Privacy Policy

At Pelican Health Pty Ltd (ABN: 72 726 863 617), we are committed to protecting your privacy and ensuring your personal information is handled in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and the Health Records Act 2001 (Vic).

We provide healthcare services under the guidance of the Australian Health Practitioner Regulation Agency (AHPRA) and adhere to all obligations under the Australian Consumer Law.

1. Who We Are

Business Name: Pelican Health Pty Ltd

ABN: 72 726 863 617

Email: [email protected]

Phone: 0403 910 973

Website: www.pelicanhealth.com.au

2. Why We Collect Your Information

We collect and store your personal and health information to:

- Provide high-quality, personalised physiotherapy services

- Communicate with you about your care, bookings, or follow-ups

- Comply with legal obligations (e.g. Medicare, DVA, AHPRA, NDIS)

- Support you with tailored education, programs, or recommendations

- Improve our clinical services and client experience

3. What We Collect

We may collect the following information:

- Your full name, address, date of birth, contact details

- Referral information, Medicare or insurer details

- Clinical history and treatment notes

- Payment and billing information

- Booking history, consent forms, clinically relevant outcome measures and questionnaires, and communication preferences

- Website analytics (browser activity, time spent on site, device info)

4. How We Collect Information

We collect your data:

- Directly via online booking forms, intake forms, or phone/email

- During physiotherapy consultations or workshops

- When purchasing a product or registering for a program

- Via third-party tools used to manage communication and care

5. How We Store & Protect Your Information

- Clinical records are securely stored in Cliniko, which uses bank-grade encryption, automatic backups, secure user authentication, and two-factor login. Only authorised staff have access to your data.

- Appointment communication and messaging may be managed via Heidi Health, an AHPRA-compliant AI messaging assistant

- Payments are processed via Stripe and Tyro - no card data is stored by us

- Service updates or AHPRA-compliant marketing may be sent via Go High Level

- Accounting data is stored via Xero, and exercise programs via Physitrack

All systems are password protected, encrypted where applicable, and access is limited to authorised staff only. Paper documents are scanned and shredded within two weeks.

6. Disclosure to Third Parties

We do not sell or trade your information. Your data may be disclosed only:

- To your referring health practitioner with your consent

- When required by law (e.g. subpoena, mandatory reporting)

- To software providers we use under data protection agreements

- With explicit consent for referrals or co-treatment

Some third-party systems (e.g., Go High Level, Stripe) may store data overseas. We take all reasonable steps to ensure their compliance with privacy standards.

7. Your Rights

You may:

- Access your health or contact records upon request

- Update inaccurate or outdated information

- Withdraw consent for marketing communication

- Request correction or deletion of non-essential personal data

- Request your data be transferred to another provider

Requests must be made in writing and will be responded to within 30 days.

8. Marketing, Communication & Consent

You may receive:

- Appointment reminders (SMS/email)

- Birthday vouchers or welcome packs

- Optional service updates or health tips

You can opt in or out of non-clinical communication at any time via email or by replying STOP to any SMS.

9. Website Data & Cookies

Our website may use cookies and analytics tools (e.g. Google Analytics) to:

- Improve functionality

- Understand user preferences

- Monitor service performance

You can disable cookies in your browser settings.

10. Children's Information

We collect and store child health data only with explicit parental or guardian consent, and only when relevant to clinical care. Parents may request access to their child's records in writing.

11. Online Products, Programs & Refunds

Pelican Health offers digital products, exercise plans, and workshop access. By purchasing a product, you agree to our terms of use.

Digital downloads are non-refundable, except as required under Australian Consumer Law (e.g. faulty access).

Unused physical products may be returned within 14 days in saleable condition.

12. Security Breaches

In the unlikely event of a serious breach, we will notify:

- You, the affected client(s)

- The Office of the Australian Information Commissioner (OAIC) if legally required

We are committed to transparency and fast resolution.

13. Complaints & Contact

If you believe your privacy has been breached or your data mishandled, please contact us directly.

Contact:

Pelican Health Pty Ltd

Email: [email protected]

Phone: 0403 910 973

If we cannot resolve your concern, you may contact:

Office of the Australian Information Commissioner (OAIC)

Website: www.oaic.gov.au

Phone: 1300 363 992

14. Updates to This Policy

This policy is reviewed regularly to reflect legislative updates and service changes. The latest version will always be available on our website.