Introduction

Zoeopathy is a specialist telehealth practice operated by Zoë Vigors (ABN:46 472 235 928), offering evidence-informed naturopathic and clinical nutrition consultations to clients in Australia, Ireland, and internationally.

The nature of this work requires the collection of detailed personal and health information. I take that responsibility seriously. This Privacy Policy sets out what information I collect, the purposes for which it is collected and used, how it is stored and protected, and your rights in relation to your data.

By using this website or engaging my services, you agree to the collection and use of your information as described in this policy.

This policy may be updated from time to time to reflect changes in my practice, the platforms I use, or applicable law. The current version is dated at the bottom of this page. If you have any questions, please contact me at [hello@zoeopathy.com].

Who This Policy Applies To

This policy applies to all visitors to this website and all clients who engage Zoeopathy's services, regardless of location.

This policy is framed to comply with:

• The Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which govern the handling of personal information in Australia.

• The General Data Protection Regulation (GDPR) (EU) 2016/679, which applies to the collection and processing of personal data of individuals located in the European Union and European Economic Area, including Ireland.

Where the requirements of these frameworks differ, I apply the higher standard.

What Information I Collect

Personal Information

Personal information is information that identifies you or could reasonably be used to identify you. I may collect the following:

• Full name, date of birth, and contact details including email address, phone number, and country of residence

• Demographic information relevant to your care

• Emergency contact details

Health Information

As a naturopathic and clinical nutrition practice, the collection of detailed health information is clinically necessary to provide safe, personalised, and evidence-informed care. This may include:

• Medical history, current and past diagnoses, medications, and supplements

• Presenting symptoms, health goals, and relevant lifestyle factors

• Menstrual, reproductive, hormonal, and fertility history

• Gut health, dietary habits, and nutritional status

• Results from functional testing, pathology, and diagnostic investigations

• Clinical notes, treatment plans, and correspondence from our consultations

Health information is classified as sensitive data under both the Australian Privacy Act and the GDPR. It is handled with the highest level of professional care and confidentiality, consistent with my obligations as a registered practitioner.

Payment Information

Payment is processed through Practice Better, which operates on Stripe infrastructure. I do not store your credit card or banking details. All payment data is handled directly by Stripe under their privacy policy and PCI-DSS Level 1 security certification.

Website Information

This website does not currently use cookies or tracking analytics. If this changes, this policy will be updated accordingly.

How I Collect Your Information

Information is collected through the following channels:

• Your new client application form and intake questionnaire, completed via the Practice Better client portal

• Telehealth consultations conducted via secure video call

• Email and written correspondence

• Functional testing laboratories or other treating practitioners, where you have provided explicit consent for this information to be shared with me

• Cliniko, where applicable for Australian client records

Why I Collect Your Information

Your information is collected and used for the following clinical and administrative purposes:

• To conduct a thorough and accurate clinical assessment of your health history and presenting concerns

• To formulate evidence-informed, personalised healthcare plans, supplement prescriptions, and clinical documentation

• To monitor your progress and adjust your treatment plan over time

• To communicate with you about appointments, test results, and your care

• To process bookings and payments

• To fulfil my professional and legal obligations as a registered naturopath and clinical nutritionist

• To refer you to or collaborate with other members of your healthcare team, with your consent

Your information is not used for marketing purposes without your explicit consent.

Legal Basis for Processing (GDPR)

For clients located in the EU or EEA, including Ireland, I process your personal data on the following legal bases under the GDPR:

• Contract: Processing is necessary to deliver the services you have engaged me to provide.

• Legitimate interests: Processing is necessary for the management of my practice, the maintenance of clinical records, and the fulfilment of my professional obligations.

• Legal obligation: Processing is required to comply with applicable law or professional regulatory requirements.

• Consent: Where processing falls outside the bases above, I will seek your explicit consent. You have the right to withdraw consent at any time, without affecting the lawfulness of any processing carried out prior to withdrawal.

• Vital interests: In exceptional circumstances, processing may be necessary to protect your vital interests or those of another person.

For special category data (health information), processing is conducted on the basis of:

• Explicit consent, and

• Health or social care purposes, where processing is necessary for the provision of professional healthcare services under Article 9(2)(h) GDPR.

