Privacy Policy

Health by Design Pty Ltd ABN 51068901851 (“Health by Design”, “we” “us” and “our”) is committed to protecting your privacy. As part of our commitment, this Privacy Policy outlines how Health by Design manages the personal information it holds about its clients and their staff.

This Privacy Policy explains our personal information handling practices including the types of information which we collect, what that information is used for, and to whom that information may be disclosed. It applies to our personal information handling practices generally as well as to the information collected on our website (

Openness: When collecting personal information, Health by Design will, where possible, indicate the purpose for the collection and use of the information, to whom it may be disclosed and how you can request access to the information.

The purpose for collecting information: Health by Design only collects information that it needs in order to provide its services. Health by Design is in the business of providing health management services to corporations and their staff. Its services include, but are not limited to:

• Onsite health coaching
• Health promotion material
• Interactive displays
• Workshops
• Health expos
• Workplace programs
• Health and safety assessments
• Injury prevention campaigns

To effectively provide such services Health by Design may need to collect certain personal information to ensure the health and safety of individuals partaking in its services and to assist in determining the type of services it should be providing for a particular client.

Type of information requested: Information that Health by Design may request includes but is not limited to:-

  • Your name and address

  • Date of birth

  • Contact details (telephone number and email)

  • Employer

  • Health information

  • Personal history (may include medical history)

  • Type of medical and non-medical assistance you have been provided with by us, our service providers or your own medical practitioner

  • Your preference for particular activities and/or events

  • Feedback on services

Health by Design will endeavor to collect all information directly from you. This may happen when you fill out an application for one of our products, attend or participate in a service or assessment; you become one of our associates, or request assistance. This collection may occur over the phone, email, websites, or through one of our agents or partners. In certain cases, we may also collect information from other third party sources, such as from your employer or legal guardian.

In certain circumstances, we may collect sensitive information such as health information which may include personal details such as gender, age, presenting issue, family history, medical history, or lifestyle information. Where you provide health information to a third party (eg. manager, HR rep, medical practitioner or family member) to pass onto us as part of the support process, we rely on you having provided them with your consent to pass this information on to us.

Without your consent, we will not collect your sensitive personal information. This is subject to some exceptions including where the collection, use and disclosure of the information is necessary to prevent harm to life or is required by the law.

If you choose not to provide the information that Health by Design requires to provide its services effectively, we may not be able to provide you with the service(s) you have requested.

Use of personal information: Health by Design will only collect personal information where it is necessary for the purposes of providing, managing and administering its service(s). This includes, but is not limited to:-

  • To identify you

  • Monitoring and improvement of services provided by us and our agents or service providers, the products we provide our operations

  • Scheduling and booking activities

  • Providing effective exercise prescription

  • Providing medical and non-medical assistance

  • Ongoing health monitoring

  • Selection of various activities and services to offer clients and their staff

  • Identify health risk factors for individuals

  • Quality assurance and client satisfaction

  • Marketing, research and statistical analysis

  • Practicing effective risk management

  • Training our staff

  • Complying with relevant laws and regulations

  • Invoicing purposes

  • Providing program participation details such as employee names to employers

  • For any other purposed that would be reasonably expected

In the event we receive unsolicited personal information, we will determine whether or not we should retain this information. This will depend on whether it is reasonably necessary for one of more of our functions or activities. If we determine that the personal information is not necessary for our functions or activities and that we should not retain it, then we will as soon as practicable either return it to you, or whoever sent it to us, destroy it or otherwise ensure it is de-identified, provided it is lawful to do so. Otherwise we will hold, use and disclose the personal information in accordance with this privacy policy.

Disclosure of personal information: To be able to effectively provide our service(s), Health by Design may disclose information to others within Health by Design. Health by Design will only share (disclose) your personal information with third parties if it is required to provide, manage and administer our services obligations to you, or if it is required under law or in an emergency situation. The third parties may include (but are not limited to) the following:

• Contractors or service providers engaged by us
• Any persons acting on our behalf, including professional advisers • Government and regulatory bodies
• Where disclosure is permitted or required by law

From time to time, Health by Design may also report information to its corporate clients in a de-identified format. However, Health by Design will not provide de-identified reporting to its corporate clients where the data sample relates to less than 30 individual participants.

Health by Design will always seek your permission to disclose your personally identifiable information to your employer about what services you have undertaken. Where we engage contractors, service providers or others to act on our behalf, Health by Design will take reasonable steps to protect the privacy of all information disclosed and requires such parties to comply with any relevant privacy laws.

If we send your personal information outside of Australia we will require that the recipient
of the information complies with privacy laws and contractual obligations to maintain the security of the data.

Direct marketing: From time to time, we may contact you to provide you with information about other products and services offered by us, our related entities and our business partners that may be of benefit to you and your family. This includes information or services that can help you improve your wellbeing. When we contact you it may be via mail, phone, or email.

