top of page

Privacy Policy

​​​​Last updated: 10 January 2026

Kirin Acupuncture Wellness is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

1. About This Policy

This policy applies to all personal information collected by Kirin Acupuncture Wellness, whether through our website, in-person consultations, phone, email, or other communication channels. We are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

Contact Details:

  • Practice Name: Kirin Acupuncture Wellness

  • Email: [insert email]

  • Phone: [insert phone]

  • Address: [insert address]

2. What Information We Collect

We only collect personal information necessary to provide healthcare services and manage our practice operations. This may include:

 

Personal Details:

  • Full name, date of birth, gender

  • Contact details (phone, email, residential address)

  • Emergency contact information

  • Health fund details and Medicare information (where applicable)

Health Information:

  • Medical history and current health conditions

  • Medications, supplements, and allergies

  • Previous treatments and healthcare providers

  • Lifestyle factors (diet, exercise, sleep patterns, stress levels)

  • Symptoms, diagnoses, and treatment plans

  • Clinical notes and treatment records

  • Pathology results and imaging reports (where relevant)

 

Administrative Information:

  • Appointment booking details

  • Payment and billing information

  • Communication preferences

  • Referral source

 

Website Usage Data:

  • IP address, device type, browser information

  • Pages visited and time spent on site

  • Cookies and similar tracking technologies

3. How We Collect Your Information

Information is collected when you:

  • Book an appointment (online, by phone, or in person)

  • Complete patient intake forms or consent documentation

  • Attend consultations and receive treatment

  • Communicate with us via phone, email, or social media

  • Subscribe to newsletters or educational content

  • Visit our website (through cookies and analytics tools)

  • Engage with our digital advertising

In some cases, we may collect information from:

  • Your referring healthcare provider (with your consent)

  • Your health fund or Medicare

  • Other treating practitioners involved in your care (with your consent)

  • Your legal representative or guardian (where you lack capacity)

We will always inform you when we collect your personal information and obtain your consent where required by law.

 

4. Why We Collect and Use Your Information

We collect and use your information to:

  • Provide acupuncture and complementary healthcare services

  • Maintain accurate and complete health records

  • Communicate with you about appointments, treatment plans, and health matters

  • Process payments and manage billing, including health fund claims

  • Fulfill our legal and professional obligations

  • Conduct quality assurance and improve our services

  • Manage complaints and provide customer support

  • Send educational content, health tips, or practice updates (only with your consent)

  • Comply with reporting requirements to professional bodies and regulators

 

5. Right to Anonymity or Pseudonym

You have the right to interact with us anonymously or using a pseudonym for general inquiries. However, for clinical services, we require accurate identification to:

  • Maintain proper medical records

  • Ensure your safety and provide appropriate care

  • Meet our legal and professional obligations

  • Process health fund claims and Medicare billing

6. Disclosure of Your Information

Your personal information will never be sold. We only disclose it when:

 

With Your Consent:

  • To other healthcare providers involved in your care (e.g., your GP, specialists, allied health professionals)

  • To your health fund for claims processing

  • To your nominated emergency contact or family members (where appropriate)

 

Required or Authorized by Law:

  • In response to a subpoena, court order, or legal process

  • To professional registration bodies or regulatory authorities

  • When mandated by public health reporting requirements

  • To prevent serious threat to life, health, or public safety

 

For Practice Operations:

  • To secure booking and practice management systems (e.g., Cliniko)

  • To payment processors for transaction processing

  • To email and communication platforms (e.g., Mailchimp)

  • To professional supervisors or consultants for clinical guidance

  • To insurers for professional indemnity purposes

 

All third-party service providers are carefully selected and required to comply with the Privacy Act and maintain appropriate security measures.

We do not disclose personal information to overseas recipients unless specifically required for your care (e.g., international pathology processing) and will ensure equivalent privacy protections apply.

 

7. Data Security and Storage

Your information is stored securely using:

  • Electronic Records: Password-protected, encrypted systems with restricted access limited to authorized staff

  • Practice Management Software: Cliniko (cloud-based, APP-compliant platform)

  • Physical Records: Securely stored in locked cabinets with controlled access

  • Communication Platforms: Encrypted email and messaging systems

  • Data Backups: Regular secure backups to prevent data loss

 

Security Measures:

  • Multi-factor authentication on all systems

  • Staff training on privacy and confidentiality obligations

  • Confidentiality agreements for all staff and contractors

  • Regular security audits and updates

  • Incident response protocols for data breaches

 

Data Retention: We retain health records for a minimum of 7 years from your last consultation, or until a minor patient turns 25 years of age, in accordance with legal requirements. Records are securely destroyed or permanently de-identified when no longer required.

 

8. Website Cookies and Digital Tracking

Our website uses cookies and tracking technologies to:

  • Improve user experience and website functionality

  • Analyze website traffic and usage patterns

  • Deliver relevant content and advertising (including Google Ads)

  • Remember your preferences

 

Your Choices: You can disable cookies through your browser settings, though this may limit website functionality. We comply with Google Ads policies, including transparent personalized advertising and user opt-out mechanisms. For more information about managing cookies, visit: www.aboutcookies.org

 

9. Accessing and Correcting Your Information

Your Rights:

  • Request access to your personal and health information

  • Request corrections to inaccurate, incomplete, or out-of-date information

  • Request information about how we collect, use, and disclose your data

 

How to Request Access: Contact us using the details at the end of this policy. We will respond within 30 days. There is no fee for requesting access, though we may charge a reasonable administrative fee for providing copies.

Identity Verification: To protect your information, we may require identification before releasing records.

 

Maintaining Accuracy: It is important your information remains current. Please notify us promptly of any changes to your contact details, health information, or circumstances that may affect your care.

 

10. Direct Marketing

We may send you health tips, newsletters, or practice updates only if you have consented. You can opt out at any time by:

  • Clicking the unsubscribe link in any email

  • Contacting us directly using the details below

  • Updating your preferences in your patient portal (if available)

 
11. Complaints and Privacy Concerns

If you believe we have breached your privacy or mishandled your information:

Step 1: Contact our Privacy Officer using the details below with as much information as possible about your concern.

Step 2: We will investigate your complaint and respond within 30 days. If we need more time, we will inform you.

Step 3: If you are not satisfied with our response, you can contact:

 

12. Privacy Officer and Contact Information

For privacy inquiries, access requests, or complaints, contact:

 

Kirin Acupuncture Wellness

  • Email: [insert email]

  • Phone: [insert phone]

  • Address: [insert address]

 

13. Changes to This Policy

We may update this policy to reflect changes in legislation, practice operations, or our information handling practices. The most current version will always be available on our website, and the "Last updated" date will be revised accordingly.

We encourage you to review this policy periodically to stay informed about how we protect your privacy.

 

14. Notifiable Data Breaches

In the event of a data breach that is likely to result in serious harm, we will:

  • Assess the breach in accordance with the Notifiable Data Breaches scheme

  • Notify affected individuals as soon as practicable

  • Report the breach to the OAIC where required

  • Take immediate steps to contain the breach and prevent further unauthorized access

 

Our staff are trained in data breach response protocols to ensure swift and appropriate action.

Acknowledgment

 

By booking an appointment or using our services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described.

If you have questions about this policy or how we handle your information, please don't hesitate to contact us.

bottom of page