This document describes the privacy policy of Zoe Yvette Williams trading as MAIA Exercise Physiology (ABN: 51 079 967 185) for protecting the privacy of personal information we collect, hold, use and disclose through our website, directly from you, or through the provision of our services to you.

As a health service provider, we are bound by the legal requirements of the Australian Privacy Principles set out in the Privacy Act 1988. If you do not wish for your personal information to be collected in a way anticipated by this Privacy Policy, we may not be able to provide our services to you. 

Collection of personal information

Types of personal information we collect may include:

  • Name, date of birth, address, contact details including phone number and email address.

  • Financial payment details such as your credit card number.

  • Transaction data detailing your payments to us, products and services purchased.

Sensitive information such as:

  • Health information including medical history, medications, allergies, adverse events, immunisations, social history, family history.

  • Details of other health professionals involved in your care and copies of any referral letters and/or medical reports and/or test results. 

This information is usually only collected from patients who we are providing services to, or potential clients who have requested information or assistance. 

We may collect personal information via:

  • When someone visits our website.

  • When someone schedules an appointment (for example, using our Halaxy booking system).

  • When someone makes a payment (for example, through Halaxy – please check their privacy policy to understand how they collect, use and disclose your personal information).

  • When someone contacts us (for example, via phone, email, website or social media accounts).

  • When someone completes a form or questionnaire with us (for example, through Halaxy, PhysiTrack.

  • When someone subscribes to our website.

  • When someone purchases or participates in one of our products or services. 

Personal information is collected for the purposes of:

  • Contacting you to provide information and to deliver services to you, and/or the person/organisation that referred you to us.

  • To manage our business.

  • To access and maintain medical records and history from treating healthcare providers.

  • To meet compliance requirements of statutory and legislative bodies and government departments, and our statutory and regulatory obligations.

  • To review, evaluate, develop and improve our services.

Disclosure (sharing)

We use and disclose personal information for the purpose in which it was collected as outlined above. We may also use and disclose personal information for other purposes where the individual provides informed consent for use or disclosure or where it is required or authorised under an Australian law or court/tribunal order. 

We may disclose your information to:

  • The organisation who referred you to our services (for example, your doctor or physiotherapist).

  • Organisations such as the state or federal police, lawyers and insurers as required by law. 

  • Organisations assisting us to carry out our functions (for example, Halaxy, Xero, Physitrack)

Protection of your personal information

We may store your personal information in electronic format in systems which are secured from unauthorised access. These security measures include:

  • The use of strong passwords in our devices, clinical software and cloud-based servers.

  • The use of strong password protection for our website, social media and email accounts. 

  • The storage of our devices in secure premises.

If a data breach was to occur involving personal information, we will notify the individual as soon as possible in accordance with our obligations under the Privacy Act and related legislation. 

We never sell or rent personal or sensitive information we collect. 

Updating or amending your personal information

If you believe any of your personal information held by us is inaccurate, incomplete, out of date irrelevant please contact us at

Accessing your personal information

You can request details of personal information that we hold about you by making a request in writing to detailing the information requested and proof of identity. We may refuse to provide you with information that we hold in certain circumstances set out in the Act. Otherwise, we will provide access to the information if it is reasonable and practicable to do so.

Concerns or questions

If you have a concern regarding your personal information or wish to make a complaint about the way we have handled your personal information, please contact Zoe Williams at