Working draft for legal review — not yet binding. Sections marked [CONFIRM] need confirmation before launch.
Entity: Medirelo ai (legal entity name — [CONFIRM]). Jurisdiction: Australia. Governing framework: Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs); the Notifiable Data Breaches (NDB) scheme; applicable state/territory health-records law ([CONFIRM] which states you operate in).
1. Who we are and what this covers
Medirelo is an AI-native healthcare presence platform connecting patients with doctors and clinics. This policy explains what personal information we collect, why, how we handle it, and your rights.
Medirelo operates across distinct surfaces, and where your data lives matters:
- Public presence pages (doctor and clinic pages, discovery) — largely public information about practitioners and clinics. These pages collect no patient personal information, with one deliberate exception below.
- Booking — when you book an appointment, we collect the personal information needed to make and manage that booking.
Discovery input is not stored. When you describe what you need help with to find a doctor (e.g. typing a symptom), that input is used transiently to match you to suitable practitioners and is not retained, logged as health information, or attached to your profile. [CONFIRM — binding commitment; implementation must honour: no persistence, no logging of free-text discovery input.]
2. What we collect
We collect the following when you book or create a patient account:
- Required: first name, last name, email address, date of birth, phone number.
- Optional (you choose whether to provide): title, preferred name, sex at birth, residential address, concession card details, emergency contact, allergy information.
- We collect nothing beyond the above in relation to patients. We do not collect free-text symptom/discovery input on a stored basis (§1).
2.1 — Sensitive information (heightened protection). Some of the above is sensitive information under the Privacy Act and is handled with greater care, collected only with your consent, and used only for the purposes below:
- Allergy information — health information. We collect it only to support safe care and share it only with your treating clinic/practitioner.
- Sex at birth — sensitive information; optional; used only where clinically or administratively relevant to your care/booking.
- Concession card details — used only to apply concession/billing entitlements.
[CONFIRM] Consent mechanism for sensitive information at the point of collection (booking) — explicit, purpose-specific, not bundled.
3. Why we collect it, and the limits on use
We collect personal information only to provide and manage your appointments and care connection: to identify you, create and manage bookings, communicate appointment details, apply concessions, and convey relevant information (e.g. allergies) to your treating clinic/practitioner.
Use-limitation — what we will not do:
- We do not use your personal or health information to rank, sort, or influence which doctors you are shown. Discovery ranks on practitioner fit and availability, never on patient data.
- We do not sell your personal information.
- We do not use your health information for advertising or marketing.
- We do not use stored discovery input — because there is none (§1).
4. How collection happens, and who holds it
Patient personal information is collected through the booking process, and is held in Medirelo's booking system. The public presence pages do not collect patient personal information. [CONFIRM — data-controller and storage-location details across Medirelo's systems; confirm the booking system's hosting/jurisdiction.]
6. Storage, security, retention
[CONFIRM — security controls: encryption in transit and at rest, access controls, etc.] We retain personal information only as long as needed for the purposes above or as required by law, then de-identify or securely delete it. [CONFIRM — retention periods, especially for health information, against any applicable medical-records retention requirements.]
7. Your rights (APPs)
You may access the personal information we hold about you and request correction of anything inaccurate. [CONFIRM — request mechanism and identity-verification process.] You may withdraw consent for optional/sensitive information, subject to the effect that may have on the service. Where another party (e.g. your clinic) holds clinical records, we will direct you appropriately.
8. Data breaches
We handle eligible data breaches under the Notifiable Data Breaches scheme — assessing, containing, and notifying affected individuals and the OAIC where required. [CONFIRM — breach response process and roles.]
10. Changes and contact
We may update this policy; material changes will be notified. Questions or privacy requests: [CONFIRM — privacy contact / officer details]. You may also reach us via the contact page on this site.
Working draft. Health-information-aware, APP-grounded, mapped to Medirelo's real collection (booking-held, presence-layer-clean, discovery transient). For finalisation by an Australian privacy/health-law lawyer before any binding use.
