Privacy Policy

1. Information We Collect

Effective Date: 1 February 2026

Tree of Health (also referred to as “we”, “us”, or “our”) is committed to protecting your privacy and handling your personal and health information responsibly and transparently.

Tree of Health complies with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs). Where applicable, we also comply with relevant state and territory health information privacy legislation.

This Privacy Policy explains how we collect, use, store and disclose your information in accordance with:

In the event of an eligible data breach, Tree of Health will comply with the Notifiable Data Breaches (NDB) Scheme under Part IIIC of the Privacy Act 1988 (Cth), including notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) where required.

A copy of the Australian Privacy Principles is available from the Office of the Australian Information Commissioner (OAIC).

By using our services or website, you consent to the collection and use of your information as described in this policy.

We may collect the following types of information:

a) Personal Information

Including but not limited to:

  • Full name

  • Email address

  • Phone number

  • Postal address

  • Date of birth

  • Payment and billing details

b) Health Information (Sensitive Information) 

If you engage in naturopathic, herbalist or wellness services, we may collect:

  • Medical history and current health conditions

  • Symptoms and health concerns

  • Lifestyle, dietary and wellness information

  • Prescribed treatments or herbal recommendations

  • Test results or practitioner notes

  • Any other health information you voluntarily provide

c) Non-Personal Information

Including:

  • IP address

  • Browser and device information

  • Website usage data collected through cookies and analytics tools

2. How We Use Your Information

We collect and use your information to:

  • Provide personalised naturopathic and herbal consultations

  • Create and maintain accurate health records

  • Communicate with you regarding appointments, programs and follow‑up care

  • Process payments and issue invoices

  • Improve our services and website

  • Meet legal, regulatory and professional obligations

Health Information & Consent

  • We only collect health information with your explicit consent.

  • Health information is used solely for your care and treatment.

  • We will not disclose your health information without your consent unless required or authorised by law.

  • If a referral to another practitioner is required, your consent will be obtained before sharing any information.

3. Disclosure of Information

We do not sell or rent your personal or health information.

Your information may be disclosed only in the following circumstances:

  • With your consent – for referrals or collaborative care with other health professionals

  • With trusted service providers – such as secure practice management systems, payment processors, email platforms or booking systems

  • For legal purposes – where required by law, court order or regulatory authority

All third‑party service providers are required to maintain confidentiality and comply with privacy laws.

4. Data Storage & Security

We take reasonable steps to protect your personal and health information from:

  • Misuse

  • Loss

  • Unauthorised access

  • Modification or disclosure

Security measures include:

  • Secure digital systems

  • Password‑protected records

  • Restricted access to authorised personnel only

Data Retention

Health records are retained in accordance with legal and professional record‑keeping requirements. When no longer required, records are securely destroyed or de‑identified.

5. Your Rights

Under Australian privacy law, you have the right to:

  • Access your personal and health information

  • Request correction of inaccurate or incomplete information

  • Withdraw consent (where applicable)

  • Request deletion of your information (subject to legal record‑keeping obligations)

Requests can be made by contacting us using the details below. We will respond within a reasonable timeframe.

6. Telehealth & Remote Services

If you use our services remotely (telehealth, phone or online consultations):

  • The same privacy and security standards apply

  • Secure platforms are used for consultations

  • Digital records are protected under Australian privacy law

If you reside outside NSW, the Privacy Act 1988 (Cth) continues to apply.

7. Data Breaches

We take all reasonable steps to prevent data breaches. If a breach occurs that is likely to result in serious harm, we will:

  • Assess the breach

  • Contain and mitigate risks

  • Notify affected individuals as soon as practicable

  • Report the breach to the OAIC where required under the NDB scheme

If you suspect a data breach involving your information, please contact us immediately.

8. Complaints

If you believe your privacy has been breached, you may:

  1. Contact us directly so we can investigate and respond within 30 days

  2. If unresolved, lodge a complaint with:

Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au/privacy/privacy-complaints
Phone: 1300 363 992

9. Updates To This Policy

This Privacy Policy may be updated from time to time. The latest version will always be available on our website.

10. Contact Details

For privacy‑related enquiries:

Tree of Health
Attn: Julia Brosnan
Email: julia@treeofhealth.com.au
Phone: 0461 359 450