Privacy Policy

Last updated: 17/03/2026

Altum Counselling and Consulting Pty Ltd (ABN: 29 664 957 359) ("Altum", "we", "our", or "us") trading as Altum Integrated is committed to protecting your privacy and maintaining the confidentiality of your personal and health information.

As a provider of counselling, psychotherapy, and professional consultation services, we collect and manage sensitive health information in accordance with:

• the Privacy Act 1988 (Cth)
• the Australian Privacy Principles (APPs)
• relevant state and territory health privacy laws
• the Australian Association of Social Workers (AASW) Code of Ethics

This Privacy Policy explains how we collect, store, use, and protect your personal information.

1. What Information We Collect

In order to provide professional services, we may collect personal and health information including:

Personal Information

• name
• date of birth
• contact details (email, phone number, address)
• emergency contact details
• billing and payment information

Health Information

• medical or mental health history
• current concerns or reasons for seeking support
• therapeutic notes and treatment records
• relevant information from other health professionals where consent is provided

Health information is classified as sensitive information under Australian privacy law and is treated with a high level of protection.

2. How We Collect Your Information

We may collect information through:

• intake forms and consent forms
• bookings or enquiries through our website
• email or phone communication
• telehealth sessions
• therapeutic dialogue within our communication platforms
• referrals from other health professionals (with your consent)

Where practical, we will collect information directly from you.

3. Why We Collect Your Information

We collect personal and health information for purposes including:

• providing counselling, psychotherapy, or accompaniment services
• maintaining accurate clinical records
• communicating with you about appointments or services
• billing and administrative management
• complying with legal and professional obligations
• clinical supervision and quality improvement processes (using de-identified information where possible)

We only collect information that is reasonably necessary for providing safe and effective professional services.

4. How Your Information Is Stored

Altum uses secure digital systems designed for healthcare environments.

Cliniko Practice Management System

Client records and administrative information are securely stored within Cliniko, a cloud-based practice management system designed specifically for healthcare professionals.

Cliniko is used by Altum Integrated to manage:

• client intake forms and informed consent documentation
• appointment scheduling and service records
• secure clinical case notes and treatment records
• billing and invoicing
• secure administrative communications with clients, including embedded Cliniko encrypted video telehealth functionality (not Zoom, Googlemeet or Teams)

Cliniko incorporates multiple security safeguards designed to protect sensitive health information, including:

• strong encryption of data both in transit and at rest
• secure cloud infrastructure and monitored data centres
• role-based access controls to restrict who can view client information
• secure authentication protocols for practitioner access
• regular security monitoring and system updates

Cliniko is designed to assist healthcare practices in meeting obligations under the Australian Privacy Principles (APPs), which govern how personal information must be collected, used, stored, and protected in Australia.

Access to client records within Cliniko is restricted to authorised practitioners within Altum Integrated.

Altum Cor Secure Communication Platform

Clients participating in Altum Accompaniment Therapy communicate with their practitioner through Altum Cor, a secure asynchronous telehealth messaging platform developed specifically to support confidential therapeutic communication.

Altum Cor enables secure communication between the client and practitioner through:

• voice messages
• text messages
• image and file attachments

The platform incorporates several security safeguards designed to protect sensitive health information, including:

• end-to-end encryption for all messages
• all sensitive data is stored on secure servers located in Australia
• secure user authentication and account management
• account deletion function

Only the client and their authorised practitioner can access the content of communications within Altum Cor.

Altum Cor was developed in response to the absence of secure platforms designed specifically for asynchronous therapeutic communication that also align with Australian health privacy expectations. All other mainstream messaging platforms (Voxer, WhatsApp, Signal) store data on servers located outside Australia and are not designed for confidential healthcare communication.

Altum Cor provides a secure communication environment that supports the privacy and confidentiality obligations required in professional mental health practice.

Altum Cor App-Specific Data Handling

This subsection describes data handling specific to the Altum Cor mobile app.

Data collected through Altum Cor may include:

• account identifiers (user ID, unique ID, and account email)
• profile information entered in-app (for example, name and profile photo)
• user content sent in-app (voice messages, text messages, images, and file attachments)
• safety submissions (for example, report details entered by a user)
• technical/service data required to operate the app (for example, push notification token, basic device/app diagnostics, and security/audit logs)

Altum Cor does not require date of birth to create an in-app account.

How this data is used:

• authenticate users and enforce access controls (including approved-email onboarding)
• deliver secure messaging and attachments
• provide app features (including optional transcription features)
• maintain service reliability, security, and abuse-prevention controls
• provide user support and respond to safety reports

Encryption and storage:

• message content in Altum Cor is protected with end-to-end encryption
• sensitive app data is hosted on secure servers located in Australia
• access is restricted to authorised users and authorised practitioner/admin roles

Third-party advertising and tracking:

• Altum Cor does not sell personal information
• Altum Cor does not use third-party advertising SDKs
• Altum Cor does not perform cross-app tracking for advertising purposes

Transcription notice:

Where transcription is used, Altum Cor uses Apple Speech technology on iOS devices; processing behavior may depend on Apple's speech recognition services and device capabilities/settings.

Account controls:

• users can request account deletion from within the app
• users can access safety controls including block and report functions

5. Confidentiality

Your information is treated as confidential and will not be disclosed to third parties except in the following circumstances:

• when you provide explicit consent
• where required for clinical supervision (using de-identified information wherever possible)
• where required by law
• where there is a serious and imminent risk to your safety or the safety of another person
• where there are mandatory reporting obligations (such as suspected child abuse)
• where records are subpoenaed by a court of law

These exceptions reflect standard ethical and legal obligations for mental health professionals in Australia.

6. Access to Your Information

You have the right to request access to your personal information and clinical records.

Requests for access should be made in writing to: shawn@altumconsulting.com.au

In some circumstances permitted under law, access may be limited. For example, if releasing information may pose a serious risk to health or safety.

7. Correcting Your Information

We take reasonable steps to ensure that the personal information we hold is accurate and up to date.

If you believe any information we hold about you is incorrect, you may request that it be corrected.

8. Data Security

Altum takes reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification, or disclosure.

Security measures include:

• encrypted data transmission
• secure cloud infrastructure
• password-protected practitioner access
• secure clinical record systems
• restricted access to client data

Where possible, only the minimum necessary information is collected and stored.

9. Data Retention

Client records are retained in accordance with Australian legal and professional requirements for health practitioners.

Typically, clinical records must be retained for a minimum period (often 7 years from the last consultation, or longer for minors depending on jurisdiction).

10. Website Data and Cookies

Our website may collect limited information automatically through analytics tools such as:

• website usage data
• IP address
• browser information

This information helps improve website functionality and does not identify individuals personally.

11. Privacy Complaints

If you have concerns about how your personal information has been handled, please contact us first so we can address the issue.

Email: shawn@altumconsulting.com.au

If you are not satisfied with the response, you may contact:

Office of the Australian Information Commissioner (OAIC)
www.oaic.gov.au

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legislation, technology, or service delivery.

The most current version will always be available on our website.