Privacy Policy for MHNSF Pty Ltd T/A Spring Forward Family Centre

General Privacy Policy

Our Commitment 

Spring Forward Family Centre / MHNSF Pty Ltd ("we", "our", or "us") prioritise the privacy and confidentiality of the personal and health information you entrust to us. As a healthcare provider in Australia, our collection, use, and disclosure of your information adhere to the Privacy Act 1988 (Cth), Australian Privacy Principles, and the codes of conduct of the relevant allied health professions (including but not limited to occupational therapy, physiotherapy, speech pathology, music therapy, art therapy, counselling, social work, and psychology).

Personal and Health Information Collection

We may collect the following information:

  • Personal details: name, images, contact details, age, date of birth, preferences, and opinions.
  • Financial data: credit card or payment details via our third-party payment processor.
  • Web interaction: browser data, device information, browsing behaviour, geo-location, and internet service provider details.
  • Health information: relevant to the allied health services provided.

The collection could be direct from you or from a third party with your consent.

Use of Microsoft Office and Cliniko in Data Collection and Storage

  • Microsoft Office: We use Microsoft Office applications, especially Microsoft Outlook, to manage emails and schedule appointments. The data entered here may include personal details, contact information, and appointment specifics. Microsoft Forms is often used to collect data from clients for the management of intakes, service agreements and other purposes.

  • Cliniko: As our trusted practice management software, Cliniko helps us schedule appointments, manage client records, and draft treatment plans. This data is stored securely on Cliniko servers, adhering to stringent security protocols and encrypted end-to-end.

 Purpose of Collection 

Your information enables us to:

  • Provide you with our allied health services.
  • Ensure our website's functionality and safety.
  • Communicate effectively with you.
  • Maintain our professional and legal responsibilities.
  • Improve our services and offerings.


We limit the disclosure of your information:

  • Only to those directly involved in your care or the management of your care.
  • To third-party providers necessary for our business operation, with your consent.
  • Where legally required.

Information will be shared within the company as required to employees and contracted representatives of MHNSF Pty Ltd. 

Your Rights

  • Consent: Your provision of personal and health information to us indicates your consent. If you withhold certain information, it may impact the quality of care you receive.
  • Correction: Contact us for any inaccuracies in your details. Prompt disclosure is your responsibility, and prompt correction is our commitment.
  • Complaints: Should you be unsatisfied with our handling of your information, contact us directly. We will address your concerns swiftly and comprehensively. If you deem this inadequate, you may choose to contact the NDIS Commission or the HCCC.
    • Provide Feedback to Company
    • If, as an NDIS Participant, you wish to make a complaint you can contact the NDIS Quality and Safeguards Commission on: 1800 035 544 (free call from landlines) or TTY 133 677. Interpreters can be arranged. Feedback can also be provided through the Complaints Contact Form


Given the sensitive nature of health data, we have advanced security measures in place. This includes data encryption, secure servers, and regular system updates. We also comply with health data-specific regulations and guidelines in Australia.

Digital Tools 

Cookies and Web Beacons: While we employ cookies and web beacons for a better website experience, they do not access your personal health data. Their function is to improve website usability and collect non-personal data.


Our website may link to external sites. We don't oversee their privacy practices. So, be sure to review their policies before sharing any personal data.  

MailChimp Subscription Services 

Our e-newsletters are delivered via MailChimp, a US-based platform. While subscribing:

  • You agree to MailChimp's privacy policy and terms.
  • Understand that US laws apply to this data.
  • Know that Australian Privacy Principle 8.1 may not apply. 

You can opt-out anytime.

Changes to the Policy 

Any changes will be updated on our website. Stay informed by checking this policy periodically.

Website and Online Privacy Policy

Introduction and Scope
Spring Forward Family Centre / MHNSF Pty Ltd ("we", "our", or "us") is committed to preserving the privacy of our website users. This Website Privacy Policy details how we manage and protect the personal information of individuals using our website and online services. It is designed to function in harmony with our broader privacy policies related to face-to-face and telehealth services.

Data Collection
When you visit our website or engage with our online services, we may collect:

  • Personal Information: Including, but not limited to, your name, email address, contact details, and any other information provided through forms, surveys, or direct communications with us.
  • Usage Data: Details such as your IP address, browser type, pages visited, time spent on pages, and other related metrics.
  • Cookies: Small data packets stored on your device to enhance your website experience. This may include session cookies (temporary) or persistent cookies (stored until deleted).

Purpose of Collection
We collect data for purposes including:

  • Delivering, improving, and personalising our website content.
  • Responding to inquiries or feedback.
  • Monitoring website traffic and user behaviour to optimise performance and user experience.
  • Marketing and promotional activities.

Protection of Data
We employ a range of technical and administrative measures to safeguard your data. This includes the use of secure servers, firewalls, and encryption. However, no transmission over the internet can be fully secure, so users are encouraged to take precautions when sharing personal data online.

