Privacy policy
Privacy policy
At Healing Home and Body, we value your privacy and are committed to protecting your personal information. This privacy policy outlines how we collect, use, and protect your information when you visit our website or use our services or purchase our products.
Healing Home and Body is a website operated by Healing Home and Body Pty Ltd ABN 68 696 294 809 (we, us and our).
We will collect, hold, use and disclose your personal information in accordance with this policy.
What is personal information?
The collection, use and disclosure of personal information is governed by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs).
Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.
What personal information do we collect and hold?
We may collect personal information from you, such as your name, email address, phone number, and other contact information, when you visit our website or use our services or purchase our products (where applicable). We may also collect information about you access and use our website or services, including through the use of cookies or other tracking technologies.
We may collect information about how you access, use and interact with the website through the use of analytics and tracking tools. This information may include:
(a) the location from which you have come to the site and the pages you have visited; and
(b) technical data, which may include IP address, the types of devices you are using to access the website, device attributes, browser type, language and operating system.
We use cookies on the website. A cookie is a small text file that the website may place on your device to store information. We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website for any of your future visits to the website. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on the website. You may refuse to use cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of the website.
Why do we collect, hold and use your personal information?
We collect, hold and use your personal information so that we can:
(a) provide you with products and services, and manage our relationship with you;
(b) contact you, for example, to respond to your queries or complaints, or if we need to tell you something important;
(c) develop and grow our business and services and business operations (including by identifying client needs and improvements in service delivery);
(d) maintaining, administering and managing our website and systems and applications;
(e) comply with our legal obligations and assist government and law enforcement agencies or regulators;
(f) identify and tell you about other products or services that we think may be of interest to you; or
(g) support internal business operations, including through the use of AI-assisted tools.
If you do not provide us with your personal information, we may not be able to provide you with our products or services, communicate with you or respond to your enquiries.
Use of AI- Assisted Tool
We may use AI-assisted tools (including software systems that generate or modify content using statistical or machine-learning models based on user inputs) to assist in the operation of our business and the provision of our services.
(a) such tools are used as internal aids only and do not replace human oversight or decision-making;
(b) any outputs are subject to human review and professional judgment prior to use; and
(c) we take reasonable steps to ensure the accuracy and appropriateness of any outputs.
We will not input your personal information or confidential information into publicly available AI-assisted tools that train on user-supplied data unless:
(a) you have provided prior consent; or
(b) we are using an enterprise or business-grade AI-assisted tool that:
(i) does not train on user data; and
(ii) includes appropriate data protection safeguards.
Where we use automated systems that may materially impact individuals, we will take reasonable steps to disclose:
(a) the use of such systems; and
(b) the types of personal information used.
You acknowledge that content generated or modified using AI-assisted tools may have limitations, including potential inaccuracies and limitations in relation to intellectual property rights.
We do not make decisions that significantly affect individuals based solely on automated processing.
How do we collect your personal information?
We collect your personal information in a variety of ways, including:
(a) Directly from you, when you interact with us, for example, when you contact us, submit an enquiry, make a purchase, sign up to our mailing list, or engage with us on social media.
(b) Automatically, through your use of our website and digital platforms, including cookies and tracking technologies that collect data about your device, browsing behaviour, and usage patterns.
(c) From third parties, including advertising platforms (such as Meta [Facebook and Instagram], Google), analytics providers, payment processors, and other service providers we use to operate our business. These third parties may collect information on our behalf or share information with us. And handle your personal information in accordance with their own privacy policies.
We also implement reasonable safeguards when using AI-assisted tools to ensure personal information is handled in accordance with this Privacy Policy.
How do we store and hold personal information?
The security of your personal information is extremely important to us. To prevent any unauthorised access or disclosure, we have implemented appropriate physical, electronic, and managerial security measures. These procedures aim to safeguard and secure personal information, protecting it from misuse, interference, loss, unauthorised access, modification, and disclosure.
Please note that we cannot guarantee the security of any information transmitted to or from us over the internet. The transmission and exchange of information is at your own risk. While we take reasonable precautions to prevent unauthorised disclosures, we cannot provide absolute assurance that the personal information we collect will never be disclosed in a manner inconsistent with this Privacy Policy.
In the event of a data breach that is likely to result in serious harm, we will comply with our obligations under the Notifiable Data Breaches scheme, including assessing the breach and notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable.
How we treat personal information that is also sensitive information?
Sensitive information is a subset of personal information that is given a higher level of protection under the APP.
Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
We will only collect sensitive information about you in circumstances permitted under APP 3.3, including:
(a) where you have consented to the collection;
(b) where collection is required or authorised by or under an Australian law or a court or tribunal order;
(c) where the collection is reasonably necessary for us to establish, exercise or defend a legal or equitable claim;
(d) where the collection is reasonably necessary for the purposes of a confidential alternative dispute resolution process; or
(e) where the collection is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain consent.
We only collect, hold, use and disclose sensitive information for the following purposes:
(a) any purposes you consent to;
(b) the primary purpose for which it is collected;
(c) secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the above listed third parties as reasonably necessary to provide our services to you;
(d) to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
(e) if otherwise required or authorised by law.
Given the nature of our business, we may collect health information from you (including information about your physical or mental health, disabilities, or health services you have received). We will handle your health information with the highest level of care and in accordance with the APPs.
