Metluma - Logo
Metluma - Logo
Metluma - Favicon


Privacy Policy Statement

Last modified: 16 May 2023

This Privacy Policy applies to Metluma Pty Ltd (Metluma)

Metluma’s collection, use, disclosure and storage of your personal information is regulated by the Privacy Act 1988 (Cth), the Australian Privacy Principles and related legislation.

We want our visitors to feel protected when visiting and using the Metluma’s services (the Metluma Services) which are available on our website (metluma.com)

Updates to this Privacy Policy will be published on our Website (metluma.com).

If you have any questions regarding this Policy or our privacy practices generally, please do not hesitate to contact our Privacy Officer at hello@metluma.com.


The purpose of this Privacy Policy is to:

  • Give you an understanding of the kinds of personal information that we collect and hold.
  • Communicate how and when your personal information is collected, disclosed, used, held and otherwise handled by us.
  • Inform you about the purposes for which we collect, hold, use and disclose personal information.
  • Provide you with information about how you may access your personal information and seek correction of your personal information.
  • Provide you with information about how you may make a complaint, and how we will deal with any such complaint.

What is personal information?

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. It includes your name, date of birth / age, gender and contact details as well as health information (which is also sensitive information). In this privacy policy, a reference to personal information includes sensitive / health information.

Collection of personal information

Personal information collected by us will usually fall into one of the following categories:

  • Contact and personally identifiable information (name, gender, age, birth date, address, email address, and telephone numbers).
  • Employment information (e.g. education and employment history including job titles, reference names and contact details, work performance, absences, workplace incidents, next of kin information) and superannuation fund and Tax File Number.
  • Financial information (e.g. bank account details).
  • Sensitive information (e.g. information about your health and medical history).
  • Information obtained to assist in managing client and business relationships.
  • Details of, for example, your lifestyle, health, fitness and recreational activities and associated goals.
  • Details of any steps you have taken via the Platform, for example, participation in a coaching program or booking a medical appointment.

We may collect your information from you in a variety of ways including when:

  • we provide services to you (for example, when you use our services
  • you visit our Website or any of our social media pages;
  • you submit your information in response to Metluma marketing events or activities;
  • you contact us by any method, such as face-to-face, over the telephone, through an online form or portal, through a paper form or by email; or
  • you submit information via our Platform.

We may also collect data from third parties, for example when:

  • you connect any of the following with our Platform:
    • wearables and connected fitness devices and platforms, such as Fitbit and Garmin;
    • consumer health applications; and
    • health data aggregators, such as Apple Health,
  • someone duly authorised to act on your behalf;
  • where you have provided consent, from your private health insurer and/or medical or health practitioner to, for example, co-ordinate any care requirements you may have; and
  • recruiters we have retained, from referees you have provided in support of a job application and any service provider we may engage to conduct background checks on job applicants.

Sometimes we will collect personal information from a third party or a publicly available source, for example where we have your consent, where we are required by law to do so, or if it is unreasonable or impracticable to collect the personal information directly from you.

You may choose to deal with us anonymously or under a pseudonym. However, in some circumstances, anonymity or the use of a pseudonym may render us unable to provide the relevant service or reasonably conduct our business, and we may request that you identify yourself.

You may also choose not to provide us with your personal information.  Depending on the circumstances in which you do so, however, we may be unable to provide you with our services as a result.

Where we are collecting personal information from a child or young person, we will use our judgement to determine if that person has the capacity to consent.  Where we are unsure, we will seek consent from a parent or guardian.

Why do we collect, use and store your personal information?

We collect, use and store your personal information to provide you with our services which include:

  • Monitoring and assisting you to improve your health, fitness and wellbeing (for example, sending you details of programs, tools and service providers which may assist with your health, fitness and wellbeing;
  • Employee management including engagement, training, performance management, payroll, superannuation, health and safety and staff management purposes;
  • Training / Education;
  • Research;
  • Organisational Development (OD);
  • Client and Business Relationship Management.

We may also collect, use and store your personal information:

  • for marketing purposes, in order to provide you with information about the services we offer;
  • to respond to your questions or suggestions;
  • to improve the quality of our services;
  • prevention of fraud and/or identifying and investigating any suspicious use of our Website or the Metluma Services;
  • for our internal business and management processes, for example accounting or auditing purposes;
  • to improve the quality of your visit to our Website or the Platform;
  • for any other purpose to comply with our obligations under law; or
  • for any other purpose that would reasonably be expected by you.

You may opt out of receiving marketing information by notifying us accordingly, or by using any unsubscribe facility we provide for that purpose.  You can also opt-out by changing your account settings by logging into your profile on the Platform or Website.  If you opt out of receiving marketing information, we may still contact you in connection with the services we provide to you, such as for appointment reminders and follow-ups.

Our services, functions and activities, as well as those of our contracted service providers, may change from time to time.

