

​

Updated Monday, 24 November 2025.