Privacy Policy

Next Level Physiotherapy and Strength Studio
Last updated: February 2026

1. Our Commitment to Privacy

Next Level Physiotherapy and Strength Studio (“we”, “our”, “us”) is committed to protecting your privacy and managing your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

As a healthcare provider, we also collect and manage sensitive health information, which is afforded a higher level of protection under Australian law.

This Privacy Policy explains how we collect, use, store, disclose and protect your personal information.

2. What Information We Collect

We may collect the following types of information:

Personal Information

  • Name

  • Date of birth

  • Address

  • Email address

  • Telephone number

  • Emergency contact details

  • Payment and billing details

  • Medicare, DVA, NDIS or private health fund details (where applicable)

Sensitive Information (Health Information)

As a physiotherapy provider, we collect health information including:

  • Medical history

  • Injury history

  • Clinical notes and assessment findings

  • Treatment records

  • Referral letters and reports

  • Diagnostic imaging reports

  • Exercise programs and rehabilitation plans

Sensitive information is only collected with your consent or where required by law.

Website & Technical Data

When you visit our website, we may collect:

  • IP address

  • Browser type

  • Device information

  • Geographic location (general)

  • Pages visited

  • Time spent on site

  • Referring website

This data may be collected via cookies, analytics tools and advertising pixels.

3. How We Collect Your Information

We collect information in the following ways:

  • When you book an appointment

  • When you complete intake forms

  • During consultations and treatment

  • When you contact us via email, phone or website

  • When you subscribe to marketing communications

  • Through website cookies and analytics tools

Where reasonable and practicable, we collect information directly from you.

4. Why We Collect Your Information

We collect and use your information to:

  • Provide physiotherapy assessment and treatment

  • Develop rehabilitation plans

  • Communicate with you about appointments

  • Process payments and insurance claims

  • Provide reports to referrers (with consent)

  • Meet legal and regulatory obligations

  • Improve our services

  • Send marketing communications (only if you opt in)

We will not use your health information for marketing purposes.

5. Disclosure of Your Information

We may disclose your information to:

  • Referring doctors or healthcare providers (with consent)

  • Medicare, DVA, NDIS or private health insurers (where relevant)

  • Payment processors

  • Practice management software providers

  • IT and cloud storage providers

  • Legal or regulatory authorities where required by law

We do not sell or trade personal information.

Where we share information with third-party service providers, we take reasonable steps to ensure they comply with Australian privacy laws.

6. Overseas Disclosure

Some third-party providers (such as cloud-based booking or practice management systems) may store data on servers located outside Australia.

Where this occurs, we take reasonable steps to ensure appropriate data protection safeguards are in place.

7. Storage and Security

We take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification or disclosure.

Measures include:

  • Secure practice management software

  • Password-protected systems

  • Restricted staff access

  • Encrypted payment processing

  • Secure cloud storage providers

Credit card details are encrypted and processed securely. We do not store full card details on our servers.

8. Data Retention

As a healthcare provider, we are required to retain clinical records in accordance with Australian legislation.

Generally:

  • Adult health records are retained for a minimum of 7 years from the last date of service.

  • Records for patients under 18 are retained until the patient turns 25.

After this period, records may be securely destroyed.

9. Cookies, Analytics & Advertising

Our website uses cookies and similar technologies to:

  • Analyse website traffic

  • Improve user experience

  • Enable social sharing functionality

  • Deliver relevant advertising

We may use services such as:

  • Google Analytics

  • Google Ads

  • Meta (Facebook/Instagram) advertising

You can disable cookies through your browser settings, although this may impact website functionality.

10. Access and Correction

You may request access to your personal information at any time.

We may charge a reasonable administrative fee for providing copies of clinical records.

If you believe any information we hold about you is inaccurate, incomplete or outdated, please contact us and we will take reasonable steps to correct it.

11. Data Breaches

If a data breach is likely to result in serious harm, we will comply with the Notifiable Data Breaches Scheme and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) where required.

12. Complaints

If you believe we have breached your privacy rights, please contact us in writing.

We will investigate and respond within a reasonable timeframe.

If you are not satisfied with our response, you may contact:

Office of the Australian Information Commissioner (OAIC)
www.oaic.gov.au

13. Children

Our services are not directed to individuals under 18 without parental or guardian consent. Where we treat minors, consent is obtained from a parent or legal guardian unless otherwise permitted by law.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

15. Contact Us

Next Level Physiotherapy and Strength Studio
Varsity Lakes, Gold Coast
📧 info@nextlevelstrengthstudio.com
📞 0449 984 896
🌐 https://nextlevelstrengthstudio.com