Privacy Policy

For visitors from the United Kingdom please view privacy policy here instead.

SP Health Co Pty Ltd (ABN 73 123 248 046) and Digital Wellness Pty Ltd (ABN 14 629 478 860) collectively, (DW) is committed to managing personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act) and other applicable privacy laws.

This Privacy Policy explains how and why DW and any of its affiliates (collectively, we, us and our) collect, use, hold and disclose your personal information in connection with our websites, platforms, applications, products or services (collectively, Services).

1. What is personal information

“Personal Information” is any information (or opinion) about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.

Personal Information includes, for example, your name, email address, birth date, phone number, gender and location. Personal Information may also include personal and other information which is treated as “sensitive information” under the Privacy Act.

“Sensitive Information” includes, for example, Personal Information that includes information or an opinion about your racial or ethnic origin, your sexual orientation, your religious beliefs or your membership of a professional association, trade association or trade union. Sensitive information also includes your health information, genetic information and some aspects of biometric information.

2. Information that we hold about you

The Personal Information generally held by DW includes your name, address, date of birth, contact details (including both or either postal and/or email addresses), marital status, employment status, occupation, records of correspondence and information relating to your use of the Services.

Information that you provide in your initial health assessment may include Sensitive Personal Information, such as information about your personal and family medical history and status, dietary requirements, previous illnesses or injuries or current or expected state of health (such as information about your height, weight and age). We may also collect sensitive Personal Information if you have a consultation with one of our allied health practitioners, for example, at the end of your treatment program so that a final report on your progress can be prepared. However, we will only hold this information where it has been collected with your express consent for us to do so. ​

3. How we collect your personal information

We collect your Personal Information primarily as a result of your use of the Services. For example, this includes the information you provide:

  • when completing your initial health assessment (which may be conducted, for example in person or via Skype);
  • when registering or participating in any associated program (such as the Total Wellbeing Diet program, the DNA Diet Plan and Clickfit);
  • when participating in the coaching sessions;
  • when providing feedback or posting material on any of our social network forums;
  • when subscribing to our newsletter;
  • when purchasing products from us; and
  • in any other correspondence between you and DW. ​

We may also collect your Personal Information from third parties, such as your health insurer, your health practitioner where you have provided consent to them to disclose your Personal Information to us. ​

In the event of a complaint, we may also receive Personal Information about you from other parties or from other users of this Services or third parties who may communicate information to us in relation to that complaint. ​

You can always decline to give us any personal information we request, but that may mean we cannot provide you with some or all of the Services you have requested. If you have any concerns about personal information we have requested, please let us know.

From time to time, we may receive information relating to you that we have not requested (“Unsolicited Information”). In the event that we do receive Unsolicited Information, we will check whether it’s reasonably necessary for us to keep it. If it is, we will treat the Unsolicited Information in the same way as other information that we request you to provide to us. If determine that it is not reasonably necessary for us to keep it, we will, as soon as practicable, destroy or de-identify the relevant Unsolicited Information.

4. How we hold your personal information

Depending on the circumstances, we may hold your Personal Information in either hard copy or electronic form, or both. Generally, a copy of all written correspondence is held in hard copy and our client database and email correspondence is held in electronic format.

We will take reasonable steps to destroy or de-identify your Personal Information once it is no longer needed, unless we are required by Australian law, or a court or tribunal order to retain it.

All Personal Information in electronic form is held on servers in Australia and USA depending on the location of the sale.

5. How we use your personal information

We use your Personal Information:

  • to provide you with the Services including, for example, conducting an initial health assessment, providing you with a treatment program and a final report at the end of your participation in a program;
  • to register, set up and manage your account;
  • to conduct Dietitian Coaching Sessions;
  • to contact you regarding your program or respond to any feedback you request from us and for providing other customer services;
  • to liaise with your health practitioner and/or health insurer (where you have provided consent);
  • for internal purposes such as procedural assessments, risk management, product and service reviews;
  • to provide you with information about our programs, services, promotions and competitions either by way of communications directly from us (for example by email, mail or sms) or through communications via social media platforms;
  • for the prevention of fraud and/or identifying and investigating any suspicious use of our Services;
  • for our internal business and management processes, for example accounting or auditing purposes;
  • for any other purpose to allow us to comply with our obligations under law; and
  • for any purpose that would be reasonably expected by you.