We will only collect health information that is reasonably necessary for the provision of our products and services to you, and will not use or disclose your health information for any secondary purpose without your consent, unless otherwise required or permitted by law.
Who do we disclose your personal information to, and why?
We do not sell or rent your personal information. We may disclose your personal information to third parties your as required by law or permitted by the Privacy Act. We may share your personal information with:
(a) our employees or contractors;
(b) our business partners and affiliates; and
(c) our trusted third-party service providers who assist us in providing our products or services to you, such as payment processors, shipping providers, debt collectors, marketing agencies or website hosting providers.
If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.
We may also disclose your personal information to courts, tribunals and regulatory authorities, if:
(d) you fail to pay for any products or services we have provided to you;
(e) in connection with any actual or prospective legal proceedings;
(f) in order to establish, exercise or defend our legal rights; or
(g) as required by law.
Do we disclose personal information to overseas recipients?
Personal information may be stored in overseas. If we share your personal information with the third parties listed above, they may also store, transfer, or access personal information outside of Australia. We will only disclose your personal information to third parties in countries that have laws protecting personal information in a manner similar to the Australian Privacy Principles, unless we have obtained your consent for the overseas disclosure of your personal information.
Alternatively, we will take reasonable steps, considering the circumstances, to ensure that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.
For transfers of personal data from the EU or UK, we rely on adequacy decisions (where available), standard contractual clauses, or other appropriate safeguards as required by GDPR.
Do we use your personal information for marketing?
We want to make sure that we provide you with products and services that you’ll love, so we may use your personal information to offer you products and services that we think might interest you. However, if you prefer not to receive these offers, just let us know and we won't send them to you. These offers may come from us, our related companies, our business partners, or our service providers.
If you receive marketing emails from us, you can easily opt-out of receiving further emails by following the instructions provided in the email.
We will only send electronic marketing communications in accordance with the Spam Act 2003 (Cth).
Access to and correction of your personal information
You have the right to access and correct any personal information we hold about you. If you want to do so, just contact us using the details provided below. However, there may be some situations where we're not able to give you access to your information.
We won't charge you for requesting access to your information, but if your request requires us to do a lot of work, such as photocopying or compiling a lot of material, we may need to pass on some reasonable costs to you.
We will endeavour to respond to your request to access or correct your personal information as quickly as we can. We will also do our best to make sure that the information we hold about you is accurate and up-to-date.
Your rights under the EU GDPR
Under the European Union (EU) or United Kingdom General Data Protection (GDPR), as a data subject you have the right to:
(f) access your data;
(g) have your data deleted or corrected where it is inaccurate;
(h) object to your data being processed and to restrict processing;
(i) withdraw consent to having your data processed;
(j) have your data provided in a standard format so that it can be transferred elsewhere; and
(k) not be subject to a decision based solely on automated processing.
We process personal data under GDPR based on various legal grounds, including: your consent, performance of a contract with you, our legitimate business interests (where not overridden by your rights), and compliance with legal obligations.
Data Subject Rights
We have processes in place to deal with Data Subject Rights requests. Our actions and responsibilities will depend on
whether we are the controller or processer of the personal data at issue. Depending on our role as either a controller or processor, the process for enabling Data Subject Rights may differ, and are always subject to applicable law. We offer a self-service option in some situations that directly allows you to access, correct, or delete the personal data that youmay have provided.
Please refer to the Contact Details section of this policy if you would like to make a Data Subject Rights request or have a specific need for assistance with a Data Subject Rights request.
Data Retention
We will retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
If you no longer wish for us to retain your personal information, you may request its deletion by contacting us using the contact details provided in this Privacy Policy. However, please note that we may be required to retain certain information for legal or regulatory purposes, to resolve disputes, prevent fraud, enforce our agreements, or as otherwise required or permitted by applicable law.
In the event of a change in our data retention practices that may affect your personal information, we will provide you with notice of such change in accordance with applicable laws and regulations.
Children’s Privacy
We do not knowingly collect personal information from children under the age of 18 without appropriate consent from a parent or guardian. If you believe that we have collected personal information from a child without such consent, please contact us and we will take reasonable steps to delete the information.
Complaints
We take your privacy seriously, and we want to make sure that we're always doing the right thing by you. If you have a compliant about the way we've handled your personal information or you have any other privacy-related concerns, please get in touch with us using the contact details below.
We promise to listen to your complaint and investigate it thoroughly. We'll keep you updated on the outcome of our investigation and any subsequent internal investigations.
If you're still not satisfied with the way we've handled your privacy issue, you can reach out to an independent advisor for guidance. Alternatively, you can contact the Office of the Australian Information Commissioner (OAIC) for advice on other steps you can take. You can find their website at www.oaic.gov.au.
At the end of the day, we're committed to resolving any privacy issues quickly and to your satisfaction. So please don't hesitate to contact us if you need to.
Contact details
If you have any questions, comments, requests or concerns, please contact us at:
Healing Home and Body Pty Ltd ABN 68 696 294 809
Email: hello@healinghomeandbody.com
Last updated: 30s April 2026
Changes to this policy
We may update this privacy policy from time to time to reflect changes in our practices or legal obligations. We encourage you to review this privacy policy periodically to stay informed about how we are protecting your personal information.
If you have any questions or concerns about our privacy policy or how we use your personal information, please don't hesitate to contact us. We're always happy to help!