Privacy Policy

1. Information We Collect

We collect information that you provide directly to us, including:

• Account information (name, email address, phone number, organization details)
• Patient information entered into our platform (subject to strict healthcare data protection requirements)
• Consultation transcripts and clinical documentation
• Payment and billing information
• Communication records (support requests, feedback)

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send technical notices, updates, and support messages
• Respond to your comments, questions, and requests
• Monitor and analyze trends, usage, and activities
• Detect, prevent, and address technical issues and security threats

3. Data Storage and Residency

All patient data and clinical information is stored in Australian and New Zealand data centers (Sydney, Melbourne, and Auckland regions). We do not transfer healthcare data outside of Australia or New Zealand without explicit consent and appropriate safeguards.

4. Multi-Tenant Architecture

SynapseMD uses a database-per-user architecture, ensuring complete data isolation between different users and organizations. Your data is stored in a separate, encrypted database that is not accessible to other users.

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information only in the following circumstances:

• With your explicit consent
• To comply with legal obligations or respond to lawful requests
• To protect our rights, privacy, safety, or property
• With service providers who assist us in operating our platform (under strict confidentiality agreements)
• In connection with a business transfer (merger, acquisition, etc.)

6. Security Measures

We implement industry-standard security measures to protect your information:

• End-to-end encryption for data in transit and at rest
• Multi-tenant database isolation
• Regular security audits and assessments
• Access controls and authentication mechanisms
• Comprehensive audit logging

7. Your Rights

Under Australian Privacy Principles and NZ Health Information Privacy Code, you have the right to:

• Access your personal information
• Request correction of inaccurate information
• Request deletion of your information (subject to legal retention requirements)
• Opt-out of certain communications
• Lodge a complaint with the relevant privacy authority

8. Healthcare Data

Patient health information is subject to additional protections under healthcare privacy laws. We process healthcare data only as necessary to provide our services and in accordance with applicable healthcare privacy regulations, including the Privacy Act 1988 (Cth) and Health Information Privacy Code 2020 (NZ).

9. Cookies and Tracking

We use cookies and similar tracking technologies to improve your experience, analyze usage, and assist with marketing efforts. You can control cookie preferences through your browser settings.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

13. Complaints

If you believe we have breached your privacy rights, you may lodge a complaint with:

• Australia: Office of the Australian Information Commissioner (OAIC) - www.oaic.gov.au
• New Zealand: Office of the Privacy Commissioner - www.privacy.org.nz