Neudle Psychology Pty Ltd (ABN 24 665 149 226) collects, works with, and retains its clients personal information as required for the provision of psychological services. At Neudle we are committed to protecting the privacy of our clients and providing a safe and secure environment for them. We understand the importance of personal information and the trust that is placed in us when it is shared.

This policy explains how we collect, use, store, protect, and disclose personal information in line with the Privacy Act 1988, the Australian Privacy Principles, and the Psychology Board of Australia (PsyBA) Code of Conduct. Where relevant, our practice also aligns with the ethical principles promoted by the Australian Psychological Society (APS). This means that Neudle handles your information with the same professional and legal standards required of registered psychologists in Australia.

This policy applies to all individuals whose personal information is collected or handled by Neudle Psychology, including clients, prospective clients, referrers, and any individuals who contact or interact with our service.

We collect personal information that helps us deliver and manage services. This may include identifying details (such as your name and contact information), relevant health and personal history, clinical notes, communication records, and necessary administrative information such as scheduling or billing.

In some circumstances, and only with appropriate consent, we may collect relevant information from third parties such as general practitioners, allied health practitioners, referrers, or family members.

We only collect information that is reasonably required for safe and effective service delivery, professional obligations, or administrative processes.

Information may be collected through intake forms, digital communication, conversations during sessions, document exchange, and other interactions connected to our services. If we need information from another party (such as a referring health professional), we will seek your consent unless disclosure is required or permitted by law for safety or legal reasons.

Some communications, such as emails or client portal messages, may be stored within your clinical record where relevant to your care, for continuity, accuracy, or legal documentation.

We do not collect information from external sources without a valid reason linked to service delivery or legal obligations.

When you visit our website, anonymous usage data may be collected automatically (such as pages visited, session duration, and technical browser information) for the purpose of site improvement and analytics. Basic cookies may be used, and you can disable them through your browser if you prefer.

We collect information to support the wellbeing of the people we work with and ensure we can provide ethical, informed, and appropriate services. This includes case understanding, continuity of support, clinical reasoning, record keeping, and meeting regulatory requirements.

We also use contact details (such as email or phone) to send appointment confirmations, reminders, scheduling information, service updates, and administrative communications related to your engagement with Neudle services.

By engaging with Neudle services, you understand that relevant details may be documented as part of responsible professional practice.

Within Neudle, personal information is accessible only to team members who genuinely need it for their role. This may include administrative staff for scheduling and communication, and psychologists for clinical work.

Occasionally, clinicians may anonymously discuss cases internally and/or in supervision or peer consultation. In such contexts, identifying details are minimised or removed.

We treat internal handling of information with discretion and respect.

All psychologists Neudle are bound by ethical, regulatory, and legal requirements regarding the collection, use, and safeguarding of personal information. We follow the Psychology Board of Australia (PsyBA) Code of Conduct, which sets out expectations for confidentiality, informed consent, professional responsibility, and appropriate record keeping.

Under the PsyBA Code of Conduct and National Law, psychologists also have mandatory reporting obligations in certain circumstances to prevent the public from being placed at risk of serious harm. These responsibilities exist to protect both clients and the broader community.

This duty of care includes ensuring that information is only collected where relevant, handled with discretion, and used solely for clinical or administrative purposes connected to service delivery. In supervisory, peer review, or internal consultation contexts, identifying details are minimised or removed where possible, and any sharing is restricted to authorised professionals who are also bound by confidentiality.

We take care when using electronic communication. However, email and other digital channels cannot be fully guaranteed as secure environments. By communicating with us digitally, you acknowledge this inherent limitation and understand that sensitive matters are best discussed within session time.

Digital communications (including emails and portal messages) may be stored as part of the clinical or administrative record when relevant to service provision.

We primarily use secure digital systems to store and manage personal information. Physical documents are used only when necessary, and when they are used they are securely stored.

We also use trusted external service providers for functions such as scheduling, file storage, communication, and telehealth. In some situations, data may be stored or processed outside of Australia. When this occurs, it is handled in accordance with applicable privacy laws and security standards.

We take reasonable steps to ensure that the systems we use meet acceptable levels of data protection. We also take active measures to guard against misuse, loss, or unauthorised access, and to ensure that personal information is handled with care and confidentiality.

AI-assisted tools may occasionally be used for administrative or organisational purposes, such as drafting or formatting written content. These tools are never used to make clinical decisions or interpret personal information. We take care not to intentionally input identifiable or sensitive details into AI systems unless legally required or with explicit consent.

Where information is processed by external AI providers, it is subject to their own privacy practices.

Because much of our work is conducted via telehealth, both clients and clinicians are responsible for ensuring a private and safe environment during sessions. If a session is to be recorded for purposes such as training or supervision, this will only occur with agreement from all parties. Any recordings, if made, are stored securely and deleted once no longer required.

Telehealth is provided using third-party platforms, and any data security issues arising from those platforms are the responsibility of the provider.

Records are retained for the minimum required period under professional and legal standards: at least seven years from the last service date, or until age twenty-five where services were provided to someone under eighteen. After this period, records may be securely destroyed.

Temporary working files, recordings, or internal reference documents may be deleted earlier once they are no longer needed.

You are welcome to request access to personal information we hold about you by contacting us in writing via email. In some circumstances, access may be limited where required by law or where it may compromise safety, privacy, or other obligations. Access may also be declined where it would unreasonably impact the privacy of another person.

You may also request correction of personal information that you believe is inaccurate, incomplete, or outdated.

If an unauthorised access or breach of personal information occurs, we will follow the Notifiable Data Breaches scheme. This includes investigating the breach, taking steps to reduce harm, and notifying those affected when required.

Should Neudle’s ownership structure change in the future (such as a sale, merger, or structural transition), client records may be transferred to the new entity as part of the ongoing provision of psychological services and in compliance with privacy and professional obligations.

This Privacy Policy is read in conjunction with other Neudle documents including our Booking Terms, Cancellation Policy, and any service-specific consent forms or agreements used as part of service delivery. These additional documents provide specific conditions related to particular types of services.

Clients may also refer to the APS Charter for Clients of Psychologists as an additional guide to expectations of psychological service.

Our services and technologies may change over time. We may update this policy to reflect those changes and remain compliant with current standards. Revised versions will be posted on our website.

We welcome questions or feedback about how your information is handled. You may contact us by email at admin@neudle.com.au

If you are dissatisfied with our response or wish to escalate a concern, you may contact the Office of the Australian Information Commissioner, the Psychology Board of Australia, or AHPRA.