Manly Remedial ThaiManly Thai

Privacy policy

Effective May 2026. Reviewed annually.

1. About this policy

Manly Remedial Thai("we", "us") is bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we collect, use, store and disclose your personal and health information.

2. What we collect (APP 3)

  • Identity: name, email, phone, date of birth (if provided).
  • Health information: medical conditions, medications, allergies, injuries, pregnancy status, and treatment notes — collected only with your explicit consent and only where reasonably necessary for treatment.
  • Booking history and treatment records.
  • Technical data: IP address and device information, used for security and audit logging.

3. How we use it (APP 6)

  • To provide and manage your treatment.
  • To contact you about appointments, reminders, and follow-up.
  • To meet our legal and professional record-keeping obligations.
  • We do not use your health information for marketing.

4. Storage & security (APP 11)

Records are stored on Australian-based infrastructure (Sydney) with encryption at rest at the storage layer. Access is restricted to authorised staff by individual login and role, and every access to a health record is audit-logged. We retain treatment records for at least seven (7) years from the date of last service, in line with healthcare record-keeping standards in NSW.

5. Disclosure (APP 6, 8)

We do not share your treatment records with third parties (including health funds, GPs, or insurers) except with your written consent or where required by law.

Cross-border disclosure of limited contact data. To deliver booking-confirmation emails and SMS reminders we use third-party processors who may handle your name, email, mobile number and booking reference outside Australia: Resend (United States) for email and Twilio (United States) for SMS. These processors do not receive your health information. Your clinical and intake records are stored exclusively on Australian-based infrastructure (see Section 4).

6. Your rights — access, correction, deletion (APP 12, 13)

You can request to access or correct your records at any time from your client portal, or by emailing privacy@manlyremedialthai.com.au. We respond within 30 days. You may also request deletion subject to legal record-retention obligations.

7. Notifiable data breaches

If a data breach is likely to result in serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.

8. Complaints

Privacy complaints can be made to privacy@manlyremedialthai.com.au. If unresolved, you may escalate to the OAIC at oaic.gov.au.