General Privacy Policy

Your privacy is important to us. It is the policy of Time to Untangle Clinical Psychology services (ABN: 86 851 083 994) to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, www.timetountangle.com.au, and other sites we own and operate.

References to “Time to Untangle”, “Time to Untangle Clinical Psychology Services”, “we”, “us” and “our” are references to Time to Untangle and authorised representatives (ABN: 86 851 083 994). References to “you”, “your”, and the “client” are references to any individual about whom we collect personal information and provide services to.

When used in this Policy, “personal information” has the meaning given in the Privacy Act. Generally, it means any information or an opinion that could be used to identify you, such as your name, address, phone number, and date of birth. 

Personal information also includes “sensitive information”, which includes information or an opinion about, for example, your physical and mental health, criminal record, sexual orientation, religious or philosophical beliefs, and racial or ethnic origin.

“Health information” or “protected healthcare information” is information about the your health, health services provided or to be provided to you, or your express wishes about the future provision of health services. 

Information we collect includes both information you knowingly and actively provide us when using or participating in any of our services and promotions, and any information automatically shared between devices in the course of accessing our website, products, and services. 

At all times, we try only to collect the personal information we need for the particular function or activity we are carrying out, that is, when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

When you enquire about our services, we may collect your full name, date of birth, email address, phone number, and other personal information, including sensitive information, to help us assess whether we are an appropriate service for you and send you information or resources. We collect additional personal information about you, including sensitive information, when you book an appointment and during the course of treatment, for example, your address, emergency contact person, government-related identifiers such as Medicare or DVA numbers, social and medical history. We also collect your bank account or credit/debit card details and details of third parties involved in the management or funding of your appointments, for the purposes of administering your appointments and payment arrangements.

We may collect personal information about you if you are a healthcare professional or healthcare service provider who have referred a client to us or who are providing services to a client of ours, such as your name, medical speciality or position within the organisation your work for, your Medicare provider number if applicable, and your contact details.

We may collect personal information about you if you interact with us on a commercial basis, for example, service providers, or as a member of the public. The kind of personal information we collect will depend on the capacity in which you are dealing with Time to Untangle. Generally, it would include your name, your contact details, details and information regarding our interactions and transactions with you and details such as professional registration numbers, insurance certificates, among others.

We use “cookies” to collect information about you and your activity across our website. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our site. This helps us serve you content based on preferences you have specified. We also use Google Analytics.

Time to Untangle will, where practicable, collect information directly from you. We collect your personal information mainly when you deal with us over the phone, have contact with us in person, give or send us a letter or document or when you interact with us online via our website, email, online forms platforms, and SMS. We will assume that by engaging with Time to Untangle that you consent to us collecting and sharing information with you through these direct, and indirect means. Please inform us, in writing, if you want to opt-out of us collecting and sharing your personal information through specific means (e.g., email). 

We may also collect personal information about you, including sensitive information, indirectly from other sources such as your GP or other healthcare professionals, government agencies administering your entitlements and benefits, a carer, a legal professional or a person responsible for your healthcare decisions. If you want to share information that includes another person’s information in which that person will be identifiable, you must seek permission from the individual and let them know about our Privacy Policy.

We collect your personal information to carry out functions or activities such as:

• Assessing whether we are an appropriate service for you. 
• Providing you with psychological services such as assessing, diagnosing, and treating psychological issues or preparing reports.
• Sending you communications via SMS or email to, for example, remind you about your future appointments, provide you with treatment resources and questionnaires and send you a copy of your invoices.
• Enabling you to receive the correct entitlements to benefits and funding for our services from third-party payers and to comply with their requirements.
• Responding to your enquiries, requests, complaints, or feedback.
• Updating our records and keeping your information up to date.
• Providing accurate and complete information is important for the safety, quality and effectiveness of the services we provide. If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you with the services you are seeking. 

If you do not wish for your personal information to be collected in a way anticipated by this Privacy Policy, Time to Untangle may not be in a position to provide the psychological service to you. 

Time to Untangle collects and holds your personal information in electronic form. We hold your personal information securely on servers and computer systems. Some information may be collected in paper-based documents which may be converted to electronic form and the original paper copy destroyed in a secure manner when we no longer need it. 

Client files are retained on Cliniko which is a secure practice management software, this is accessible only to authorised employees. For more information see Cliniko Terms of Service and the Cliniko Privacy Policy. The information in each file includes personal information such as name, address, contact phone numbers, medical history, clinical notes, referral documentation, and other personal information collected as part of providing the psychological service.

We hold your personal details and payment information (i.e., credit / debit card details) in Tyro. Please see Tyro Terms and Conditions and Tyro Privacy Policy. Tyro abides by the Australian Privacy Principles and its objective is to handle your information responsibly.

Our preference for online communication, including collecting and temporarily holding personal information, is through Microsoft Email Exchange (Office 365 for Business). Microsoft 365 includes a tool called Office 365 Message Encryption which allows for emails to be sent and received securely. Only the people the email is intended for will be able to read the contents, as encryption technology prevents anyone else from viewing the message. Time to Untangle staff communicate with each other, including sharing and temporarily holding your personal information, through Slack, a workplace productivity tool. 

