Orthokids Privacy Policy

Last Updated: March 2026

1. Our Commitment to Your Privacy

Orthokids is committed to protecting your privacy and handling your personal information in a safe, responsible and transparent way.

This Privacy Policy explains how we collect, use, disclose, store and protect your personal information in accordance with the Privacy Act 1988 and the Australian Privacy Principles (APPs).

This policy applies to our clients, patients, parents/guardians, website users, employees, contractors and other individuals who interact with Orthokids.

2. What Is Personal Information?

“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable.

This may include:

• Name
• Address
• Phone number
• Email address
• Date of birth
• Health information
• Payment or banking details
• Medicare or NDIS details
• Employment information

Health information is considered sensitive information under Australian law and is given a higher level of protection.

3. Why We Collect Personal Information

We collect personal information to:

• Provide orthotic and allied health services
• Manage appointments and treatment plans
• Process payments and health fund claims
• Comply with legal and regulatory requirements
• Meet NDIS obligations (where applicable)
• Communicate with clients and families
• Manage employment and contractor relationships
• Improve our services and website

If we do not collect necessary personal information, we may not be able to provide our services.

4. How We Collect Personal Information

Where reasonable and practicable, we collect personal information directly from you.

We may collect information when you:

• Complete intake or consent forms
• Enter into a service agreement
• Contact us by phone, email or in person
• Visit our website
• Submit employment applications

In some cases, we may collect information from third parties, such as:

• Referring doctors or health professionals
• Hospitals
• Parents or guardians
• NDIS representatives
• Government agencies

When this occurs, we handle the information in accordance with this Privacy Policy.

5. Website Information and Cookies

When you visit our website, we may collect information such as:

• IP address
• Device type
• Browser type
• Pages visited
• Date and time of access

We may use cookies and analytics tools to improve website functionality and user experience.

You can disable cookies through your browser settings.

If website data becomes linked to identifiable personal information, it will be treated as personal information under this Policy.

6. How We Use Personal Information

We only use personal information for:

• The primary purpose for which it was collected; or
• A related secondary purpose you would reasonably expect; or
• A purpose to which you have consented; or
• A purpose required or authorised by law.

We do not sell, rent or trade personal information.

If we engage in direct marketing, you will have the option to opt out at any time.

7. Disclosure of Personal Information

We may disclose personal information to:

• Health professionals involved in your care
• Medicare, private health funds or the NDIS
• IT and software providers
• Accountants, auditors or legal advisers
• Regulatory authorities where required by law

We take reasonable steps to ensure third parties handle personal information in accordance with the Privacy Act.

8. Overseas Disclosure

Some of our service providers (such as cloud storage providers) may store data overseas.

Where this occurs, we take reasonable steps to ensure that:

• The overseas recipient complies with Australian Privacy Principles; or
• The information is de-identified; or
• The transfer is otherwise permitted under the Privacy Act.

9. Data Security

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure.

Security measures include:

• Secure electronic systems
• Password protection and access controls
• Staff privacy training
• Secure storage of physical records
• Regular cybersecurity reviews

We destroy or de-identify personal information when it is no longer required, unless we are required to retain it by law.

10. Access and Correction

You have the right to:

• Request access to the personal information we hold about you
• Request correction of inaccurate or outdated information
• Withdraw consent where applicable
• Request deletion where legally permissible

Requests can be made using the contact details below.

We will respond within a reasonable time (usually within 30 days).

11. Complaints

If you believe we have breached the Australian Privacy Principles, you may contact us in writing.

We will investigate your complaint and respond promptly.

If you are not satisfied with our response, you may lodge a complaint with:

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au

12. NDIS Compliance

Where applicable, Orthokids complies with the requirements of the NDIS Quality and Safeguards Commission and manages participant information in accordance with the Australian Privacy Principles.

13. Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will always be available on our website.

14. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal information, please contact:

Orthokids Practice Manager
Email: info@orthokids.com.au
Phone: 03 98364480
Address: 18 Stirling Crescent, Surrey Hills. Victoria. 3127