Privacy Policy

We may collect the following types of information:

• Personal details: name, date of birth, address, contact information
• Health information: symptoms, medical conditions, treatment history (where relevant)
• Payment information: billing details, payment method (processed securely via Stripe)
• Technical data: IP address, browser type, device information

We use your information to:

• Provide medical certificate and carer's certificate services
• Facilitate consultation with healthcare professionals
• Process payments and maintain billing records
• Communicate with you about your services
• Improve our platform and services
• Comply with legal and regulatory requirements

We may share your information with:

• Healthcare professionals: to provide medical services
• Stripe (United States): to process payments securely. Stripe receives your name, email address, and payment details.
• Google Analytics & Google Ads (United States): to analyse website usage and measure advertising effectiveness. These services receive your IP address and browsing behaviour.
• Google Maps (United States): to provide address autocomplete functionality. Google receives address keystrokes as you type.
• Amazon Web Services (Australia — Sydney region): to host our application, database, and stored files.
• Legal authorities: when required by law

We never sell your personal information to third parties. Where we share data with third-party service providers, we have Data Processing Agreements in place to ensure your information is handled consistently with the Australian Privacy Principles.

Your health and personal information is stored on servers located in Australia (AWS Sydney region). However, in the course of providing our services, some non-sensitive information is disclosed to service providers located in the United States, as outlined in Section 4 above.

Before disclosing personal information overseas, we take reasonable steps to ensure the overseas recipient handles your information in accordance with the Australian Privacy Principles, including through contractual arrangements.

We retain your personal and health information for a period of 7 years from the date of your last interaction with our services, in line with Australian health record retention requirements. After this period, your information is securely deleted or de-identified.

Payment records are retained as required by Australian tax law (generally 5 years).

You have the right to:

• Access your personal information held by us
• Request correction of inaccurate or out-of-date information — you can submit a Data Correction Request via our contact form and we will respond within 30 days
• Request deletion of your information (subject to legal retention requirements)
• Lodge a complaint about our privacy practices (see Section 11 below)

To exercise any of these rights, please contact us via our contact form or email us at contact@medigate.com.au. We will respond to access and correction requests within 30 days.

We use cookies and similar technologies to analyse website usage and measure the effectiveness of our advertising. Specifically:

• Google Analytics: collects anonymised usage data including pages visited, time on site, and general location (derived from IP address)
• Google Ads: tracks conversions to measure advertising effectiveness

These tracking services are active when you use our site. Essential cookies required for the site to function (such as session cookies) are also used.

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint by contacting us at contact@medigate.com.au. We will acknowledge your complaint within 7 days and provide a response within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).