Third-party Links and Integrations
Our website may contain links to external sites or integrate third-party services. We are not responsible for the privacy practices of these external entities. We urge users to review the privacy policies of any third-party websites or services they access.

User Rights and Control

  • Consent: By using our website, you consent to our collection, storage, and use of your data as described in this policy. You may withdraw your consent at any time by contacting us.
  • Access and Correction: Users can request access to their personal data stored by us and may ask for corrections if the data is inaccurate.
  • Cookies: While cookies enhance website usability, users can adjust browser settings to decline cookies if they prefer.

Your trust is paramount to us. You have the right to:

  • Access the personal information we hold about you.
  • Correct inaccuracies in your personal information.
  • Withdraw any consent you previously provided to us.
  • Express any concerns you have about third parties' use of your personal data.

Policy on Minors
Our website and services are not targeted at individuals under the age of 18. We do not knowingly collect personal information from minors without parental or guardian consent.

Storage and Processing of Personal Information

We store data on secure servers and retain it only for as long as necessary for the purposes outlined in this policy, or as required by law.

In addition to our standard practices regarding data storage and processing, we would like to highlight the following updates pertaining to specific platforms and community participation:

  1. Shopify: If you make a purchase from our online store, your personal details, purchase history, and payment information are processed and stored securely on Shopify. We access only necessary data to facilitate order processing and customer service. Shopify has its own robust security measures and privacy policy to ensure the protection of your data. We encourage you to review Shopify's privacy policy if you have concerns.
  2. Thinkific: If you enroll in any of our courses, your personal details, course progress, and payment information are processed and stored on Thinkific. Thinkific is a trusted online course platform with stringent security measures. They keep your data secure, and we only access it for the purpose of course administration and to enhance your learning experience. We recommend reviewing Thinkific's privacy policy for additional clarity on their data handling practices.
  3. Spring Forward Community: By joining a Spring Forward community, you may provide certain personal information that allows us to offer a tailored community experience. This information will only be used to facilitate community interaction, provide relevant content, and enhance your experience within the community. Our communities are facilitated by Thinkific and are subject to their data handling and storage practices. 

Updates to This Policy
Technological advancements and changes to our online services may necessitate updates to this policy. We recommend users periodically review this policy for any changes.

Contact Us
For queries, concerns, or feedback regarding this policy, or to exercise any of your rights, please contact us at [email protected] or through the contact form on our website.

Service Delivery Privacy and Confidentiality

Our Commitment
Spring Forward Family Centre / MHNSF Pty Ltd ("we", "our", or "us")  is steadfastly dedicated to upholding the highest standards of privacy and confidentiality for all our clients, both in our physical centre and during telehealth sessions. Our adherence to the Privacy Act 1988 (Cth), the Australian Privacy Principles, and professional standards set for allied health professions ensures that every interaction is handled with utmost discretion and integrity.

Scope of Collection for Face-to-Face and Telehealth Services
During both in-person consultations and telehealth sessions, we might gather:

  • Personal identification details.
  • Health history and current health details pertinent to our services.
  • Information regarding your communication device for telehealth.

 Purpose of Collection
The primary aim behind collecting this data is to:

  • Provide individualised care tailored to your unique needs.
  • Facilitate seamless telehealth sessions, ensuring technical hitches don’t hinder your care.
  • Uphold our professional, ethical, and legal responsibilities in line with Australian allied health standards.

Telehealth Data Security
Telehealth consultations demand rigorous digital security measures. To this end:

  • All sessions are encrypted end-to-end, ensuring that data shared remains confidential.
  • We do not record telehealth sessions unless explicitly agreed upon for therapeutic purposes, in which case all recordings are stored securely.
  • You will not record telehealth sessions unless explicitly agreed upon in writing from company management prior to the session

Rights of the Client

  • Informed Consent: Before initiating any service, we'll ensure you're fully informed about the nature, purpose, and risks involved, guaranteeing that your consent is knowledgeable.
  • Access and Amendment: You hold the right to access your data and request changes to any inaccuracies.

  • Complaints: Should you have concerns about your privacy or confidentiality during our sessions, please relay them to us directly. Your peace of mind is paramount, and we pledge to address all issues promptly and transparently.

Staff Training and Compliance
All our allied health professionals, spanning the domains of occupational therapy, physiotherapy, speech pathology, music therapy, art therapy, counselling, social work, psychology and any other service offered, are registered at all times. They meet the requirements for registration, and as such undergo regular training to remain updated on the best practices for maintaining client privacy, both in-person and digitally.

Destruction of Data
Post the mandatory retention period, all personal and health information that is no longer needed will be securely destroyed or de-identified, in line with Australian legal requirements and allied health guidelines.

Policy Updates
With the rapid evolution of digital health platforms and changing regulations, our privacy policy may undergo occasional revisions. We encourage our clients to periodically review our policies to stay informed.