16 Daniel Street

Nambour QLD

0405 091 882

Call us

07 3740 4701

Facsimile

Login portal

Clients, GPs, and QAS

WEBSITE PRIVACY POLICY

Mindful Therapy Psychology Services
www.mindfultherapy.com.au

Effective Date: November 21, 2025
Last Updated: November 21, 2025

 

INTRODUCTION

Mindful Therapy Psychology Services (‘we’, ‘us’, ‘our’) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose and protect your personal information when you visit our website www.mindfultherapy.com.au and use our services. This policy applies to all website visitors, prospective clients, and current clients.

We are bound by the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and professional obligations under the Psychology Board of Australia (APHRA) standards and the APS Code of Ethics.

WHAT INFORMATION WE COLLECT

Website Visitors

When you visit our website, we may collect:

  • Technical information: IP address, browser type, device type, operating system, pages viewed, time spent on pages, referring website
  • Cookies and analytics: We use cookies and similar technologies for website functionality and analytics (see ‘Cookies’ section below)
  • Contact form submissions: Name, email address, phone number, message content if you submit an inquiry through our website

Prospective and Current Clients

If you become a client, we collect additional information as detailed in our TeleHealth Agreement, including:

  • Personal details: Name, date of birth, contact information, emergency contacts, Medicare number
  • Health information: Mental health history, assessment results, treatment notes, diagnoses
  • Financial information: Payment card details (stored securely through Medipass), Medicare information
  • Session information: Video session recordings are NOT stored; technical metadata about sessions may be logged by our platform provider

HOW WE USE YOUR INFORMATION

Website Visitors

We use website visitor information to:

  • Improve website functionality and user experience
  • Analyze website traffic and usage patterns
  • Respond to inquiries submitted through contact forms
  • Ensure website security

Clients

We use client information to:

  • Provide psychological assessment and treatment services
  • Maintain clinical records as required by APHRA standards
  • Process Medicare claims and payments
  • Communicate with your GP (if you provide written consent and have a Mental Health Care Plan)
  • Fulfill legal obligations (e.g., mandatory reporting)
  • Send appointment reminders and administrative communications
  • Notify you about private practice resources that are available to you

HOW WE PROTECT YOUR INFORMATION

Security Measures

We implement appropriate technical and organizational security measures:

  1. Clinical Records: Stored in Cliniko practice management software with AES-256 encryption, daily backups, password protection, and two-factor authentication
  2. Telehealth Platform: Coviu platform provides encrypted video sessions with data stored in Australian servers, compliant with Australian privacy laws. Session recordings are NOT stored.
  3. Payment Processing: Medipass provides secure payment processing with PCI DSS compliance. We do not directly store full credit card numbers.
  4. Website Security: SSL/TLS encryption for all website communications
  5. Access Controls: Only Cameron Aggs (psychologist) and Milani (administrative assistant with confidentiality agreement) have access to clinical information

Email Communication

Email is not a completely secure form of communication. While we use standard email encryption where possible, we recommend not sending sensitive health information via email unless necessary. Administrative communications (appointment reminders, payment requests) are sent via email or SMS.

WHO WE SHARE YOUR INFORMATION WITH

With Your Consent

We will only share your information with your explicit written consent, including:

  • Your GP (required for Medicare Mental Health Care Plans)
  • Other healthcare providers you request we communicate with
  • Third parties you authorize (e.g., WorkCover, NDIS, insurance companies)

Required by Law

We may disclose information without your consent when:

  • Required by court order or subpoena
  • Mandatory reporting obligations (suspected child abuse under Queensland law)
  • Serious and imminent risk of harm to yourself or others
  • Authorised by privacy legislation

Service Providers

We use third-party service providers who may access your information:

  • Cliniko (practice management – Australian company, data stored in Australia)
  • Coviu (telehealth platform – Australian company, compliant with privacy laws)
  • Medipass (payment processing – Australian company, PCI DSS compliant)

All service providers are bound by confidentiality obligations and Australian privacy laws.

Professional Supervision

Cameron discusses cases in professional supervision with colleagues for quality assurance and professional development. Client identifying information is not disclosed in supervision discussions.

COOKIES AND TRACKING

What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us provide better functionality and understand how our website is used.

Types of Cookies We Use:

  1. Essential Cookies: Required for website functionality (e.g., security, session management). These cannot be disabled.
  2. Analytics Cookies: Help us understand website usage through Google Analytics (if used). These collect anonymized data about page visits, time on site, and navigation patterns.
  3. Preference Cookies: Remember your settings and preferences for future visits.

Managing Cookies:

You can control cookies through your browser settings. Disabling cookies may affect website functionality. For information on managing cookies, visit: www.aboutcookies.org

YOUR RIGHTS

Under the Privacy Act 1988, you have the right to:

  • Access: Request access to your personal information we hold
  • Correction: Request correction of inaccurate or incomplete information
  • Complaints: Lodge a complaint about how we handle your information
  • Withdrawal: Withdraw consent for certain uses of your information (where consent is the basis for processing)

Accessing Your Records:

Clinical notes are Cameron’s property as the treating psychologist, but you have the right to view them by arrangement. Cameron does not provide clinical notes for legal purposes unless required by subpoena. Access requests should be made in writing to cameron@mindfultherapy.com.au. We will respond within 30 days.

DATA RETENTION

Clinical Records: Retained for minimum 7 years after last session as required by APHRA standards. In some cases (e.g., child clients), records may be retained longer.

Website Data: Contact form submissions retained for 2 years unless you request earlier deletion. Analytics data is anonymized and retained indefinitely.

Financial Records: Retained for 7 years as required by Australian tax law.

CHILDREN’S PRIVACY

Our website is not directed at children under 14. We do not knowingly collect personal information from children through our website. Cameron provides services to adolescents aged 14+ with appropriate parental consent where required.

INTERNATIONAL TRANSFERS

Your personal information is stored on servers in Australia. We do not transfer your information overseas. All service providers we use store data within Australia or are subject to Australian privacy laws.

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. The updated version will be posted on our website with a revised ‘Last Updated’ date. Significant changes will be notified to current clients via email. Continued use of our website or services after changes indicates acceptance of the updated policy.

CONTACT INFORMATION

For questions, concerns, or requests regarding this Privacy Policy or your personal information:

Email: cameron@mindfultherapy.com.au
Phone: 0405 091 882
Fax: 0737404701
Response Time: We aim to respond to all privacy inquiries within 5 business days

COMPLAINTS PROCESS

If you believe we have breached your privacy:

  1. Contact us first using the contact details above. We will investigate and respond within 30 days.
  2. If you’re not satisfied with our response, you can lodge a complaint with:
    • Office of the Australian Information Commissioner (OAIC) – Phone: 1300 363 992 – Website: www.oaic.gov.au
    • Psychology Board of Australia (APHRA) – Phone: 1300 419 495 – Website: www.psychologyboard.gov.au
  3. You also have the right to lodge a complaint with these bodies directly at any time.

This Privacy Policy complies with: • Privacy Act 1988 (Cth) • Australian Privacy Principles • APHRA Professional Standards • Psychology Board Code of Ethics