Not sure if we're right for you?
Book a free call
Take Pre-Screening Quiz

We Respect Your Privacy

Privacy Policy

Effective Date: 28 October 2025

ZENN MED PTY LTD
ABN: 60 686 415 501
Email:[email protected]
Phone: (02) 8006 5881

We are committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information in accordance with the Australian Privacy Principles, Privacy and Personal Information Protection Act 1998 and the Health Records and Information Privacy Act 2002, as well as other applicable privacy laws in jurisdictions where we operate.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at https://www.oaic.gov.au/.

What is Personal Information and why do we collect it?

Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect include names, addresses, email addresses, phone numbers, and health information.

We collect Personal Information via correspondence, telephone, email, forms, cookies, third-party analytics tools, and public sources. We don’t guarantee website links or policy of authorised third parties.

We collect this information to:

  • Provide services and support;
  • Deliver relevant health or professional services;
  • Administer customer relationships;
  • Conduct marketing and analytics;
  • Comply with regulatory obligations.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

We only collect Sensitive Information where required and:

  • With your explicit consent;
  • Where required or authorised by law;
  • For primary or directly related secondary purposes;
  • Where necessary for legal or clinical service provision.

Health Information Handling

If we collect or store health information (such as medical history or treatment details), it is securely stored and:

  • Encrypted in transit and at rest;
  • Access is role-restricted and logged;
  • Subject to internal audits and compliance checks;
  • Retained only for as long as necessary for treatment or as required by law.

Disclosure of Personal Information

We may disclose your Personal Information to:

  • Service providers who support our operations under binding confidentiality agreements;
  • Government, regulatory or law enforcement bodies, as required;
  • Other third parties where you have provided consent.

If Personal Information is disclosed to overseas recipients (e.g. cloud storage or analytics providers), we take reasonable steps to ensure those entities handle your data in accordance with this Privacy Policy and relevant laws.

Cross-Border Data Transfers

Some Personal Information may be processed or stored outside Australia, including but not limited to the United States, Singapore, and Ireland (where providers such as Google or Meta may operate).

We ensure that any international data transfers are secured via:

  • Contractual safeguards;
  • Compliance with the APPs;
  • Encryption and access controls;
  • Due diligence on providers’ data protection standards.

Your Rights

As part of our commitment to transparency and data protection, you are entitled to exercise a number of rights under the Privacy Act 1988 (Cth) and relevant health privacy laws. These rights are designed to give you control over how your personal and health information is collected, used, and maintained.

You have the right to:

  • Request access to your Personal Information;
  • Request correction or updating of your information;
  • Request deletion of your data where no longer required;
  • Object to processing for marketing purposes;
  • Request a portable copy of your data where technically feasible;
  • Withdraw consent (where consent is the basis for processing).

How to Exercise Your Rights:

To submit a request regarding any of the rights listed above, please contact us in writing using the contact details provided at the beginning of this Privacy Policy. We may request verification of your identity to ensure that your information is not disclosed to or altered by an unauthorised individual.

We aim to respond to all valid requests within a reasonable timeframe, typically within 30 days. There is no charge for submitting a request; however, we may charge a reasonable administrative fee for the provision of physical copies or for excessive, repetitive, or manifestly unfounded requests.

If you are not satisfied with our response, you have the right to escalate your concern to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au

Maintaining the Quality of your Personal Information

It is important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

Security of Personal Information

We take reasonable steps to protect your Personal Information, including:

  • Encrypted data storage;
  • Firewalls, antivirus and intrusion detection systems;
  • Staff training and access controls;
  • Regular review and updating of our cybersecurity measures.


Data is securely destroyed or de-identified once no longer needed, except where legal obligations require longer retention (e.g. 7 years for client files).

All data transmitted through our website is secured using industry-standard Secure Socket Layer (SSL) or Transport Layer Security (TLS) encryption.

Data Breach Response

If a data breach occurs that is likely to cause serious harm, we will:

  • Assess the nature and scope of the breach;
  • Contain and mitigate any harm;
  • Notify the Office of the Australian Information Commissioner (OAIC) as required;
  • Notify affected individuals where there is a risk of harm;
  • Record and investigate the incident internally to improve future safeguards.

Use of Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. These technologies include, but are not limited to, cookies from Google Ads, Google Analytics, Google Tag Manager, and Meta Pixel.

Types of Cookies We Use:

  • Google Ads: We use Google Ads cookies to deliver targeted advertisements and measure the performance of our advertising campaigns. These cookies help us understand how users interact with our ads and enhance the relevance of the ads shown to you.
  • Google Analytics: We employ Google Analytics cookies to collect information about how you use our website. This data helps us analyse website traffic and improve our services. The information collected is aggregated and anonymised, ensuring it does not personally identify you.
  • Google Tag Manager: Google Tag Manager cookies allow us to manage and deploy marketing tags (snippets of code or tracking pixels) on our website without modifying the code. This helps us streamline the deployment of various marketing services and improves the efficiency of our campaigns.
  • Meta Pixel: We use Meta Pixel cookies to track user interactions on our website and measure the effectiveness of our advertising on Meta platforms (such as Facebook and Instagram). These cookies help us deliver ads that are relevant to your interests and measure ad performance.

Managing Cookies:

You can control the use of cookies at the individual browser level. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you choose to disable cookies, you may still use our website, but your ability to use some features or areas of our site may be limited.

Third-Party Cookies:

In addition to our own cookies, we may also use various third-party cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on. These third-party cookies are used only for the purpose of enhancing your user experience and improving the Service.

Consent:

By using our website and services, you consent to the use of cookies and similar tracking technologies as described in this section of our Privacy Policy. You can withdraw your consent at any time by adjusting your browser settings or by contacting us directly.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in applicable laws, regulations, industry standards, or our internal practices and services, including the introduction of new technologies or changes in our business operations.

All amendments will be effective upon publication of the updated policy on our official website, unless otherwise stated. The “Effective Date” at the top of the policy will indicate when the most recent version took effect.

We encourage you to review this Privacy Policy periodically to stay informed about how we manage your personal information. Where significant or material changes are made—especially those that affect your rights or the way your data is handled—we will provide additional notice, such as through direct communication or prominent announcements on our website.

Continued use of our services after any changes constitutes your acceptance of the revised policy, to the extent permitted by law.

Privacy Policy Complaints and Enquiries

If you have any questions, concerns, or complaints regarding this Privacy Policy or how your personal information is handled, we encourage you to contact us directly using the contact details provided at the beginning of this policy.

We take all privacy-related enquiries seriously and are committed to resolving complaints in a timely and respectful manner. Upon receiving a complaint, we will:

  1. Acknowledge your enquiry within a reasonable timeframe;
  2. Investigate the circumstances of your concern;
  3. Provide a written response outlining the outcome of our investigation and any steps taken to address the issue.


All complaints will be handled in accordance with our obligations under the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and, where applicable, relevant health privacy legislation.

If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC): Website: www.oaic.gov.au

Phone: 1300 363 992

Mail: GPO Box 5218, Sydney NSW 2001