top of page

Privacy Policy

Last Updated January 2026 

​1. Our Commitment to Your Privacy At Elmas Dietetics.

 We are committed to protecting the privacy and confidentiality of our clients, residents, and facility partners. We adhere to the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the Dietitians Australia Code of Conduct for Dietitians & Nutritionists.

This policy outlines how we collect, use, store, and disclose your personal and health information.

2. To provide our menu assessments, clinical consultations, auditing services, and professional development training, we may collect the following information:

  • Facility Data: Facility names, contact details, food safety records, and quality indicator data.

  • Resident Health Information: Medical history, biochemistry, anthropometry (weight/height), dietary requirements, and clinical notes for individual dietetic consultations.

  • Menu & Foodservice Data: Recipes, menus, production schedules, purchasing data, and supplier information.

  • Billing Information: Invoicing details and payment transaction records.

  • Other Information: Any other personal or sensitive information reasonably necessary for us to provide our services or manage our business relationship with you.

  • Unsolicited Information: If we receive personal information that we did not request and determine that we could not have lawfully collected it, we will destroy or de-identify that information as soon as practicable.

3. We use this information strictly for the purpose of delivering high-quality dietetic services and managing our business operations, including:

  • Conducting Menu and Mealtime Quality Assessments (MMQA) against the Aged Care Quality Standards.

  • Creating clinical records and managing appointments via our practice management software (Halaxy).

  • Conducting secure telehealth consultations via our video partner (Coviu).

  • Processing invoices, payments, and financial reporting via our accounting software (Xero).

  • Service Improvement: Using de-identified (anonymous) data for internal quality assurance, service development, and training purposes.

4. Disclosure of Information In accordance with the Dietitians Australia Code of Conduct, we will not disclose your personal or health information to third parties without your informed consent, unless required by law. We may disclose information to:

  • Health Professionals: GPs, Speech Pathologists, or Nurses involved in a resident's care to facilitate safe, collaborative practice.

  • Facility Management: For the purpose of audit reporting and compliance.

  • Our Team: Administrative staff or sub-contractors acting on behalf of Elmas Dietetics who are subject to the same strict confidentiality obligations.

  • Software Providers: We use third-party providers Halaxy, Xero, and Coviu. These providers are subject to strict data security obligations.

5. Storage and Security We take all reasonable steps to protect your information from misuse, interference, loss, and unauthorized access.

  • Clinical Records (Halaxy): All clinical notes and resident health data are stored in Halaxy, a secure, encrypted cloud-based practice management system protected by bank-grade security and 256-bit encryption.

  • Financial Records (Xero): All invoicing and financial data is stored securely within Xero, which utilizes multi-factor authentication and enterprise-level security protocols.

  • Remote Access: As a remote business, we utilize secure VPNs and two-factor authentication (2FA) when accessing facility data or our internal systems offsite.

6. Telehealth & Videoconferencing (Coviu) We utilize Coviu, an Australian Government-approved telehealth platform, to conduct remote clinical assessments and meetings.

  • Encryption: Coviu uses end-to-end encryption (DTLS-SRTP) for all video and audio calls.

  • Recordings: Sessions are not recorded unless explicit verbal consent is provided by you at the start of the call. Any recordings made will be stored securely within your clinical file (Halaxy) and treated as confidential health information.

  • Client Responsibility: While we take every precaution to secure the connection, you are responsible for ensuring you are in a private, quiet space where you cannot be overheard during the consultation.

7. Payment Information Elmas Dietetics does not store your credit card details on our local servers or devices.

  • All electronic payments are processed using secure, PCI-DSS compliant third-party payment gateways integrated via Xero or Halaxy.

  • We retain only the transaction record required for tax and accounting purposes.

8. Overseas Data Transfer As part of our use of cloud-based providers (such as Xero, Halaxy, and email hosting), some personal information may be encrypted and stored on servers located outside of Australia (e.g., USA or EU).

  • We take reasonable steps to ensure that these third-party service providers comply with the Australian Privacy Principles or are subject to laws that offer substantially similar protection to Australian privacy laws.

9. Website Usage & Cookies When you visit our website, we may collect non-personal information (such as browser type and operating system) for statistical purposes.

  • Cookies: We use "cookies" to enhance your user experience. Cookies are small files transferred to your computer's hard drive that allow us to recognize your browser. You can disable cookies in your browser settings, though this may limit website functionality.

10. Social Media & Testimonials We strictly adhere to the Dietitians Australia Social Media Guiding Principles.

  • Images: We will never post images of residents, staff, or facility interiors on social media or our website without written, informed consent.

  • Testimonials: We do not publish testimonials or reviews from clients where it may breach our ethical obligations. 

11. Accessing and Correcting Your Information You have the right to request access to the personal information we hold about you. If you believe any information is incorrect, out of date, or incomplete, you may request a correction.

  • To request access, please contact us in writing at Kai@ElmasDietetics.com

  • We will respond to your request within a reasonable timeframe.

12. Complaints If you have a concern about how we have handled your privacy, please contact our Principal Dietitian, Kai Elmas.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

bottom of page