Your privacy is respected at CompMed

CompMed Health Institute


This Privacy Policy was updated on 24th September 2018.


Who ‘we’ are

When we refer to ‘we’ (or ‘our’ or ‘us’), that means CompMed Health Institute and our website Address details for our CompMed office are available on our Contact us page.

We are a boutique acupuncture clinic on the Gold Coast, Australia and we provide acupuncture treatments, diet and lifestyle advice and nutritional supplements to our patients.

CompMed Health Institute are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988(Commonwealth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Commonwealth), the Australian Privacy Principles and the Information Privacy Act 2009 (Queensland).

The purpose of this Privacy Policy is to clearly communicate how CompMed Health Institute collects and manages personal information. We respect the privacy of the people who visit and submit information to our business and website and we adhere to the following privacy policy. If you have any questions about this privacy policy please email

From time to time we may make changes to our policy, processes and systems in relation to how we handle your personal information. We will update this Privacy Policy to reflect any changes. Those changes will be uploaded to our website.


In order to provide patients with adequate professional health care services and/or medical services, CompMed Health Institute will need to collect and use personal information.

We collect information that is necessary and relevant to provide you with professional health treatment and/or medical treatment, and manage our health care practice. It is important to be aware that if you provide incomplete or inaccurate information or withhold personal health information, we may not be able to provide you with the services you are requesting. This may include information about your health history, family history, ethnic background or current lifestyle to assist the health care team in diagnosing and treating your condition.  We may also need to collect information from

other sources such as treating specialists and other health care providers. Either your practitioner, and/or non-medical staff may collect this information. In emergency situations we may also need to collect information from your relatives or friends. We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; computer and connection information and booking history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, communications); comments, feedback, recommendations, and personal profile. We may be required by law to retain records for certain periods of time depending on your age at the time we provide services. This information may be stored on our computer records system and/or in hand written medical records.


How we collect information

When you make a booking over the phone, in person or on our website, as part of the process, we collect personal information and health information you provide us. Other methods of collection include our confidential intake forms, during face to face consultation, referral from another health care professional, or online via our website, booking site, social media and newsletter sites. In other instances, we may need to collect personal information about you from a third party source eg. where your health is potentially at risk and your personal information is needed to provide you with

emergency medical treatment. Your personal information will be used for the specific reasons stated in this document only. CompMed Health Institute endeavours to store and retain your personal & health information in electronic records that are stored securely on a local server and in our

online platforms that are firewalled. For more information on those companies privacy policies please go to:

Some hard copy records such as those obtained from other health services are secured until they can be scanned and managed electronically.


How we store, use, share and disclose your personal information

Our company website is hosted on the platform and we use Timely online booking system and Xero accounting system. These systems provide us with the online platforms that allow us to offer our products and services to you. Your data may be stored through Wix, Timely, Xero

data storage, databases and the general applications. They store your data on secure servers behind a firewall.  Your personal information may also be scanned, stored and backed up on our firewalled and password protected clinic computer system.

We will only use or disclose your personal information for the following purposes:


  1. To provide and operate the services we offer;

  2. To provide our patients with ongoing care and support;

  3. To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;

  4. To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we may use to provide and improve our respective services;

  5. To comply with any applicable laws and regulations.

  6. To assist outside contractors in carrying out activities on our behalf, such as an IT service provider, solicitor or debt collection agent.


How we communicate with you

We may contact you to notify you regarding your bookings, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text

messages, and postal mail.


Data Quality and Security

We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. We may ask you to confirm that your contact details are correct when you attend a consultation. We request that you let us know if any of the information we hold about you is incorrect or out of date.

Personal information that we hold is protected by: securing our premises; placing extensive security measures across our computer network by placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and providing locked cabinets and rooms for the storage of physical records.


How we use cookies and other tracking tools

It's important to note that third-party services, such as Google Analytics or other applications placing cookies or utilising other tracking technologies through CompMed’s online services, may have their own policies regarding how they collect and store information. As these are external services, such practices are not covered by the CompMed Privacy Policy. Transient and permanent cookies are stored on our site visitor’s computers.

How you can withdraw your consent for collection of personal information, and how you can request access to, or change of, the collected information.

You are entitled to request in writing access to your personal and health records. There may be a fee for the administrative costs of retrieving and providing you with copies of your records. Some records cannot be accessed, changed or deleted as required by law. All changes to personal information will be subject to patient’s consent and acknowledgement. If you believe that the information we have about you is not accurate, complete or up-to-date, or if you wish to review your consent for receipt of CompMed’s promotional material please contact us in writing.

The address for written request for access to personal information

is: or send us mail to: PO Box 762, Southport BC, QLD, 4215.

Use of Overseas Parties:

We do not sell or rent your information to any third parties or overseas entities. We do engage with our trusted overseas platforms via our online systems, and your information may be transferred, appointed and disclosed solely in the interest of completing tasks and providing services to you.  

Disposal of Personal/Health Information

If we receive any unsolicited personal information or if we hold any personal or health information about you that is no longer deemed relevant or appropriate we will reasonably de-identify and dispose of said information accordingly.


Access to Policy

We provide free copies of this Privacy Policy for patients and staff, which can be accessed at:


  • The Practice Policy and Procedure Manual:

  • Full Hard Copies provided upon request

  • Policy Summary available on request at clinic reception

  • Online at

Privacy policy updates

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 


Questions and our contact information

If you would like to: access, correct, amend any personal information we have about you, you are invited to contact us at:


CompMed Health Institute

PO Box 762

Southport BC Qld 4215 Australia

or email:



The APPs regulate how CompMed Health Institute may collect, use, disclose and store personal information and how individuals, including CompMed Health Institutes patients may:

  • address breaches of the APPs by CompMed Health Institute

  • access their own personal information; and,

  • correct their own personal information.

 In this Privacy Policy, common terms and definitions include:

  • "personal information" as defined by the Privacy Act 1988 (Commonwealth).

  •  Meaning "information or an opinion including information or an opinion forming part of a database, whether true or not, and whether recorded in a material format or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion"; and,

  • "health information" as defined by the Privacy Act 1988 (Commonwealth).

This is a particular subset of "personal information" and means information or an opinion about:

  • the health or a disability (at any time) of an individual;

  • an individual's expressed wishes about the future provision of health services to him or her; or,

  • a health service provided or to be provided to an individual.

 Personal information also includes 'sensitive information' which is information including, but not limited to a patient’s:

  • race;

  • religion;

  • political opinions;

  • sexual preferences; and or,

  • health information.

Information deemed 'sensitive information' attracts a higher privacy standard under the Act and is subject to additional mechanisms for the patient’s protection.