How Your Information Is Stored

Your clinical records and personal information are stored within the following professionally managed, security-certified platforms:

• Practice Better: A HIPAA-compliant, end-to-end encrypted telehealth and practice management platform used for client records, consultation notes, treatment plans, and secure messaging. For further information, see the Practice Better Privacy Policy.

• Cliniko: A secure, Australian-based practice management platform used for Australian client records. Cliniko is compliant with Australian privacy legislation and industry security standards. For further information, see the Cliniko Privacy Policy.

In addition to the safeguards built into these platforms, I apply appropriate technical and organisational measures within my own practice to protect your information from unauthorised access, disclosure, alteration, or loss.

How Long I Keep Your Information

Client health records are retained for a minimum of seven years from the date of last contact, in accordance with Australian health records legislation. For clients who were minors at the time of treatment, records are retained until the client turns 25, or for seven years from the date of last contact, whichever is the longer period.

For EU and Irish clients, retention periods are also guided by GDPR principles of data minimisation and storage limitation. Records are not retained beyond the period necessary for the clinical and legal purposes for which they were collected.

Who I Share Your Information With

I do not sell, rent, or trade your personal information. Your information may be disclosed in the following limited and purposeful circumstances:

• With your consent: For example, where you have requested that I correspond with your GP, specialist, or another member of your healthcare team.

• Third-party platforms: Practice Better and Cliniko process your data as described above. These platforms act as data processors on my behalf and are bound by their respective privacy, security, and compliance obligations.

• As required by law: I may be required to disclose information to regulatory bodies, courts, or other authorities where required by applicable law or professional obligations.

• In an emergency: Where there is a serious and imminent risk to your health or safety, or the health or safety of another person, relevant information may be disclosed without your consent where this is necessary and proportionate.

Supplement distributors receive only the minimum information necessary to fulfil a prescription, such as your name and delivery address. They do not receive your clinical records or health history.

Your Rights

Australian Clients

Under the Australian Privacy Act and the Australian Privacy Principles, you have the right to:

• Request access to the personal information I hold about you

• Request correction of inaccurate, incomplete, or out-of-date information

• Make a complaint about the handling of your personal information

To exercise any of these rights, please contact me at [hello@zoeopathy.com]. I will respond within a reasonable timeframe. If you remain dissatisfied with my response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

EU and Irish Clients

Under the GDPR, you have the following rights in relation to your personal data:

• Right of access: You may request a copy of the personal data I hold about you.

• Right to rectification: You may request correction of inaccurate or incomplete data.

• Right to erasure: You may request deletion of your data, subject to my legal and professional record-keeping obligations.

• Right to restriction of processing: You may request that I limit how I use your data in certain circumstances.

• Right to data portability: You may request your data in a structured, commonly used, machine-readable format.

• Right to object: You may object to processing carried out on the basis of legitimate interests.

• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without penalty.

To exercise any of these rights, please contact me at [hello@zoeopathy.com]. I will respond within one month, as required under GDPR.

If you are not satisfied with how I have handled your request or your data, you have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland at www.dataprotection.ie, or with the supervisory authority in your country of residence.

International Data Transfers

Zoeopathy operates across Australia and Ireland. Your data may be stored on or transferred to servers located outside your country of residence. Where this occurs, I ensure that appropriate safeguards are in place, consistent with GDPR requirements and Australian privacy law, to protect your information regardless of where it is held.

Practice Better and Cliniko each publish their own data storage and transfer policies, which are available via the links provided in this document.

Complaints

If you have a concern about how your personal information has been handled, please contact me directly at [hello@zoeopathy.com] in the first instance. I take all privacy matters seriously and will work toward a prompt and fair resolution.

If you remain dissatisfied, you may contact the relevant regulatory authority:

• Australia: Office of the Australian Information Commissioner (OAIC), www.oaic.gov.au

• Ireland / EU: Data Protection Commission (DPC), www.dataprotection.ie

Contact

For any questions about this Privacy Policy or the handling of your information, please contact:

Zoë Vigors Zoeopathy [hello@zoeopathy.com] [www.zoeopathy.com]

This Privacy Policy was last updated June 2026.