Lusio Rehab Privacy Notice
PRIVACY NOTICE Last Updated: 17 Feb 2026
BACKGROUND:
Lusio Technology Pty Ltd ("Lusio Rehab", "we", "us", "our") understands that your privacy matters. We’re committed to protecting your personal data and handling it responsibly. This notice explains how we collect, use, store, and share your data, and how we comply with applicable data protection laws, including the Australian Privacy Act 1988 (as amended), the Australian Privacy Principles (APPs), the UK General Data Protection Regulation (UK GDPR), and the EU General Data Protection Regulation (EU GDPR).
1. Information About Us
Company Name: Lusio Technology Pty Ltd Legal Status: Limited company registered in Australia
ABN: 27622092479
Registered & Main Trading Address: Unit 205, 15 Belvoir Street, Surry Hills, NSW, Australia
Data Protection Officer: Hossein Forooghi
Email: hossein@lusiorehab.com
2. What Does This Notice Cover?
This notice explains how we collect and handle your personal data through our websites, apps (including LusioMATE and LusioPOSE), products, and services. It also outlines your rights and how to exercise them.
3. What Is Personal Data?
Personal data means any information that can identify you directly or indirectly. This includes your name, contact details, medical history (where applicable), IP address, and other identifiers.
4. What Are My Rights?
You have the following rights under data protection laws:
-
To be informed – via this Privacy Notice and upon request.
-
To access your data – see Part 10.
-
To correct inaccurate or incomplete data.
-
To delete your data (the "right to be forgotten").
-
To restrict processing.
-
To object to certain uses.
-
To withdraw consent (where we rely on it).
-
To data portability.
5. What Personal Data Do We Collect and How?
We collect personal and non-personal data, including:
-
Identity Data: Name, DOB, profession, address, IP, images/videos (with consent)
-
Contact Data: Email, phone number, postal address
-
Business Data: Job title, business name, professional role
-
Payment Data: Card or bank details (if used for payment)
-
Profile Data: Usage data, data related to product use, preferences
-
Third-Party Data: Provided by clinicians or technical providers
Data is collected via:
-
Direct entry by you or your representative (e.g. clinician)
-
Device/app use
-
Analytics tools or third-party integrations
We do not request or store sensitive health data. Any information collected is only what you choose to share, in line with Australian and international data privacy laws.
6. How Do We Use Your Personal Data?
We use your data for:
-
Business administration – to operate effectively (legitimate interests)
-
Providing services – to fulfil our contract with you
-
Payment processing – to manage transactions (contractual necessity)
-
Support and communication – to respond to queries and updates (legitimate interests/contract)
-
Service improvement – to enhance our offerings (legitimate interests)
-
Marketing (with consent) – to inform you of offers and updates (consent/legitimate interests)
-
We don’t use personal data for automated decision-making or profiling.
7. How Long Do We Keep Your Data?
We retain personal data only as long as necessary. Retention periods:
Identity/Contact/Business Data: Retained while you are a user; reviewed every 3 years
Payment Data: Retained while processing is active; purchase history retained for audit and compliance
Profile Data: Retained indefinitely only where necessary (e.g. product use history for medical/legal purposes); otherwise reviewed every 3 years
Third-Party Data: As above, aligned with the type of data supplied
We regularly review our retention schedule to ensure it aligns with the principles of purpose limitation and data minimization.
8. Where Do We Store or Transfer Your Data?
We do not routinely transfer personal data across borders. Where international transfer is required, we ensure compliance with GDPR and the Privacy Act by using countries with adequacy decisions, Standard Contractual Clauses (SCCs), or other approved safeguards.
Security measures include:
-
Access controls and two-factor authentication
-
Encryption of stored and transmitted data
-
Incident response plans for data breaches
9. Do We Share Your Data?
We may share your data with:
-
Academic Institutions – for research and product development (anonymised)
We may also disclose data if legally required (e.g., court orders).
If we sell or restructure our business, data may transfer to the new entity under the same protections.
10. Accessing Your Data (Subject Access Requests)
To request your data:
Email us at letsplay@lusiorehab.com
Include "Subject Access Request" in the subject line
We aim to respond within 1 month. No charge unless your request is excessive or repetitive.
11. Contacting Us
For any privacy-related questions or to exercise your rights:
Contact: Hossein Forooghi, Data Protection Officer Email: hossein@lusiorehab.com
Postal Address: Unit 205, 15 Belvoir Street, Surry Hills, NSW, Australia
12. Updates to This Privacy Notice
This Privacy Notice may be updated periodically. Changes will be posted on our website and in our app(s). Please check occasionally to stay informed.