GROUNDED MOVEMENT PRIVACY POLICY
Effective Date: 16 November 2019
Last Updated: 30 March 2026
- About Us
Grounded Movement is a physiotherapy and clinical Pilates studio committed to protecting your privacy and handling your personal and health information with care, integrity, and professionalism.
This Privacy Policy outlines how we collect, use, disclose, and manage your personal and health information in accordance with applicable privacy laws.
Contact Details:
Grounded Movement
Email: info@groundedmovement.com.au
Phone: (03) 9571 6977
Website: www.groundedmovement.com.au
- The Information We Collect
We collect personal and health information necessary to provide safe, effective, and appropriate care.
Personal Information:
-
-
- Name, date of birth, address, phone number, email
- Emergency contact details
- Occupation and relevant lifestyle information
-
Health Information (Sensitive Information):
-
-
- Medical history and current conditions
- Injury details and clinical notes
- Assessment findings, treatment plans, and progress records
- Reports or referrals from other healthcare providers
-
Administrative and Financial Information:
-
-
- Appointment history
- Billing and payment information
- Private health insurance details (if applicable)
-
- How We Collect Information
We collect information through:
-
-
- Client registration forms (paper and digital)
- In-person consultations and assessments
- Phone, email, and website interactions
- Referring practitioners or other healthcare providers (with your consent)
- Practice management systems and booking platforms
-
- Why We Collect Your Information
We collect, use, and hold your information to:
-
-
- Provide physiotherapy and clinical Pilates services
- Assess, diagnose, and manage your condition
- Communicate with you regarding appointments and care
- Communicate with other healthcare providers involved in your treatment
- Process payments and manage accounts
- Comply with legal, regulatory, and professional obligations
-
If you choose not to provide requested information, we may be unable to provide appropriate care or services.
- Use and Disclosure of Information
We may use and disclose your information in the following circumstances:
Healthcare Provision:
-
-
- To practitioners within Grounded Movement involved in your care
- To external healthcare providers (e.g. GP, specialist, radiology providers) where clinically appropriate
-
Business Operations:
-
-
- Booking and practice management systems
- Payment processing providers
- IT service providers and administrative support systems
-
Legal and Regulatory Requirements:
-
-
- Where required or authorised by law (e.g. subpoenas, mandatory reporting obligations)
-
We take reasonable steps to ensure third parties handle your information in accordance with privacy laws.
- Payment Information
We may collect and securely store your payment details (including credit or debit card information) via our third-party practice management system, Mindbody.
Payment details are used for the purpose of:
-
-
- Processing payments for services provided
- Charging applicable fees in accordance with our Cancellation and No-Show Policy
-
We do not store full credit card details on-site. Payment information is managed securely by our third-party provider in accordance with industry security standards.
- Overseas Disclosure
Some third-party service providers we use (such as cloud-based practice management or communication systems) may store or process personal information outside Australia.
Where this occurs, we take reasonable steps to ensure that these providers handle your information in a manner consistent with Australian privacy laws.
- Data Storage and Security
Your information is stored securely in electronic and/or physical formats.
We take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification, or disclosure, including:
-
-
- Secure, password-protected systems
- Restricted staff access based on role
- Secure storage of physical records
- Use of reputable, compliant software systems
-
- Anonymity and Pseudonymity
Due to the nature of healthcare services, it is generally not practical for clients to remain anonymous or use a pseudonym when receiving treatment.
- Access and Correction of Information
You have the right to:
-
-
- Request access to your personal and health information
- Request correction of inaccurate, incomplete, or outdated information
-
Requests can be made by contacting us using the details below. We will respond within a reasonable timeframe.
- Retention of Information
We retain health records in accordance with legal and professional requirements, including:
-
-
- A minimum of 7 years from the date of last service
- For minors, until at least age 25
-
Records may be retained longer where clinically appropriate or required by law.
- Marketing and Communications
We may contact you via SMS or email for:
-
-
- Appointment reminders
- Administrative communications
- Information relevant to your care
-
We will only send marketing or promotional communications where you have consented to receive them. You may opt out at any time.
- Data Breach Management
In the event of a data breach, we will take reasonable steps to:
-
-
- Contain and assess the breach
- Mitigate potential harm
- Notify affected individuals where required
- Comply with obligations under the Notifiable Data Breaches scheme
-
- Privacy Complaints
If you have concerns about how your information has been handled, please contact us:
Email: info@groundedmovement.com.au
We will respond promptly and aim to resolve your complaint in a fair and reasonable timeframe.
If you are not satisfied with our response, you may contact:
-
-
- Office of the Australian Information Commissioner (OAIC)
- Health Complaints Commissioner (Victoria)
-
- Updates to This Policy
We may update this Privacy Policy from time to time. The most current version will always be available on our website.