Privacy Policy

Deep Breath Institute
3/80 Loudon Street, Sandgate, QLD 4017,
Website: https://www.deepbreathinstitute.com.au
Effective Date: 18 November 2025

1. Introduction

Deep Breath Institute (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services, including first aid training, CPR courses, healthcare education, NDIS support services, and breath-hold training programs.

2. What Personal Information We Collect

We collect personal information necessary to provide our services effectively and comply with legal obligations. The types of information we collect include:

General Personal Information

• Full name and date of birth
• Contact details (phone number, email address, postal address)
• Emergency contact information
• Payment and billing information
• Photographic identification (for certification purposes)
• Course attendance and assessment records
• Certification and qualification details

Sensitive Information
With your consent, we may collect sensitive information including:

• Health information relevant to training participation (medical conditions, allergies, disabilities, mobility requirements)
• NDIS plan details and participant information
• Information about disability or accessibility needs
• Incident or injury reports during training
• Video or photographic records of training sessions (for assessment purposes)

Information Collected Automatically

• Website usage data (IP address, browser type, pages visited)
• Cookies and similar tracking technologies
• Communication records (emails, phone calls, messages)

3. How We Collect Personal Information

We collect personal information through:

• Direct collection: Course registration forms, booking systems, NDIS intake forms, and direct communication
• Website: Online booking forms, contact forms, and automated tracking
• Third parties: NDIS plan managers, support coordinators, healthcare providers, or employers (with your consent)
• In-person: During training sessions, assessments, and consultations

4. Why We Collect and Use Your Personal Information

We collect and use your personal information for the following purposes:

Training and Education Services

• Process course bookings and registrations
• Deliver customised first aid, CPR, and healthcare training
• Conduct assessments and issue certifications
• Maintain attendance and competency records
• Provide scenario-based and adaptive training
• Ensure participant safety during training

NDIS Support Services

• Provide NDIS support worker services
• Deliver inclusive and accessible training programs
• Coordinate with NDIS providers, plan managers, and support coordinators
• Comply with NDIS Quality and Safeguards Commission requirements
• Maintain participant records and service agreements

Business Operations

• Process payments and manage billing
• Respond to enquiries and provide customer support
• Send course reminders, certification renewals, and updates
• Improve our services and training programs
• Comply with legal and regulatory obligations
• Manage referral and partnership programs

Marketing and Communications

• Send promotional materials about our services (with your consent)
• Share educational content, safety tips, and industry updates
• Request feedback and testimonials

5. How We Disclose Your Personal Information

We may disclose your personal information to:

Service Providers and Partners

• Registered Training Organisations (RTOs) for certification issuance
• Payment processors and banking institutions
• IT service providers and cloud storage platforms
• Administrative and bookkeeping services

NDIS-Related Parties

• NDIS plan managers and support coordinators
• NDIS Quality and Safeguards Commission
• Other NDIS service providers (with your consent)

Legal and Regulatory Bodies

• Government agencies and regulators (when required by law)
• Law enforcement agencies (if legally required)
• Professional bodies and industry associations

Employers and Organisations

• Your employer or organisation (if they arranged your training)
• Workplace health and safety officers

Emergency Situations

• Emergency services or medical professionals (if necessary for your safety)

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Security and Storage

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure.

Security Measures

• Secure storage systems (physical and digital)
• Password-protected databases and encrypted data transmission
• Access controls limiting staff access to personal information
• Regular security assessments and updates
• Secure disposal of records when no longer required

Data Retention
We retain your personal information for as long as necessary to fulfil the purposes outlined in this policy and comply with legal obligations:

• Training records: Minimum 7 years (as required by RTO standards)
• NDIS records: As required by NDIS Commission regulations
• Financial records: 7 years (as required by Australian tax law)
• Marketing communications: Until you unsubscribe or withdraw consent

7. Your Rights and Choices

Under the Australian Privacy Principles, you have the right to:

Access Your Information
Request access to the personal information we hold about you. We will provide access within 30 days unless an exception applies.

Correct Your Information
Request correction of inaccurate, incomplete, or out-of-date information. We will take reasonable steps to correct your information within 30 days.

Withdraw Consent
Withdraw your consent for us to collect, use, or disclose your personal information (where consent is the basis for processing). Note that withdrawal may affect our ability to provide services.

Opt-Out of Marketing
Unsubscribe from marketing communications at any time by clicking the unsubscribe link in emails or contacting us directly.

Make a Complaint
Lodge a complaint if you believe we have breached the Australian Privacy Principles. We will investigate and respond within 30 days.

8. How to Contact Us

If you have questions, wish to access or correct your information, or make a complaint, please contact us:
Deep Breath Institute
3/80 Loudon Street, Sandgate,
QLD 4017,
Email: info@deepbreathinstitute.com.au
Phone: 0484 112 083
Website: https://www.deepbreathinstitute.com.au

9. Complaints Process

If you believe we have breached your privacy:

1. Contact us using the details above with details of your complaint
2. Investigation: We will investigate your complaint and respond within 30 days
3. Resolution: We will work with you to resolve the issue
4. External review: If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):
   ● Website: www.oaic.gov.au
   ● Phone: 1300 363 992
   ● Email: enquiries@oaic.gov.au

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. The updated policy will be posted on our website with a new effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

11. Consent

By using our services, booking courses, or providing your personal information, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. For sensitive information (such as health information), we will seek your explicit consent before collection unless an exception applies under the Privacy Act.

Last Updated: 18 November 2025
Deep Breath Institute is committed to maintaining the trust and confidence of all participants, clients, and partners. If you have any questions about this Privacy Policy, please don’t hesitate to contact us.