Privacy Policy


One Rehabilitation Service provides rehabilitation services to people with brain injuries. As part of the service provided One Rehabilitation Service communicates with a broad range of individuals in order to provide quality rehabilitation, information, lifestyle support, advocacy and community education. In order to achieve this, One Rehabilitation Service collects, stores, accesses and uses personal information in order to meet the needs of our clients.


The National Privacy Principles of the Privacy Act of 1988 apply to One Rehabilitation Service. This document outlines how One Rehabilitation Service manages the personal information we hold.



Client: Defined as any person or business who is referred to One Rehabilitation Service or whom uses a service provided by One Rehabilitation Service.
One Rehabilitation Service: Defined as any employee, sub-contractor or volunteer of One Rehabilitation Service who provides information, advocacy, rehabilitation or education to a client.


General Information



One Rehabilitation Service may hold the following personal information about you:

  • Name
  • Contact details, including address
  • Date of birth
  • Name and contact details for next of kin
  • Name and contact details for legal guardian and trustees
  • Name and contact details for health professionals
  • Medical diagnosis of acquired brain injury (ABI) and other relevant health information
  • Details of services we provide to you
  • Details of other services provided to you
  • Any additional information provided to us by you or any referring agencies

One Rehabilitation Service will destroy or de-identify personal information when no longer needed for the purpose for which it was collected and all statutory obligations for maintenance have been discharged. Records are required to be kept for a minimum of 7 years from the last contact date.



One Rehabilitation Service may use personal information to:

  • Maintain client records detailing contact between you and One Rehabilitation Service
  • Manage and arrange advocacy, educational and rehabilitative support
  • Communicate with agencies and other service providers
  • Provide both identified and de-identified information to Government agencies in compliance with numerous legislative requirements

With your prior consent, personal information may be used for:

  • Communicating events (e.g. workshops and therapy groups)
  • Direct mailing (e.g. service evaluations)
  • One Rehabilitation Service will not disclose personal information about you to any person unless:
  • You have consented to the disclosure
  • The disclosure is or a purpose related to the primary purpose for which the information is collected and for which it would be reasonably expected to be used
  • Disclosure is required by Commonwealth or State legislation or in circumstances related to public interest or public or individual health and/or safety

You are able to opt out of receiving any communication from One Rehabilitation Services at any stage, other than that required for the operation of our services.



One Rehabilitation Service maintains paper-based and electronic files. Information about you is stored in a locked secure location. Information stored on a computer is password protected. To ensure the highest standard of interdisciplinary communication, your information is also stored on practice management software, Nookal. Security measures to prevent loss, unauthorised access and misuse or disclosure of personal information include:

  • Physical security of premises
  • Restriction of access to paper-based and electronic client files
  • Username and password protection for electronic devices
  • Development of information management policies
  • Adherence to One Rehabilitation Service’s Code of Conduct Policy and all discipline-specific Code of Conducts/Code of Ethics
  • Regular training for employees regarding privacy and confidentiality
  • Annual review of Privacy and Confidentiality Policy and Procedures



One Rehabilitation Service is responsible for:

  • The collection of accurate, up-to-date and complete client information
  • Protection of client information
  • Destruction or de-identification of client information



You are entitled to access and view, request a copy or amendment of any personal information that One Rehabilitation Service has collected about you.


Website Privacy Policy


This privacy policy tells you how we collect and use information collected by One Rehabilitation Service from our website address is


If you have any enquiries please feel free to contact us at:

One Rehabilitation Service
PO Box 998
PH: 0423 423 440

The term “Personal Information” in this privacy policy means any information from which your identity is apparent or can be reasonably ascertained. We do not collect Personal Information about you when you simply visit our website.


You can use this service without telling us who you are or revealing other Personal Information. If you send us a contact or feedback form you do not need to identify yourself or use your real name.




The purpose of this online service is to provide you with information regarding website design, CRM and CMS interfaces, management and control of your email, domain name/s, website/s and contact control mechanisms.


What is the “Personal information” we collect and why we collect it

If you use a form on our website, register, comment or contact us through the website we will collect the email address you nominate and any other identifying information you provide. This may include personal data, such as name, email address, personal account preferences; transactional data, such as purchase information; and technical data, such as information about cookies.

This information is used to contact you, to determine efficiencies of our on-page information, to enhance our on-page strategies and to process orders and requests. This information will never be on-sold or provided to anyone who is not directly working for One Rehabilitation Service.

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Other than circumstances such as unlawful activity or serious threats to health and safety, we do not share Personal Information with anyone. You may opt out of further contact from us at any time.



If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.


Embedded Content

Articles on this site may include embedded content (e.g. videos, images, articles, facebook posts, instagram posts etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.


How we deal with complaints and requests

You may request access to Personal Information about you that we hold and you may ask us to correct your Personal Information if you find that it is not accurate, up-to-date or complete. You may also make a complaint about our handling of your Personal Information. These services are free of charge.

To protect your privacy and the privacy of others, we will need evidence of your identity before we can grant you access to information about you or change it.

You can contact us by email, or send your request or complaint to the postal address below. We undertake to respond within 30 days. If the request or complaint will take longer to resolve, we will provide you with a date by which we expect to respond.


How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.


What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


Where we send your data

Visitor comments may be checked through an automated spam detection service. All other information you enter into our website is emailed to our staff to handle as appropriate.


How we protect your “Personal Information”

Our website is hosted in a secure environment protected by encryption and maintained daily for security. To help protect the privacy of data and personal information we collect and hold, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis.

We train our employees about the importance of confidentiality and maintaining the privacy and security of your information. Access to your Personal Information is restricted to employees who need it to provide benefits or services to you.


What data breach procedures we have in place

In the event that we experience a data breach, we will immediately change all passwords, create a fresh backup, identify the breach and remove the code and means of access, contact any supervisory authority required, contact impacted customers and we will examine how the hack occurred and take preventative measure to prevent the hack from happening again.


What third parties we receive data from

We receive data from Google Analytics, Google Ads, and Google Tag Manager regarding the behaviour of visitors to our website. This information is an interpretation of the behaviour on our website. We receive no other data from other third parties.


Website analytics

To improve your experience on our site, we may use ‘cookies’. Cookies are an industry standard and most major web sites use them. A cookie is a small text file that our site may place on your computer as a tool to remember your preferences. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy.


Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

By using this website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy and for the purposes set out above. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google. also uses interfaces with social media sites such as Facebook, LinkedIn, Twitter and others. If you choose to “like” or “share” information from this website through these services, you should review the privacy policy of that service. If you are a member of a social media site, the interfaces may allow the social media site to connect your visits to this site with other Personal Information.


Our obligations

This online service is bound by the provisions of the Privacy Act 1988 (Cth), including the Australian Privacy Principles.





If you have any queries or concerns in relation to this information please contact One Rehabilitation Service:
One Rehabilitation Service
PO Box 998
PH: 0423 423 440


If you believe there has been a breach of your privacy, you can make a complaint to One Rehabilitation Service directly or to the Commonwealth Government’s Privacy Commissioner. Complaints made to the Privacy Commissioner are generally referred back to the organisation to allow the matter to be resolved directly.


If a complaint is received, by One Rehabilitation Service or by the Privacy Commissioner, One Rehabilitation Service will act in accordance with all requirements as outlined in One Rehabilitation Service’s Complaint Resolution Policy and Procedure documents and as outlined by the Office of the Privacy Commissioner.