PRIVACY POLICY

Last updated: May 2026

Your privacy matters to me. This policy explains how I collect, use, store, and protect your personal information when you visit my website, purchase products, book consultations, or engage with my services. I'm committed to handling your information with the same care and respect I bring to every aspect of my clinical practice.

Gypsy Belle Botanicals is operated by Rachel Bonello, Clinical Naturopath (B.HSc.Nat), based in Reserve Creek, NSW, Australia. This policy is guided by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

What information I collect

When you book a consultation or become a client: I collect your name, contact details (email, phone number, address), date of birth, health history, current symptoms, medications, supplements, lifestyle information, pathology results, and clinical notes from our sessions. This includes any information gathered through intake forms, case history questionnaires, tongue/nail/iris images, and HRV biofeedback session data. This information is classified as health information and sensitive information under the Privacy Act and is treated with the highest level of care.

When you purchase products from the online shop: I collect your name, email address, shipping address, billing address, and payment details. Payment information is processed securely through third-party payment providers and is not stored on my website or servers.

When you subscribe to my email list or download resources: I collect your name and email address.

When you visit my website: My website may automatically collect technical information such as your IP address, browser type, device type, pages visited, and time spent on the site. This is collected through cookies and similar technologies used by my website platform (Wix).

When you contact me: If you reach out via email, phone, or the website contact form, I collect whatever information you choose to share in that communication.

How I use your information

I use your personal information to:

Provide naturopathic consultations, HRV biofeedback sessions, and clinical care
Create and manage your individualised treatment plans
Track your clinical progress over time, including HRV session data
Process and fulfil product orders and ship them to you
Communicate with you about your appointments, treatment plans, and orders
Send you educational content, newsletters, or promotional material (only if you have opted in)
Comply with my professional and legal obligations as a registered naturopath
Improve my website and services

I will never sell, rent, or trade your personal information to third parties for marketing purposes.

Health information

As a clinical naturopath, I collect and hold health information that is classified as sensitive information under the Privacy Act. I treat this information with the utmost care and confidentiality.

Your health information is used solely for the purpose of providing you with clinical care, and is only shared with third parties (such as pathology providers or other healthcare practitioners) with your informed consent, or where required by law.

Your clinical records, including HRV biofeedback data, consultation notes, and treatment plans, are stored securely in my practice management system (Cliniko) and are retained in accordance with my professional obligations.

Third-party services

I use a number of third-party services to run my practice and website. These services may have access to certain personal information in order to perform their functions. I take reasonable steps to ensure these providers handle your information in accordance with applicable privacy laws.

These services include:

Cliniko (practice management and appointment booking) — stores your clinical records, appointment history, and contact details
Wix (website hosting, online shop, and email marketing via Wix Ascend) — stores your website account details, purchase history, and email subscription preferences
Payment providers (as integrated through Wix) — process your payment securely; I do not store your full credit card or payment details
Shipping providers — receive your name and address for the purpose of delivering your order
Pathology and functional testing providers — receive relevant information only with your consent, for the purpose of conducting requested tests

Each of these providers has their own privacy policies, and I encourage you to review them if you would like more information about how they handle data.

Email marketing

If you subscribe to my mailing list, I will use your name and email address to send you newsletters, educational content, product updates, and occasional promotions. I use Wix Ascend for email marketing.

You can unsubscribe at any time by clicking the "unsubscribe" link at the bottom of any email, or by contacting me directly. I will never add you to my mailing list without your consent.

Cookies and website tracking

My website uses cookies and similar technologies provided by Wix to help the site function properly, remember your preferences, and understand how visitors use the site. This may include analytics data such as page views, traffic sources, and device information.

You can manage your cookie preferences through your browser settings. Disabling cookies may affect some website functionality.

How I store and protect your information

I take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. This includes:

Using secure, password-protected practice management software (Cliniko) for all clinical records
Ensuring my website is hosted on a secure platform (Wix) with SSL encryption
Limiting access to your personal and health information to myself only
Using secure communication methods for sharing sensitive clinical information

While I take all reasonable precautions, no method of electronic storage or transmission is completely secure. If you have concerns about the security of your information, please contact me.

How long I keep your information

Clinical records are retained for the minimum period required by my professional obligations and applicable state and territory health records legislation. In NSW, health records for adults are generally retained for at least 7 years from the date of last contact. For children, records are retained until the child turns 25, or for 7 years from the last contact, whichever is later.

Non-clinical information (such as purchase history and email subscriptions) is retained for as long as necessary to fulfil the purpose for which it was collected, or until you request its deletion.

Your rights

Under the Australian Privacy Principles, you have the right to:

Access your personal information that I hold, including your clinical records
Request correction of any information that is inaccurate, incomplete, or out of date
Withdraw consent for email marketing at any time
Request deletion of non-clinical personal information (noting that I may be required to retain clinical records for the periods outlined above)
Make a complaint if you believe your privacy has been breached

To exercise any of these rights, please contact me using the details below.

Children's information

I provide naturopathic and HRV biofeedback services for children. All personal and health information relating to children is collected with the knowledge and consent of a parent or guardian, and is handled with the same level of care and confidentiality as adult client information.

Changes to this policy

I may update this privacy policy from time to time to reflect changes in my practice, services, or legal obligations. The most current version will always be available on my website, with the "last updated" date noted at the top.

Contact me

If you have any questions about this privacy policy, would like to access or correct your personal information, or wish to make a complaint, please contact me:

Rachel Bonello Gypsy Belle Botanicals Email: hello@gypsybellebotanicals.com Phone: 0421 207 284 Reserve Creek, NSW