We also use IP addresses in order to analyse trends, administer our websites, track users’ movements and gather broad demographic information. IP addresses are not linked to Personal Information. We also use de-identified Personal Information to analyse results of our programs, and disseminate these findings as publications or reports, conference abstracts or presentations.

6. Sharing of your personal information

We may disclose Personal Information where we are permitted under the Privacy Act. This includes:

  • if you give your consent (for example, your Personal Information may be shared with your healthcare practitioner, your carer and/or your health insurer);
  • where we are legally required to do so, including pursuant to court or tribunal orders, taxation laws;
  • if there is a serious threat to an individual’s health or safety (for example, your Personal Information may be shared with their doctor, the police or other emergency service providers if there are serious concerns regarding the individual’s health or wellbeing);
  • where there is reasonable suspicion of unlawful activity;
  • for the conduct of surveillance and intelligence gathering by an enforcement body; and
  • to assist in locating a missing person.


We may disclose your Personal Information to operators of social media platforms for the purposes of enabling us to provide you with information about our products and services to you or others through the relevant social media platform. Third parties may unlawfully intercept or access transmissions or private communications. As a result, while we strive to protect your Personal Information, we cannot ensure or warrant, and do not warrant, the security, privacy or confidentiality of any information, including Personal Information that you transmit to us, and you do so at your own risk.


We may provide de-identified information to the CSIRO and the Glycemic Index Foundation in connection with evaluating the use of the website, the tools made available on the website and the effectiveness of the Total Wellbeing Diet program. For example, information provided may include information about the number of unique users who visit the website, the demographic breakdown of the users of the website, the activities that visitors to the website engage in while on the website, food diary information, exercise logs and weigh-in details.

We may also provide de-identified information to the CSIRO so that the CSIRO can use that information to analyse the results of participants in the CSIRO Total Wellbeing Diet program, conduct research and disseminate these findings as publications or reports, conference abstracts or presentations.


We may engage independent contractors, vendors and suppliers (collectively, "Outside Contractors") to provide specific services and products related to our Services, such as hosting and maintaining our social network forums and developing applications for this Website and email services. These Outside Contractors may sometimes have limited access to information we collect, including your Personal Information, in the course of providing products or services to us. Access to your Personal Information by these Outside Contractors is limited to the information reasonably necessary in order for the Outside Contractors to perform their limited function for us. We also require that these Outside Contractors:

  • protect the privacy of your Personal Information consistent with this Privacy Policy, and
  • not use or disclose your Personal Information for any purpose, other than providing us with the products or services for which we contract.

7. How we secure your personal information

We hold all hard copy and electronic records of Personal Information in a secure manner to ensure that they are protected from unauthorised access, modification or disclosure. Our staff follow strict information handling procedures and we restrict access to your Personal Information to staff who are required to use and access it. We use multiple security measures to protect personal information, e.g. Secure Socket Layer (SSL) technology, encryption when data is being transferred, encrypted payment gateways, firewalls, etc.

We destroy your Personal Information once it is no longer needed by us or required to be kept by law, for example, by shredding hardcopy records and degaussing (demagnetising) electronic records.