When you become our customer, you consent to us using your personal information for direct marketing purposes, unless you have contacted us to withdraw your consent. If you do not wish to receive marketing material from us you can contact us at any time to let us know or use the opt-out process on our offers or promotional communication. Our contact details are at the end of this policy. When you contact us to make this request, we will action your request within a reasonable period.

If you request not to receive marketing material, please note that we will still contact you in relation to our on-going services you have requested and/or services that your employer wishes you be made aware of. For example, we will still send you any bills, statements and notices that are relevant to the products and services you have purchased from us.

Data quality: Health by Design will take reasonable steps to ensure that personal information it collects, uses and discloses is accurate, correct and up to date. It does so via its own internal quality system and auditing procedures.

If you believe any information that we hold about you is incorrect, incomplete or out of date please contact us. We will respond to your request within a reasonable period and will take reasonable steps to amend your records.

Personal information storage and security: Health by Design holds personal information in a combination of secure electronic and hard copy formats based at our office premises. We take all reasonable steps to ensure that any personal information held by us is protected from misuse, loss and unauthorized, modification or disclosure. Such steps include, but are not limited to:

  • Access to personal data is limited to authorized personnel who have a legitimate need to know based on their job

  • Confidentiality requirements for our employees and suppliers

  • Secure document storage

  • Antivirus and anti-malware software is installed and regularly updated virus definitions

  • Security procedures and policies are audited on a regular basis to ensure they are updated in accordance with current legal requirements and current levels of security technology

While Health by Design has security measures in place to protect your data, no data transmission over the internet can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot warrant or ensure the security of any information you transmit to us or we transmit on your behalf, or to you, in the course of providing services over the internet.

Health by Design will keep information for as long as it is required to be able to provide the intended service(s) or to meet legal and regulatory requirements. We will take reasonable steps to permanently de-identify or securely destroy personal information that we no longer require for any purpose except in limited permitted circumstances.

Health by Design does not adopt any government identifiers.

Accessing your personal information

You have a right to reasonable access to any information that Health by Design holds about you. To request access to your information, please contact us (our contact details are listed us at the bottom of this document). At the time you make your request, we may ask that you complete relevant forms. We reserve the right to charge for providing access to certain information, as permitted by law and you will be informed of this at the time of your request. We will always endeavour to meet your request for access within a reasonable timeframe and in the manner requested by you if it is reasonable to do so.

However, in some circumstances we may decline a request for access to information such as where we no longer hold the information, giving access would be unlawful or the request for access would impact the privacy upon other individuals. If we are unable to give you access to the information you have requested, we will give you written reasons for this decision when we respond to your request.

Correcting your personal information

To enable us to provide you with the best possible service, it is important that the information we hold about you is accurate. We will take reasonable steps to ensure your personal information is accurate, complete and up-to-date at the time of collecting, using or disclosing it.

If you believe any information we hold about you is inaccurate, incomplete or out-of-date, you should contact us. We will respond to your request within a reasonable period and take reasonable steps to amend your records.

Your privacy online

Online data collection and use: When you access the Health by Design website, anonymous technical information may be collected about user activities on the website. This may include information such as the type of browser used to access the website and the pages visited. This information is used by Health by Design to make decisions about maintaining and improving our websites and online services. This information remains anonymous and is not linked in any way to personal identification details.

Cookies: A “cookie” is a small text file placed on your computer by a web server when you access a website. Cookies are frequently used on websites. Cookies in themselves do not identify the individual user, just the computer used. We use cookies to collect data to help us determine which pages are most popular, peak usage times and other information that helps us make

our websites easier and more efficient for you to use. When you visit our websites we may set a cookie on your machine so that when you next visit our websites it links to your personal information that is stored on our system.

You can choose if and how a cookie will be accepted by configuring your preferences and options in your browser. For example, you can set your browser to notify you when you receive a cookie or to reject cookies. However, if you decide not to display cookies, then you may not be able to gain access to all the content and facilities of this website.

Complaints and contacting us

If you have a complaint or feedback in relation to how Health by Design has handled your personal information, please contact our privacy officer, Patty McLoughlin, at our head office on 1300 30 40 68 or mobile 0426 253 181.

All complaints will be investigated and you will be contacted in due course on the outcome. If you have any questions, feedback or concerns about Health by Design’s privacy policy or how your information is handled by Health by Design, you can contact us via:

• Phone - 1300 30 40 68 or +61 3 9804 0715 • Fax - +61 3 9804 0750
• Mail - PO Box 1054, Hawthorn VIC 3122
• Email – [email protected]

Health by Design will manage your concerns internally, directly with you.

If you are not happy with our response, or if you do not feel your complaint has been resolved, you are able to seek advice from the Office of Australian Information Commissioner by calling 1300 363 992.