Privacy Policy

Effective date: 18/06/2026  |  Last reviewed: 18/06/2026

EMDR Brisbane (“we”, “us”, “our”) is committed to protecting the privacy and confidentiality of your personal and health information. This policy explains how we collect, use, store, disclose and protect your information, and how you can access it or make a complaint.

We handle your information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and our professional and ethical obligations as registered psychologists under the Australian Health Practitioner Regulation Agency (AHPRA) and the Psychology Board of Australia.

Contents

  1. What information we collect
  2. How we collect your information
  3. Why we collect, use and hold your information
  4. Disclosure of your information
  5. AI note-taking and transcription tools
  6. Storage and security of your information
  7. Access to and correction of your information
  8. Retention of your information
  9. Website, cookies and analytics
  10. Online enquiries
  11. Overseas disclosure
  12. Making a complaint
  13. Changes to this policy
  14. Contact us

1. What information we collect

The information we collect is the information reasonably necessary to provide you with safe and effective psychological care. This may include:

Health information is “sensitive information” under the Privacy Act and is afforded a higher level of protection.

2. How we collect your information

Wherever it is reasonable and practicable, we collect information directly from you — for example, when you make an enquiry, attend an appointment, or complete an intake or consent form. In some circumstances we may collect information from third parties, such as your referring GP or specialist, a Mental Health Care Plan, your NDIS plan manager or support coordinator, WorkCover, or (with your consent) a family member or carer.

If we receive information about you that we have not requested and could not have collected under this policy, we will deal with it in accordance with the APPs, including destroying or de-identifying it where appropriate.

3. Why we collect, use and hold your information

We collect, use and hold your information in order to:

If you choose not to provide certain information, we may be unable to provide you with appropriate treatment or to process rebates or claims on your behalf.

4. Disclosure of your information

We treat your information as strictly confidential and only disclose it in limited circumstances, including:

We will always seek to discuss any disclosure of your information with you wherever it is safe and practicable to do so. We do not sell your information, and we do not use it for marketing.

5. AI note-taking and transcription tools

To support accurate record-keeping and to allow your psychologist to remain present and engaged during your session, we may use an AI-assisted clinical documentation tool. EMDR Brisbane does not use these tools to listen to or transcribe parts of a consultation. AI tools are only ever used in after-session dictation in order to help generate a draft clinical note, which is then reviewed and finalised by your psychologist.

Where we use such a tool:

If you would prefer that no AI documentation tool is used during your sessions, please let your psychologist or our reception know. We are happy to accommodate this.

6. Storage and security of your information

We take reasonable steps to protect your information from misuse, interference and loss, and from unauthorised access, modification or disclosure. Your clinical and administrative records are stored electronically in Zanda Health, a secure, cloud-based practice management system used by allied health providers across Australia. Zanda Health provides access controls, password protection and encryption of stored data. Access to your information is limited to those involved in your care or in the administration of our services, and any paper records are kept physically secure.

In the event of a data breach that is likely to result in serious harm, we will respond in accordance with the Notifiable Data Breaches scheme under the Privacy Act, including notifying you and the Office of the Australian Information Commissioner (OAIC) where required.

7. Access to and correction of your information

You have the right to request access to the personal and health information we hold about you, and to ask us to correct it if it is inaccurate, out of date or incomplete. To make a request, please contact us using the details below.

We will respond to your request within a reasonable period. In limited circumstances we may decline a request for access — for example, where providing access would pose a serious threat to the life, health or safety of any person, or where access is restricted by law. If we decline, we will explain why and let you know how you may seek a review.

8. Retention of your information

We are required to retain clinical records for a minimum period set by law and professional standards. For adults, this is generally at least seven years from the date of last contact. For records relating to a person who was under 18 at the time of treatment, records are generally retained until that person turns 25. When records are no longer required to be kept, they are securely destroyed or de-identified.

9. Website, cookies and analytics

Our website uses Google Analytics to help us understand how visitors use the site so that we can improve it. This service may collect information such as your device type, browser, approximate location and the pages you visit, generally in a de-identified or aggregated form. You can control or disable cookies through your browser settings. Using our website does not require you to identify yourself unless you choose to contact us.

10. Online enquiries

If you submit an enquiry through our online form, we collect the information you provide (such as your name, phone number, email address and message) solely for the purpose of responding to your enquiry. By submitting the form and providing your consent, you agree to us using your details for this purpose. Please avoid including detailed sensitive health information in an online enquiry, as email and web forms are not a fully secure means of communication.

11. Overseas disclosure

Some of the third-party service providers we use (for example, cloud software or documentation providers) may store or process data on servers located outside Australia. Where this occurs, we take reasonable steps to ensure those providers handle your information consistently with the Australian Privacy Principles.

12. Making a complaint

If you have a concern about how we have handled your personal or health information, please contact us first using the details below so that we can try to resolve it. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.

13. Changes to this policy

We may update this policy from time to time to reflect changes in our practices or legal obligations. The current version will always be available on our website, and the effective date above will indicate when it was last updated.

14. Contact us

If you have any questions about this policy, or wish to access, correct or raise a concern about your information, please contact us:

EMDR Brisbane
PO Box 1174
LUTWYCHE QLD 4030
Phone: 0468 891 614
Email: contact@emdr-brisbane.com.au

Explore

Services & Fees
Our Team
Blogs

Get in Touch

Book an Appointment
Make a Referral
Contact Us

Policies

Cancellation Policy
Privacy Policy
Sitemap