At Unlock Health, we care deeply about your privacy. Whether you’re booking an appointment, reading our blog, or engaging with us through Facebook or Google ads, we’re committed to protecting your personal information, being transparent about how we use it, and complying with Australia’s Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

To make this policy easy to follow, here are some key terms:

• Personal Information means any information that identifies you or by which your identity could reasonably be ascertained (e.g., name, email, date of birth).
  
• Sensitive Information means health information, genetic information, and other information requiring a higher level of protection under the APPs.
  
• Processing means the collection, storage, use, disclosure, or destruction of Personal or Sensitive Information.
  
• Service Providers are third-party companies we engage to support our services (e.g., booking software, payment processors, email platforms).
  
• Cookies are small data files placed on your device to help us recognize returning users, remember your preferences, and analyze site usage.

We collect different types of information to help us provide the best possible care and service.

• Basic Information such as your name, email, phone number, and date of birth is collected so we can identify you, schedule and confirm appointments, and communicate effectively.
  
• Health Information including your reason for visit, treatment history, and symptoms is collected to deliver safe and effective chiropractic care, as well as to meet our record-keeping and compliance obligations.
• Online Information such as your IP address, device type, browser, and pages visited helps us understand how our website is used, improve its functionality, and protect against fraudulent activity.
• Advertising Data such as your interactions with our ads on platforms like Facebook, Instagram, or Google allows us to run targeted and relevant marketing campaigns but only with your consent for any promotional messaging.

Collection Methods: You provide us information when you book or complete forms on our site; we also collect info through cookies, website analytics, and advertising pixels.

Under the APPs, we rely on one or more of the following:

• Consent: For marketing communications and any processing of Sensitive Information beyond direct care.
  
• Performance of a Contract: To provide chiropractic services you’ve requested.
  
• Legal Obligation: To retain clinical records for the period required by NSW health regulations.
  
• Legitimate Interests: To improve our website, secure our systems, and prevent fraud—always balanced against your privacy rights.

We use cookies and similar technologies to enhance your browsing experience and measure our marketing effectiveness.

1. Essential Cookies: Required for site functionality (e.g., booking forms).
   
2. Performance & Analytics Cookies: Help us understand site usage via Google Analytics.
   
3. Advertising Cookies: Enable remarketing campaigns on Facebook and Google Ads.
   

You can manage or block cookies at any time via your browser settings or by visiting our Cookie Preference Centre.

We keep your information only as long as necessary:

• Clinical & Appointment Records: Minimum of 7 years (per NSW regulations).
  
• Marketing Consents & Preferences: Until you withdraw consent or request deletion.
  
• Website Analytics Data: Aggregated/de-identified after 24 months.
  

Once retention periods expire, records are securely destroyed or de-identified.

We only share your Personal Information with trusted Service Providers who:

• Support our booking, payment, or email services.
  
• Are bound by strict confidentiality and data-security obligations.
  

Some providers operate overseas (e.g., cloud storage). Any transfer outside Australia is protected by standard contractual clauses or equivalent safeguards to ensure your data remains secure under standards as strict as the APPs.

We implement administrative, technical, and physical safeguards—such as SSL/TLS encryption, access controls, and regular staff training—to protect your data.

Breach Response: In the unlikely event of a data breach, we will:

1. Notify affected individuals without undue delay, and
   
2. Report the breach to the Office of the Australian Information Commissioner (OAIC) within 30 days, as required by law.

You have the right to:

• Access the Personal Information we hold about you.
  
• Correct any errors or update your details.
  
• Erase your data (where legally permitted).
  
• Withdraw Consent for marketing at any time.
  

To exercise these rights or if you have a privacy complaint, please contact our Privacy Officer:

Email: privacy@unlockhealth.com.au
Phone: 02 4862 1999
We aim to respond to all requests and complaints within 30 days. If you remain dissatisfied, you may escalate to the OAIC: www.oaic.gov.au.

If we collect information about patients under 18, we will obtain consent from a parent or legal guardian before any Sensitive Information is processed.

We may update this policy from time to time. When we do, we will:

1. Post the revised policy here with a new version number and effective date.
2. Notify you via email or a banner on our website if changes are significant.