Privacy Policy
Elite Health and Performance Pty Ltd (EHP Group)
Last updated: April 2026
1. Introduction
Elite Health and Performance Pty Ltd (trading as EHP Group, referred to as "we", "us", or "our") is committed to protecting the privacy and confidentiality of your personal and health information. This Privacy Policy outlines how we collect, use, store, disclose, and protect your information.
We operate allied health clinics in Bowen Hills, Toowong, and Coorparoo, Brisbane, providing physiotherapy, chiropractic, remedial massage, and related services.
This policy is governed by the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and relevant Queensland health records legislation. By engaging with our services, website, or communications, you consent to the practices described in this policy.
2. What Information We Collect
We may collect the following types of information:
Personal information: Name, date of birth, address, phone number, email address, and emergency contact details.
Health information: Medical history, injury and treatment details, clinical notes, referral letters, and imaging reports.
Payment information: Health fund details, Medicare information, and payment records processed via HICAPS and in-clinic payment terminals.
Website information: Name, email address, phone number, and enquiry details submitted via our website contact and booking forms.
Technical data: IP address, browser type, pages visited, and time spent on our website, collected via cookies and analytics tools.
AI-assisted clinical notes: During or after consultations, we may use AI-assisted transcription or note-taking tools to support accurate clinical documentation. All AI-generated content is reviewed and approved by your treating practitioner before being added to your health record.
CCTV footage: Our clinic premises are monitored by closed-circuit television (CCTV) for the safety and security of patients and staff.
3. How We Collect Your Information
We collect your information through:
Intake forms, health history questionnaires, and consent forms completed in clinic or online
Direct consultations and clinical assessments with your treating practitioner
AI-assisted transcription or note-taking tools used during or following consultations
Online booking and contact forms on our website
Correspondence via email, phone, or SMS
Referrals from GPs, specialists, and other healthcare providers
CCTV recording on our clinic premises
Cookies and analytics tools when you visit our website
4. Why We Collect and Use Your Information
We use your information to:
Provide, manage, and coordinate your clinical care
Maintain accurate and complete health records
Process payments and manage billing with health funds and Medicare
Send appointment reminders and follow-up communications via Cliniko
Communicate with referring practitioners and external health providers where relevant to your care
Improve our services and monitor the safety and quality of care delivered
Send health information and clinic updates via email (Mailchimp) where you have opted in
Display relevant advertising on Google, Meta (Facebook and Instagram), YouTube, and TikTok based on interaction with our website or content
Comply with our legal, regulatory, and professional obligations
Maintain clinic security via CCTV
5. Disclosure of Your Information
We do not sell your personal or health information. We may share your information with:
Treating practitioners and referral partners: With your consent, we may share relevant clinical information with GPs, specialists, imaging centres, and other allied health providers involved in your care.
Technology and software providers: We use Cliniko (practice management), Google Workspace (email and document storage), and Mailchimp (email marketing). These providers are bound by data processing agreements and applicable privacy obligations.
AI note-taking tools: AI-assisted documentation tools may process consultation content to generate clinical notes. Your treating practitioner reviews all output. We only use tools that meet appropriate data security standards.
Advertising platforms: We use Google Ads, Meta Ads (Facebook and Instagram), YouTube, and TikTok advertising. These platforms may receive anonymised or aggregated data via cookies, pixels, or tracking tools to serve relevant advertising. We do not share your identified health information with these platforms.
Analytics tools: Google Analytics is used to analyse website usage. Data collected is aggregated and does not personally identify you.
Legal and regulatory bodies: We may be required to disclose information to comply with a court order, subpoena, or regulatory requirement, or to report a notifiable data breach under the Privacy Act.
Emergency situations: Where necessary to prevent a serious threat to your health or safety, or that of another person, we may disclose relevant information without your consent.
6. Patients Under 18
We occasionally treat patients under the age of 18. In these cases, consent for the collection and use of health information is obtained from a parent or legal guardian. Health records for minors are managed with additional care in accordance with relevant privacy and healthcare legislation.
7. How We Store and Protect Your Information
Your information is stored in secure, access-controlled systems. We take reasonable steps to protect your information from misuse, interference, loss, and unauthorised access, modification, or disclosure.
Cliniko: A cloud-based practice management platform with Australian data hosting, encrypted data storage, and role-based access controls.
Google Workspace: Used for internal communications and document storage, protected by Google's enterprise-grade security infrastructure.
Mailchimp: Used to manage email marketing communications. Mailchimp stores subscriber data on secure servers in accordance with its own privacy policy.
CCTV: Footage recorded at our clinic premises is stored securely and is only accessible to authorised personnel. Footage is retained for a limited period and deleted unless required in connection with an incident or investigation.
Our staff are trained in privacy obligations and only access patient information on a need-to-know basis. Physical records, where applicable, are stored securely and disposed of appropriately.
8. Cookies and Website Tracking
Our website uses cookies and similar tracking technologies to improve functionality, understand how visitors use our site, and deliver relevant advertising. Technologies we use include:
Google Analytics for website traffic and behaviour analysis
Google Ads conversion tracking and remarketing
Meta Pixel for Facebook and Instagram advertising performance
TikTok Pixel for advertising attribution and performance
YouTube tracking for video advertising purposes
You may disable cookies through your browser settings, though this may affect the functionality of some parts of our website. You can also opt out of personalised advertising via Google's Ad Settings and Meta's Ad Preferences.
9. Marketing Communications
We may send you email communications via Mailchimp about clinic news, health tips, promotions, and relevant updates where you have provided consent or where permitted under the Spam Act 2003 (Cth).
You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email, or by contacting us at info@elitehp.com.au. Opting out of marketing communications will not affect appointment reminders or essential clinical communications.
10. Accessing and Correcting Your Information
You have the right to request access to the personal and health information we hold about you, and to request corrections if the information is inaccurate, incomplete, or out of date.
To make a request, contact us at info@elitehp.com.au. We will respond within a reasonable timeframe (generally 30 days). In some limited circumstances, we may be unable to provide access, in which case we will explain why in writing.
There is no charge for making an access request, though we may charge a reasonable fee for the cost of producing and providing copies of records.
11. Retention of Records
We retain health records in accordance with applicable professional and legal obligations. Under Queensland legislation, health records for adults are generally retained for a minimum of 7 years from the date of last service. For minors, records are retained until the patient turns 25, or for 7 years from the last service, whichever is longer.
Non-clinical personal data (such as website enquiry data and marketing lists) is retained only as long as necessary for the purpose for which it was collected.
12. Notifiable Data Breaches
EHP Group is subject to the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). If we become aware of an eligible data breach likely to result in serious harm to any affected individual, we will notify both the individual(s) concerned and the Office of the Australian Information Commissioner (OAIC) as required by law.
13. Third-Party Websites
Our website may contain links to third-party websites, including booking platforms, social media pages, and referral partners. We are not responsible for the privacy practices of external sites. We encourage you to review the privacy policy of any third-party site you visit.
14. Privacy Complaints
If you have a concern or complaint about how we have handled your personal or health information, please contact us in the first instance:
Email: info@elitehp.com.au
Address: 24 Edmondstone Road, Bowen Hills, QLD 4006
Phone: 07 3852 6841
We will acknowledge your complaint and aim to resolve it within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.
15. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. The current version will always be available at www.elitehp.com.au. We encourage you to review this policy periodically.
Continued use of our services following any update constitutes your acceptance of the revised policy.