top of page
​​​
1. What is in this policy?

 

This policy covers all services and supports at COMO Therapy. It tells you

​

  • what information we might collect from you

  • how we might use your information

  • who we might share your information with

  • when we might use your details to contact you

  • what your rights are about your personal information

  • how we protect and store your personal and health information.

​

​

We make sure that your information is managed safely. We do this by making sure we follow Australian laws. This includes the Privacy Act 1998 (Commonwealth) and Australian Privacy Principles. 

​

We respect you and will keep all of the information that you give us private and confidential. We will do our best to communicate clearly with you in a way that you can understand.

​

We have kept these as easy as possible for you to read and understand. We will only update this when we need to make any changes or to comply with a new legal requirement.

​

​

When we say…

​​

  • “We”, “us” and “our” refers to COMO Therapy

  • “You” and “your” refers to you as a someone who is accessing our services.

​

​

2. What type of personal information do you collect?

​

We collect different types of information about you. This helps us to give you a service that meets your needs.

​

​

a. Personal details

​

We need to know some basic details about you and how to contact you. This includes your:

​

  • name

  • birthday

  • address

  • gender

  • phone number

  • email

  • information from the Government, such as Medicare or the NDIS (National Disability Insurance Scheme)

​

​

b. Health information

​

To provide you with a high quality service, we need to have some details about your health from you. This includes:

​

  • any medical information

  • disability information

  • information on what sort of supports you need 

​

​

c. Record keeping

​

As a health service, we need to keep accurate records and notes about you. This includes notes from:

​

  • your appointments and information about the services that we have given you.

  • any conversations that you may have with us in person, by email, or over the phone.

  • emails, online meetings, face to face meetings, and phone conversations with anyone that you have given us permission to speak to.

  • emails, meetings and phone conversations with anyone that we have to speak to by law.

  • photos and videos to help us with any assessments or managing your health. We will ask your permission before any photos or videos are taken.

​

​

d. Financial information

​

We need this information to make sure that we get paid. We might collect:

​

  • credit card details

  • debit card details

  • Plan Manager details

​

​

3. How we collect your personal information

 

We collect this in a number of ways, including:

​

  • through our website

  • when you contact us by email, phone, letter or fax

  • any forms that you fill out for us

  • in person

  • online videoconferencing, such as Zoom or MS Teams

  • from other people, such as the NDIS, your Support Coordinator, your GP or another professional who has referred you to us.

  • any events or forums.

  • Government Agencies.

  • other people or companies who help to pay for your services with us.

​

​

4. Why we collect your personal information

 

We collect your information for lots of reasons.

​

a. To give you the best service that we can

​

We want to:

​

  • make sure that we are the right service for you.

  • ensure that we have the right people working for us. This includes staff and volunteers.

  • make sure we are doing things right, such as paperwork, training, billing, and our computer systems.

​

​

b. To improve our service

​

We don't want to just be good. We want to do better. For us to do this, we:

​

  • may ask you to complete a survey - basically answer some questions about our service and what we can do better.

  • will complete audits - these are processes to make sure that we are doing things according to the law and the rules that we set ourselves.

​

We may also use some of your information that has been de-identified. This means that the information cannot be linked to you personally. We may use this information to:

​

  • help us with training and learning.

  • evaluate and review our services.

  • complete research.

​​

​

c. Communication reasons

​​

We may contact you to:

​

  • give you information about our services.

  • keep you up to date with our services, including any new services or changes to current services..

  • keep you up to date with any changes with support from the NDIS or about disability supports.

  • Answer any of your questions.

  • Resolve any complaints.

​

At COMO Therapy, we work together with everyone who supports you if you have given us permission. This helps us to give you the best support possible. We may contact others to give reports to:

​

  • other health professionals.

  • other support services.

  • anyone who pays for you to use our service.

​

​

d. Financial reasons

  • Process any payments for our services.

​
 

​​

e. Legal reasons:

​​

The law requires us to collect information as a health service. We must keep a record of our service with you, including:

  • information from your appointments.

  • conversations with you in person and on the phone.

  • emails.

  • conversations that we may have about you with other people and companies that you have said it is okay for us to speak to.

 

The law also requires to pass on certain information to Government Agencies or other companies if you have funding from them, such as reports.

​

If we are asked for any other legal reason to collect information from you, we will let you know first.

​

​

f. Research reasons

​

From time to time, we may participate in research activities. If we do, we may ask you if you want to participate. You have the right to say no.

​

​

g. Marketing and promotion reasons

​

COMO Therapy will promote its services on how we can help you and others through a number of ways. This may include:

  • events

  • forums

  • emails

  • letters

  • phone

  • SMS

  • social media

​

While this is a big help for us, you can opt out at any time.

​

​

h. Other reasons

​

There may be another reason to collect your information that has not been listed above. We will always make sure that we get your okay before collecting your information for any reason not listed above.

​

​

5. We use cookies​

 

a. What are cookies?

​

Cookies is a small text files that can transfer to your device when you use a service.

​

​

b. Why do we use cookies?

​

Cookies are used for tracking and to get information about what type of device you are using to access our services.

We record things like what sites you visit, your IP address (a unique number your device creates every time you connect to the internet). This helps us to do different things like:

​

  • remember information about you, like pre-filling out any forms for you to make things easier.

  • help us to understand who is accessing our website and using our services so that we can make things better.

  • help with making advertising more personal for you on our website and others.

​

​

c. You can control your cookies and tracking

​

There are some cookies that are strictly necessary that must be on when you visit us. Some cookies are for things like marketing, analytics, or make the website more personal for you.