Time to Untangle uses other web-based platforms to administer, score, and analyse psychometric data. Your personal information (name, date of birth, gender, and email address) and sometimes, the personal information of your ‘informants’, is shared and held by these platforms, through the course of your evaluation. Each platform has been selected based on their commitment to the confidentiality and safeguarding of all personal information collected. Please see below for more information on each platform’s respective privacy policies:

•  Multi-Health Systems Inc. (MHS)
• WPS Health Solutions
• PAR, Inc. and PARIConnect
• Novopsych

Your personal information is maintained in a secure physical and electronic environments, which can be accessed only by authorised personnel. We take reasonable steps to protect the security of the personal information we hold, by:

• Ensuring physical security over our paper and electronic data stores, such as locks and security systems, is maintained and enhanced where possible.
• Maintaining security systems on computers and other devices, for example, by using a firewall, using passcodes to control access to electronic devices, and using two-factor authentication when available to access electronic systems.
• Taking reasonable steps to destroy or de-identify your personal information once we no longer need it for it’s primary purpose.
• Conducting regular privacy and data security audits to assess whether we have adequately complied with and implemented these measures.
• Complying with laws applicable to us in respect of any data breach.

However, no data transmission over the internet or information stored on servers accessible through the internet can be guaranteed to be 100% secure. Additionally, we are unable to ensure the security of personal information that is left with you or provided to you, for example, a paper-based report or email sent to you.

We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. If your personal information is no longer required, we will delete it or make it anonymous by removing all details that identify you. We are legally required to hold clients’ personal information for a minimum of 7 years from the date of last entry in your record or if you are a minor until you attain or would have attained 25 years of age.

However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.

There are circumstances where we may be permitted or required by law to disclose your personal information to third parties. Common situations in which we may disclose your personal information to third parties are when:

• You have consented to the disclosure; or
• We reasonably believe that disclosure is necessary to lessen or prevent a      serious threat to the life, health or safety of any individual, or to public health or safety; or
• We are required by law to report any disclosures of historical or current information relating to you or a child under 18 involving exposure to harm, including but not limited to, child sexual assault, physical abuse, or neglect, to the relevant authorities; or
• You would reasonably expect your personal information to be disclosed and disclosure to that third party is for a purpose directly related to the      primary purpose for which your personal information was collected (see Why we collect your personal information), for example, to a GP or      medical specialist involved in your care, a hospital for higher levels of care, the ambulance service, government agencies and other      third-party payers administering subsidies and benefits to which you      may be entitled such as Medicare and Department of Veterans Affairs; or
• A regulatory body requests this information; or
• It is required or authorised by or under an Australian law or a court/tribunal order.

We will use and disclose your personal information to Time to Untangle's contractors (e.g., virtual receptionist) for a range of administrative, management and operational purposes, for example, to manage your appointments, administer billing and rebates. 

We may use and disclose personal information to trusted third parties we engage to perform functions on our behalf, for example, to provide professional services, software services, IT and data security services. Where we have collected a government related identifier, such as your Medicare or DVA number, we will not adopt that identifier as our own identifier and we will only use or disclose that identifier as required or permitted by law.

Some of the information collected by Time to Untangle may be stored in systems that utilise data hosting facilities outside of Australia. Please be aware that the locations to which we store, process, or transfer your personal information may not have the same data protection laws as the country in which you initially provided the information. If we transfer your personal information to third parties in other countries: (i) we will perform those transfers in accordance with the requirements of applicable law; and (ii) we will protect the transferred personal information in accordance with this privacy policy.

You always retain the right to withhold personal information from us, with the understanding that your experience of our website and services may be affected. We will not discriminate against you for exercising any of your rights over your personal information. If you do provide us with personal information you understand that we will collect, hold, use and disclose it in accordance with this privacy policy. You retain the right to request or clarify details of any personal information we hold about you.

If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email-database or opt out of communications. 

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date. We must respond within 30 days of your request made in writing. 

Access to your personal information may be declined in accordance with privacy laws, for example, where giving you access would put you or another person at risk of harm. In this circumstance, we must notify you in writing setting out the reasons. If you are a current or past client, access to personal information may only be provided to you by arranging an appointment to discuss the information with the psychologist responsible for your file. These appointments are billed at the current private sessional rates and payable by you at the time of the appointment. We do not provide copies of any file information without a court subpoena as clinical records contain sensitive information relevant to your treatment and may be harmful if read without a psychologist present to explain the information appropriately. Where a person requesting access to your personal information is an authorised representative of yours, such as a lawyer or guardian, we will ask the representative to provide evidence of their authority. We may also ask you to provide current and informed consent to us before releasing your personal information. 

You may contact Time to Untangle at any time if you have any questions or concerns about our Privacy Policy or how your personal information has been handled. If you have a complaint about how we have handled your personal information, please contact us in writing. We will tell you promptly that we have received your complaint and then investigate and respond to the complaint within 30 days. We will determine what (if any) steps we should take to resolve the complaint. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner. Full contact details for the Office of the Australian Information Commissioner can be found online at www.oaic.gov.au.

In the event of any unauthorised access or disclosure or loss of your personal information that is likely to result in serious harm to you or other individuals, we will investigate and notify you and the Office of the Australian Information Commissioner in accordance with the Privacy Act. You will be informed of what information is at risk, steps that we have taken to ensure your safety, and what action we are taking or have taken to rectify the breach. We have the right to engage with a regulatory body, legal representative, or data protection authority in relation to any possible breaches.

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites and cannot accept responsibility or liability for their respective privacy practices.

We will update our Privacy Policy when our information handling practices change. Any information we hold about you will be governed by our current Privacy Policy. We recommend that you periodically review our Privacy Policy for any changes. The current version of our Privacy Policy is available here at www.timetountangle.com.au 

Sincerely,

Dr Jacinta Thomson and the Time to Untangle Team

Email: admin@timetountangle.com.au 

Ph: 07 5356 9344