Privacy Policy

Within Therapy
Effective Date: November 2025
Contact: begin@withintherapy.com.au
Location: New South Wales, Australia

1. Introduction

Your privacy is important to us. This Privacy Policy explains how Within Therapy collects, uses, stores, and protects your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

We are committed to maintaining the confidentiality of your information and ensuring it is handled with respect, care, and professional integrity.

2. Information We Collect

We collect personal and sensitive information necessary for providing counselling and psychotherapy services, including:

  • Your name, contact details, and date of birth

  • Relevant health and wellbeing information

  • Session notes, assessments, and treatment plans

  • Payment information for invoicing and record-keeping

  • Correspondence between you and Within Therapy (e.g., emails or phone calls)

We collect this information directly from you or, with your consent, from other professionals involved in your care.

Sensitive information, as defined under the Privacy Act, includes health information, mental health information, and any details relating to your treatment. This information is collected only where reasonably necessary for providing counselling services and with your consent.

For clients under 18, information may be collected from or shared with a parent or guardian where appropriate and in accordance with privacy and consent laws.

3. How We Use Your Information

Your information is used to:

  • Provide counselling and psychotherapy services

  • Communicate with other professionals involved in your care where you have provided consent

  • Manage appointments, payments, and communication

  • Maintain accurate clinical records

  • Meet legal, ethical, and professional obligations (e.g., mandatory reporting or court orders)

Your information will not be used for purposes other than those for which it was collected unless you provide consent or it is required by law.

4. Storage and Security

Within Therapy stores client records securely, either electronically (password-protected and encrypted) or in locked physical storage. We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.

Clinical records are retained for at least seven (7) years after your last contact, or longer where required by law (e.g., until a minor client turns 25). After this period, records are securely destroyed or de-identified.

We may use reputable third-party providers for email hosting, telehealth, website management, or payment processing. These services may store information on secure servers in Australia or overseas. Where data is stored overseas, it is managed in accordance with the Australian Privacy Principles and the privacy policies of those providers.

General enquiries that do not become part of a clinical record may be deleted once no longer required.

5. Disclosure of Personal Information

Your information remains confidential except in the following situations:

  • You provide consent for information to be shared (e.g., with your GP or other health professional)

  • There is a serious and imminent risk of harm to yourself or others

  • Information is required or authorised by law (e.g., subpoena, mandatory child protection reporting)

  • De-identified information is discussed in supervision as required under PACFA’s ethical guidelines

Within Therapy does not disclose personal information to overseas recipients unless necessary and with your informed consent.

6. Telehealth Services and Online Communication

Within Therapy provides telehealth sessions using secure, encrypted platforms. We take reasonable steps to ensure the privacy and confidentiality of online sessions and communications.

However, no method of transmitting information over the internet can be guaranteed to be completely secure. By engaging in telehealth services, you acknowledge these inherent risks and agree to take reasonable steps to maintain your own privacy (e.g., choosing a private location).

7. Access and Correction

You have the right to access your personal information and request corrections if you believe it is inaccurate, incomplete, or outdated. Requests can be made by emailing begin@withintherapy.com.au. We will respond within a reasonable timeframe and explain any limitations that may apply.

If you are dissatisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Website and Online Services

When you visit our website, we may collect non-identifying information such as browser type, pages visited, and time spent on the site through cookies or analytics tools. This helps us improve our website and user experience. You can choose to disable cookies through your browser settings.

If you contact Within Therapy via email or online form, your information is transmitted securely and used solely to respond to your enquiry.

Our website is hosted by Squarespace and may use third-party analytics (such as Google Analytics), which collect de-identified usage data. These services operate under their own privacy policies.

9. Changes to This Policy

This Privacy Policy may be updated periodically to reflect changes in legislation or practice operations. The latest version will always be available on our website.

10. Questions or Complaints

If you have questions about how your information is managed, or if you believe your privacy has been breached, please contact:

Within Therapy
Email: begin@withintherapy.com.au

If your concern is not resolved, you may contact the Office of the Australian Information Commissioner:
Website: www.oaic.gov.au/privacy
Phone: 1300 363 992

You may also raise ethical concerns with the Psychotherapy and Counselling Federation of Australia (PACFA) via their complaints process at www.pacfa.org.au/complaints.