Protecting and storing your personal information

We understand the importance of keeping personal information secure and safe. Some of the ways we do this are:

  • Requiring employees and contractors to enter into confidentiality agreements;
  • Ensuring that employees abide by this Privacy Policy and are kept up-to-date on Metluma’s security practices;
  • Securing hard copy document storage (i.e. storing hard copy documents in locked filing cabinets);
  • Implementing security measures for the transmission of personal information to our servers and any access to computer systems to protect that personal information from unauthorised access, modification or disclosure and loss, misuse and interference;
  • Ensuring data storage devices such as laptops, tablets and smart phones are password protected;
  • Ensuring that our servers are located in controlled, secure environments, protected from unauthorised access, use or alteration;
  • Providing discreet environments for confidential discussions;
  • Implementing access control for our buildings including waiting room / reception protocols and measures for securing the premises when unattended; and
  • Implementing security measures for our Website and the Platform.

Personal information may be stored in documentary form but will generally be stored electronically on our software or systems.

Who will we disclose your personal information to?

Like most businesses in Australia, we contract out some of our functions and rely on third party suppliers or contractors to help us conduct our business, for example to provide specialised services such as employment services, “cloud computing” technology and data storage services, legal advice, insurance broking, security services, business advisors and financial services. We may disclose personal information to these third parties in connection with their provision of goods or services to us.

We may also disclose your personal information to other related entities within our corporate group for our own business purposes. 

We may disclose your personal information to healthcare practitioners, insurers, government agencies, private sector organisations or other entities where required or permitted by law, which may include the following circumstances:

  • You have consented to such disclosure.
  • We believe that you would reasonably expect, or have been told, that information of that kind is usually passed to those individuals, bodies or agencies, and it is being disclosed for a purpose related (or directly related, in the case of sensitive information) to the reason we collected the information.
  • We are required or authorised to make such disclosure by law or the requirements of any professional bodies e.g. Australian Psychological Society or other relevant guidelines relating to managing risk of harm to self or others, and where we are required to do so in accordance with child safety / vulnerable persons obligations.
  • A permitted general situation or permitted health situation (as these terms are defined in the Privacy Act) exists in relation to the disclosure.
  • We believe it is reasonably necessary for enforcement related activities conducted by, or on behalf of, an enforcement body (e.g. police, ASIC, Immigration Department).

The persons to whom we disclose personal information are normally located in Australia, although personal information may be disclosed to recipients outside Australia for business operational, support and continuity purposes such as our software developers based in the Philippines.  We may also use data hosting and cloud based service providers whose operations are located overseas.  In all instances where this occurs, we will act in accordance with the Privacy Act, this Privacy Policy and any requirements we have agreed to under our customer contracts.

Third party websites

Our Website may contain links to third party websites. Please be aware that these third party websites are not subject to this Privacy Policy or our privacy standards and procedures, and we are not responsible for, nor do we endorse, the content or privacy of these sites. You will need to contact these third party sites directly to obtain their privacy policies.

Accuracy of personal information

We take steps to help ensure that all personal information we collect, use or disclose is accurate, complete and up to date. Please contact our Privacy Officer (details below) if you are aware that personal information that we hold about you does not meet this objective.

How can I access my personal information and contact Metluma?

You can request access to personal information that we hold about you.

The procedure for requesting and obtaining access is as follows:

  • All requests for access to personal information to be made in writing and addressed to our Privacy Officer (see contact details below). All requests should specify how the information is proposed to be accessed (photocopies, electronic copy, or visual sighting).
  • Please provide as much detail as possible regarding the Metluma business, department and / or person to whom you believe your personal information has been provided and when. This will allow us to process your request more efficiently.
  • We will endeavour to acknowledge your request within 14 days of the request being made.
  • Access will usually be granted within 30 days of our acknowledgment. If the request cannot be processed within that time for whatever reason, we will let you know the anticipated timeframe for a response to be provided.
  • You will need to verify your identity and authority before access to personal information is granted.
  • We may charge a reasonable fee for access to personal information, which will be notified and required to be paid prior to the release of any information. Once the request has been processed by us, you will be notified of our response and proposal for suitable access (provision of photocopies, digital copies or visual sighting, where appropriate).
  • We may refuse to grant access to personal information if there is an exception to such disclosure which applies under relevant privacy legislation.

If, as a result of access being granted, you are aware that we hold personal information that you regard as being no longer accurate or correct, you may request the deletion or correction of such information.

Upon receipt of a request to correct or delete personal information, we will either make such corrections or deletions or provide written reasons as to why we declined to make such alterations.

We have a designated Privacy Officer who is responsible for the management of:

  • Requests for access to personal information.
  • Complaints regarding our management of personal information.

For information regarding privacy, our Privacy Officer can be contacted at:


P:  0418 98 00 86

E: hello@metluma.com

How do we handle complaints?

If you consider that there has been a breach of the Australian Privacy Principles, you are entitled to complain to Metluma.

All complaints are to be in writing and directed to the Privacy Officer using the contact details above. In most cases, a Privacy Complaint Form will need to be completed. The Privacy Officer will endeavour to acknowledge receipt of a written complaint within 2 business days.

The Privacy Officer will investigate the complaint and attempt to resolve it within 20 business days after the written complaint was received. Where it is anticipated that this timeframe is not achievable, we will contact the person making the complaint to provide an estimate of how long it will take to investigate and respond to it.

If you are not satisfied with the outcome of Metluma’s investigation and decision, you can lodge a formal complaint with the Office of the Australian Information Commissioner (OAIC) by phoning 1300 363 992 or by email at enquiries@oaic.gov.au.