8. Cookies

A cookie is a piece of data temporarily stored on the user's hard drive containing information about the user. The cookie helps the user to save time. For instance, by setting a cookie on this Website, the user would not have to log in a password more than once, thereby saving time while on this Website. Web browsers can be set to reject cookies. If a user rejects the cookie, they may still use this Website, but may not be able to take advantage of certain features. ​

Cookies help us evaluate your use of this Website, such as what kind of information you want to see and what kind you will never read. Cookie technology allows websites to ask for your registration and preference questions only once. The next time you return to this Website, you will not necessarily need to "sign in" again. Remember that cookies are "non-executable" pieces of code; that is, they are incapable of doing anything to your hard drive. ​

Cookies are easy to delete from your hard drive; talk to your systems administrator or your Internet provider for detailed instructions. ​

Third parties may also use cookies, web beacons, and similar technologies to collect or receive information from your website and elsewhere on the internet and use that information to provide measurement services and target ads.

If you would like to opt out of third party cookies, please disable or delete the cookies in your browser or use the service.

9. Third party links

Our website may contain links to websites operated and maintained by third parties over which we have no control. These third party websites are not subject to this Privacy Policy or our privacy standards and procedures. We are not responsible for the content, actions or policies of such third party websites. The inclusion of third party links on our website in no way constitutes an endorsement of such websites’ content, actions or policies.

10. Your right to lodge a complaint

You may lodge a complaint with our Privacy Officer at the contact details set out below. We take complaints very seriously and will respond shortly after receiving written notice of your complaint. You may also contact our Privacy Officer to enquire about the progress of the complaint at any time.

If you are not satisfied with our response, you are entitled to lodge a complaint with the Office of the Australian Information Commissioner. Information regarding how to lodge a complaint is available from the Commissioner's website at or by ringing the Commissioner's information line on 1300 363 992.

11. Your right of access

You may request access to your Personal Information at any time by sending a written request to our Privacy Officer at the contact details set out below. Once we have verified your identity, we arrange for access to be provided to you in an appropriate manner within a reasonable time, usually within 30 days of receipt of your request.

You will not be charged for making a request to access your personal information but you may be charged for the reasonable time and expense incurred in compiling information in response to your request. We will notify you in advance of any likely charges (or the basis for our calculation) for providing access to your information.

If your account is held in conjunction with another individual, we may provide a person named on the account with access to Personal Information held about another account holder.

We may decline your request to access to your Personal Information in certain circumstances in accordance with the APPs. If we are unable to provide you with the requested access, we will let you know and provide you with an explanation of our position.

12. You may correct your personal information

We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you or if your personal details change.

If you consider any Personal Information we hold about you is out-of-date, incorrect, incomplete, irrelevant or misleading, you are entitled to request correction of the information. After receiving a request from you, we will take reasonable steps to correct your information.

We may decline your request to correct your personal information in certain circumstances in accordance with the APPs. If we refuse your request, we will provide to you within a reasonable period a written notice setting out the reason(s), and the complaint mechanisms available to you.

13. Transfer of your personal information overseas

We only transfer your Personal Information overseas if the transfer is to you, or to one of your authorised representatives, or it is with your express consent, or the transfer is necessary for the provision of contracted products or services to you. For example, we may store your Personal Information in a cloud or other type of networked electronic storage which uses data storage facilities outside of Australia. Countries to which we may transfer your Personal Information include the United States of America.

We will not send your Personal Information outside of Australia in any other circumstances. Where we do send your Personal Information overseas, it will ensure reasonable steps are taken so that the overseas recipient does not breach the APPs in relation to that information, or adheres to laws substantially similar to the APPs. We also take reasonable steps to prevent unauthorised access and reduce the risk of disclosure to unknown entities.

14. Changes to this privacy policy

Due to changing business circumstances, we may need to change this Privacy Policy from time to time, with or without notice to you.

We recommend that you visit our website regularly to keep up to date with, and act upon if so desired, any changes to this Privacy Policy.

15. Contact details

If you have any queries or requests about this Privacy Policy, please contact our Privacy Officer either by mail to PO Box 1971, North Sydney NSW 2059, by telephone on (02) 8294-9126, by facsimile on (02) 9923 8223 or by email to: [email protected].