​

You can control these through the privacy or security settings of your web browser, like Google Chrome or Internet Explorer.

​

​

6. Who will we pass on your information to?

 

We respect you and will keep all of the information that you give us private and confidential. This means that we will not pass on any information unless:

​

  • you have given us permission.

  • We are required by law to pass on information to others people, also known as third parties.

​

​

Other third parties may include:

​

a. A Government Agency, such as:​

​

  • the National Disability Insurance Agency (NDIA).

  • Medicare.

  • the Department of Social Services.

  • the Department of Health & Human Services.

  • the Australian Tax Office.

  • the police.

  • the Disability Services Commissioner.

​

​

b. Someone else who:

​

  • helps to pay for your services with us.

  • you have chosen to help you make decisions.

​

​

c. Companies that help with COMO Therapy including:

​

  • finance companies who support the processing of your payments.

  • information technology companies who support our computer and online systems.

  • companies that support any functions, conferences or events for us.

  • external business advisors.

  • marketing companies.

  • delivery companies.

  • equipment companies.

  • funding companies for us.

​

​

7. How we use and store your personal information

 

Your personal information can be on paper and stored in electronic databases.

 

a. We will do our best to:

​

  • keep all of your personal information accurate and up to date.

  • protect your information from anyone who might:

    • misuse it.

    • make inaccurate changes.

    • share it with others that you have not said okay to.
       

  • destroy or get rid of any of your personal information if we no longer need to legally keep it.

 

​

b. We will also make sure that we:

​

  • check all details before we send any emails, letters, or faxes to make sure it reaches the correct person.

  • keep any paper files in a locked cabinet.

  • check that we access your information in a safe space. This includes making sure that when we access your personal information, people who do not have your okay cannot see it.

  • keep your information secure when we are travelling to and from your appointments. This means our computers are password protected and we have a locked bag for any paper files.

  • only allow people who are supporting you to have access to your information.

  • safely get rid of any papers or information that we do not need.

 

​

8. Where we keep your personal information

 

We will do our best to keep your information as safe as possible. We do this by:

​

  • having website protection in place. This includes encryption, firewalls and anti-virus software.

  • restricting access to our computer and online systems with passwords.

  • limiting who has access to our main office.

  • making sure that only the people supporting you have access to your information.

  • making sure all staff are trained properly.

  • locking away any paper files that have your personal information either in our main office or in another secure place.

 

​

9. How long will we we keep your information for?

​

We keep information on all of our clients as long as they use our services.

​

If you no longer use our services, we will keep your information for at least 7 years when you finish with us, as required by law.

​

If the law tells us how long we need to keep your information for, we must follow this.

​

​

10. How will we get rid of your information?

​

We will make sure that we no longer need to keep your information.

​

Once we no longer need your information, we will:

​

  • place any paper files and documents into shredders or secure confidential bins.

  • delete all of your information from our electronic systems. This includes our computers and online system. It also includes electronic storage devices like hard drives, flash drives, and the cloud.

​

​

11. How we manage privacy incidents

​

a. What is a privacy incident?

​

A privacy incident is when someone accesses your personal information, but you have not said okay to this. This can happen to both paper or electronic records. If they do not have your okay, or a legal reason, they cannot:

​

  • read, copy or use your information.

  • change your information.

  • destroy your information.

​​

Examples of privacy incidents include: 

  1. the accidental download of a virus onto one of our computers

  2. discussing or sharing of personal information on a social networking website such as Facebook

  3. loss or theft of a portable storage device containing personal information, such as a laptop, hard drive or USB

  4. non-secure disposal of hard copies of personal information (i.e. placing readable paper in recycle bin or hard waste bin) 

  5. documents sent to the wrong address, fax number or email address 

  6. documents sent to a free web-based email account such as Yahoo!, Gmail or Hotmail. 

​

b. A privacy incident can happen

​

  • by accident.

  • by someone who deliberately accesses, changes or destroys your personal information.

  • due to problems with technology.​
    ​

c. How we manage privacy incidents

If we share your information without your okay, we will let you know as soon as we can. 

If someone reads or uses your information without your okay, we will let you know as soon as we can. 

  

We follow the Notifiable Data Breaches scheme to make sure that your information is protected. We make sure that we:

​

  • understand and know what a privacy incident is.

  • train our staff to know when to report a privacy incident.

  • educate our staff to know why it is important to report a privacy incident.

  • report all related client privacy incidents within one working day. We will report to the:

    • NDIS Commission​.

    • Office of Australian Information Commissioner.

​

We also have an Incident Management and Reporting Policy. We have created these rules to help with managing any privacy incidents.

​

​

12. Your rights​

 

You are in control of your personal information.

​

You have the right to ask us:

  • for a copy of your personal information that we have in our records.

  • to change, update, or delete your personal information.

  • to send or not send your personal information to certain people or companies.

  • to make sure that we are giving you or changing the information you want.

  • not to use your personal information for marketing or research.

​

While we will try our best, we might not always be able to help. The law may also say whether we cannot make such changes.

 

As a health service, we need access to certain personal information to be able to provide you with our services and supports. If you do not want us to collect or use your personal information, we may not be able to help you.

​

​

13. How you can contact us or make a complaint

​

We want to hear from you and answer any questions you may have!

You always come first and we will not treat you differently just because you tell us that you are not happy with how we have managed your personal information. It is really important and helps us to do better.

 

If you want to ask us something or tell us how we can improve. You can:

​

​

If you make a complaint, we will get back to you within 3 days of receiving your complaint. we will also send you a copy of our Feedback and Complaints Policy so that you understand your rights and our Complaints Process.

​

​

​

​

Privacy Policy

bottom of page