Skip to content
Synapsea

Privacy Policy

Last updated: 3 June 2026

Synapsea Mental Health Pty Ltd (ABN 55 693 455 695), trading as Synapsea, provides online mental health care across Australia. We take your privacy seriously. This policy explains how we collect, use, store, disclose and protect your personal information and your health information.

Because we provide health services, much of the information we hold is health information. Health information is a type of sensitive information under Australian privacy law, and we give it a high level of protection.

We follow the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We also follow our professional obligations as a registered health practitioner and the health records laws that apply in the state where we operate. You can read the APPs on the website of the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

Who we are

  • Legal name: Synapsea Mental Health Pty Ltd
  • ABN: 55 693 455 695
  • Trading as: Synapsea
  • Business address: Synapsea operates as a telehealth-only service and does not have a public clinic address. A postal address is available on request.
  • State of operation: New South Wales
  • Email: [email protected]

The information we collect

We collect personal information that identifies you. This can include your name, date of birth, postal and email addresses, phone number, emergency contact, and your GP or referrer details.

We also collect health information so we can provide safe care. This can include:

  • your reasons for seeking support and your history
  • assessment results and any diagnoses
  • session notes and clinical records
  • referrals, reports and care plans
  • any letters to or from your GP or other practitioners
  • information about your appointments and consult metadata, such as session dates, times and length
  • Medicare details and private health fund details where these apply to a claim

We collect this information in several ways: through our website, intake and booking forms, email, phone, and during your sessions. Some information may come from third parties, such as a referral from your GP. Where we receive information from someone else, we take reasonable steps to make sure you know it has been provided.

Why we collect your information

We collect your information so we can provide and manage your care. This includes booking and running sessions, assessment, clinical record keeping, billing, and meeting our legal and professional duties. We may also use it to contact you about your appointments and to respond to your enquiries.

Anonymity and pseudonymity

Due to the nature of the health services we provide, it is generally impracticable for us to deal with individuals who have not identified themselves. Accurate identification is required to ensure the safety and continuity of clinical care, to comply with our legal and professional obligations under applicable health legislation, and to meet the requirements of Medicare and private health insurance billing.

You may ask a general question without giving your full details. To book or receive care, we will need to verify who you are.

Unsolicited information

From time to time, we may receive personal or health information that we did not solicit. Where we receive unsolicited personal information, we will promptly assess whether that information is of a kind we could have collected under our standard collection practices.

If we could not have collected it, and it is not contained in a Commonwealth record, we will destroy or de-identify it as soon as practicable, where it is lawful and reasonable to do so.

Telehealth and your privacy

We deliver care by secure video and phone. To keep your sessions safe and private, we will:

  • verify your identity at or before your first session
  • ask who else is present with you, so the session stays confidential
  • ask you to join from a private space where you feel comfortable

Telehealth is not suitable for every concern. Your clinician may recommend in-person care, a GP review or a referral where appropriate.

How we use and disclose your information

We use your information for the main purpose of providing your care. We may also use it for related purposes that you would reasonably expect, such as billing and appointment reminders.

We may disclose your information:

  • with your consent, for example to your GP or another provider
  • where required or authorised by law
  • to a third party where there is a serious threat to your life, health or safety, or the safety of others
  • to service providers who help us run our practice, such as our secure software and hosting providers, under confidentiality arrangements

Service providers and tools we use

We use third-party providers to run our practice, including video consultation software, secure clinical record and booking systems, and payment processing. We require these providers to handle your information only to deliver their service to us, and to do so consistently with this Privacy Policy and the Australian Privacy Principles. A current list of our key service providers is available on request.

Overseas disclosure

We store personal and health information on servers located in Australia wherever possible. Some third-party tools we use (for example, website analytics or advertising tools) may process limited technical information on servers outside Australia, including the United States. Before any personal information is disclosed overseas, we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles (APP 8).

Direct marketing

We will only send you marketing messages, such as a newsletter, where you have given express consent. We do not use your health information for marketing.

Every marketing message includes a simple way to opt out. You can also ask us to stop at any time by contacting us. We will action your request promptly.

Cookies and website tracking

Our website may use cookies and similar tools to help it work and to understand how visitors use it. You can set your browser to refuse cookies. Some parts of the website may not work as well if you do.

Where we use analytics or advertising tools that set cookies, these may process information on servers outside Australia. We keep tracking technologies off our booking and intake interactions wherever possible. You can ask us for a current list of the tools we use.

Government identifiers

We may collect your Medicare number or Individual Healthcare Identifier (IHI) where this is needed for your care or for a claim. We do not use a government identifier as our own way of identifying you in our records. We only use or disclose these identifiers where the law allows.

My Health Record

We do not upload information to your My Health Record at this time. If this changes, we will update this policy and tell you how it works, including your right to ask us not to upload your information.

AI and automated tools

We may use software with automated features to help with admin tasks, such as scheduling or drafting notes. A clinician reviews the output. No final clinical decision about your care is made by an automated tool without review by your clinician.

How long we keep your records

We keep clinical records for the minimum period set by the health records law in our state, measured from the date of your last entry or last contact. We operate in New South Wales and follow the Health Records and Information Privacy Act 2002 (NSW). For adult records, this is generally at least 7 years from your last contact; for records made while you were under 18, until you turn 25.

For adults, this is generally at least seven years from the last entry. For records of a person under 18, we generally keep the record until they turn 25. When a record is no longer needed and the retention period has passed, we destroy or de-identify it securely.

How we keep your information secure

We store your information securely and take reasonable steps to protect it from misuse, loss, and unauthorised access, change or disclosure. Video sessions are encrypted. Access to clinical records is limited and controlled.

Data breaches

We follow the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act. If a data breach is likely to cause serious harm, we will notify you and the OAIC as soon as practicable, and we will tell you what steps you can take.

Accessing and correcting your information

You can ask to see the information we hold about you and to correct it. Please contact us in writing. We may need to verify your identity first.

Synapsea Mental Health Pty Ltd will not charge a fee for your access request. We may charge a reasonable administrative fee for providing a copy. In limited cases the law allows us to decline access, for example where giving access could pose a serious threat to someone's safety. If so, we will explain why and tell you how to make a complaint.

Complaints and enquiries

If you have a question or a complaint about your privacy, please contact our Privacy Officer:

We will respond to your complaint within a reasonable time. If you are not satisfied with our response, you can contact the OAIC at www.oaic.gov.au. For a complaint about the handling of your health information, you can also contact the Health Care Complaints Commission (HCCC) NSW at www.hccc.nsw.gov.au.

Changes to this policy

We may update this policy from time to time. The latest version will always be on our website.

If you need urgent help

Synapsea provides online care and is not an emergency service. If you are in crisis, call 000 or contact Lifeline on 13 11 14.