Privacy Policy

Your Personal Information is Important

We comply with all applicable Australian privacy laws, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) introduced in March 2014. We have implemented company-wide practices and procedures to ensure compliance by all staff and contractors.

As a health service provider, we also recognise the sensitivity of health information. We apply the highest standards of care to the collection, storage, and handling of any health records, clinical notes, assessment reports, or personal health data that you share with us.

What Personal Information We Collect

The personal information we collect depends on the nature of your interaction with us. We may collect:

Personal and contact information

• Full name and date of birth
• Home address and residential location
• Email address and phone numbers (mobile and/or home)
• Emergency contact details

Health and clinical information

• Medical history, diagnoses, and health conditions
• Current medications and treating practitioners
• Functional capacity and mobility assessments
• Exercise physiology treatment notes and progress records
• Referral information from GPs, specialists, Support Coordinators, and Case Managers

Funding and service information

• NDIS participant number and plan details
• Home Care Package provider and funding details
• Medicare number (if applicable)
• Private health insurance details (if applicable)

Digital and website information

• IP address and browser type when visiting our website
• Pages visited and time spent on our website (via cookies and analytics tools)
• Enquiry and contact form submissions

How We Collect Your Information

We collect personal information in the following ways:

• Directly from you when you complete a referral form, intake form, or contact us via phone, email, or our website
• From referring parties such as NDIS Support Coordinators, Case Managers, GPs, specialists, or family members acting on your behalf
• From third-party funding bodies including the NDIS, My Aged Care, or Home Care Package providers
• During the delivery of Exercise Physiology services (clinical assessments, session notes, progress reviews)
• From our website via cookies and similar tracking technologies

Where possible, we will collect information directly from you. If we collect information from a third party on your behalf, we will notify you as soon as practicable.

How We Use Your Personal Information

We use your personal information for the following purposes:

• To deliver Exercise Physiology services tailored to your health and functional goals
• To communicate with you regarding appointments, progress, and service changes
• To prepare and submit service reports, progress notes, and correspondence to your referring practitioner or funding body
• To claim payment for services delivered through NDIS, Home Care Package providers, or private health insurers
• To fulfil our obligations under NDIS provider requirements and the Aged Care Quality Standards
• To improve the quality of our services and conduct internal training and quality reviews
• To respond to your enquiries submitted via our website or by phone
• To send you service updates, appointment reminders, or relevant information about Exercare (you may opt out at any time)
• For complaints handling and dispute resolution

We will not use your personal information for any purpose that is incompatible with the reason it was collected, unless you provide consent or as otherwise permitted by law.

Disclosure of Personal Information

We may share your personal information with third parties in the following circumstances:

• Your treating GP, specialists, or allied health practitioners (with your knowledge)
• NDIS-related parties including the NDIA, Support Coordinators, plan managers, and Support Workers
• Home Care Package providers and case managers involved in coordinating your care
• Medicare Australia or private health insurers for billing and claiming purposes
• Our third-party software providers including clinical management systems (such as Splose), cloud storage providers, and email platforms — all of whom are bound by confidentiality obligations
• Government bodies or regulatory authorities where required by law or as part of our mandatory reporting obligations

We will not sell, rent, or trade your personal information to any third party for marketing purposes.

There may be cases where personal information is stored or processed on cloud services held by third-party contractors who may maintain servers outside of Australia. Where this occurs, we take reasonable steps to ensure those parties comply with the APPs or equivalent privacy protections.

Accuracy and Security of Your Information

We take all reasonable steps to:

• Ensure that personal information we hold about you is accurate, complete, and up to date
• Protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure
• Implement appropriate physical, electronic, and procedural safeguards

Personal information is stored either electronically (using password-protected and encrypted systems) or in hard copy with restricted access. When personal information is no longer required, we destroy or de-identify it securely in accordance with our record-keeping obligations.

Client Consent for Social Media and Marketing

Exercare is committed to protecting the privacy of our clients in all marketing and social media activities. We may wish to use photographs, videos, or testimonials for promotional purposes on our website, social media platforms, or marketing materials.

To use any client image, video, or identifying testimonial, we have implemented the following policy:

• Clients will be informed of the potential use of their images or testimonials during onboarding or at the time of the request. Written consent will be obtained before any materials are used.
• Written consent will be obtained via a specific consent form or as part of our service agreement.
• Clients or their authorised representative may withdraw consent at any time by contacting us in writing. We will promptly remove any content for which consent has been withdrawn.
• We will only use images, videos, or testimonials that are appropriate, respectful, and that do not reveal identifying information (such as full name, address, or diagnosis) unless explicitly consented to.
• We will not post any content featuring a client without their prior written consent.
• We will keep a record of all consents obtained and review them periodically.

To request removal of any image or content, please contact us at: admin@exercare.com.au

Cookies and Website Analytics

Our website (exercare.com.au) may use cookies and similar tracking technologies to improve your browsing experience and understand how visitors use our site. Information collected may include your IP address, browser type, pages visited, and time spent on our website.

You may choose to disable cookies through your browser settings. However, some features of our website may not function as intended if cookies are disabled.

Accessing and Correcting Your Information

You have the right to access the personal information we hold about you and to request corrections if it is inaccurate, incomplete, or out of date.

To request access or correction, please contact our Privacy Officer using the details below. We will respond to all requests within a reasonable timeframe. In some circumstances, we may be unable to provide access — for example, where providing access would unreasonably impact another individual's privacy or where access is restricted by law. We will inform you if this is the case and explain why.

Complaints and Questions

If you have a complaint about the way we have handled your personal information, or if you have any questions about this Privacy Policy, please contact our Privacy Officer:

We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. The most current version will always be available on our website at exercare.com.au. We encourage you to review this policy periodically.