Privacy Policy - MEDD Australia App

1. Quick-Reference Summary

  • Who we are: MEDD Australia Pty Ltd (“MEDD”, “we”, “our”, “us”), an Australian digital-health company based in Sydney.
  • Why we collect data: To create and maintain your account, deliver personalised health features, improve safety and performance, comply with law, and (with consent) send you updates and marketing.
  • Core data types collected:
    • Account details (name, e-mail, phone)
    • Health notes you enter (symptoms, medication reminders)
    • Device & usage data (device ID, OS version, crash logs)
    • Approx. location (only if you enable it)
  • Not sold: We never sell your personal information.
  • Sharing: Limited to trusted service providers, health professionals you authorise, or if required by law.
  • Google Play “Data Safety” declaration: All data are encrypted-in-transit and at-rest; users can request deletion at any time. (termly.io)
  • Apple “App Privacy” labels & ATT: We disclose every data category in App Store Connect and ask permission before any cross-app tracking. (developer.apple.com)
  • Your rights: Access, correction, deletion, portability, withdrawal of consent, complaint to the OAIC. (oaic.gov.au, oaic.gov.au)

2. Introduction

MEDD Australia is a mobile application available on the Google Play Store and Apple App Store that helps Australian users manage health information and access educational resources. This Privacy Policy explains how we collect, use, disclose and safeguard your information when you use the MEDD Australia app (the “App”) and related services.

3. Who Controls Your Data

MEDD
ABN 90 604 967 311
3/8 Stuart Street, Bulimba, QLD, 4171, Australia
E-mail: [email protected]

4. Information We Collect

CategoryExamplesSource
Account InformationName, e-mail, mobile number, password hashYou
Personal DataProfessional information about you as a medical professionalYou
Device & Usage DataDevice model, OS version, IP address, language, crash logs, in-app actionsAutomatic
LocationApproximate location (city/region)Device sensors — only if you enable Location permission
PaymentsPurchase token, transaction ID (no full card data)Google Play / Apple in-app purchase APIs
Analytics & DiagnosticsAggregated events via Google Firebase Analytics / Apple App AnalyticsAutomatic
Marketing Opt-insPush-notification tokens, preferred contact methodYou

5. How We Collect Data

  1. Directly from you when you create an account, submit health notes or contact support.
  2. Automatically through SDKs and cookies-equivalent technologies for mobile (e.g., Firebase).
  3. From third-party services you link, such as Apple Health or Google Fit (optional).

6. Legal Bases for Processing (GDPR / UK GDPR)

  • Contract performance – to provide the App’s core functions.
  • Consent – to access personal data, location, or send marketing.
  • Legitimate interests – to maintain security, prevent fraud, and improve our services.
  • Legal obligation – to comply with health-record retention laws and regulatory requests.

7. How We Use Your Information

  • Operate, maintain and improve the App.
  • Personalise content and reminders.
  • Process purchases and subscriptions.
  • Send service messages (e.g., password resets).
  • Provide customer support.
  • Conduct analytics, research and service development.
  • Display in-app ads only if you have granted App Tracking Transparency consent (iOS) or opted-in (Android). (developer.apple.com)

8. How We Share Information

RecipientPurposeSafeguards
Cloud hosting & analytics providers (Google Cloud, Firebase, Apple)Data storage, diagnostics, push notificationsData-processing agreements, encryption
Payment processors (Google Play Billing, Apple In-App Purchases)Handle transactionsTokenised payments; no card details stored
Authorised healthcare professionalsIf you use referral-sharing featuresExplicit per-share consent
Other third partiesLegal compliance (court order, public health) or business transfers (merger)Minimum necessary disclosure

We do not share your personal data for independent marketing purposes.

9. Data Safety Declaration (Google Play)

We complete Google Play’s “Data Safety” form stating:

  • Collected data categories (see Sec 4).
  • Purposes (see Sec 7).
  • Data are encrypted in transit and at rest.
  • Users can delete data from within the App or by e-mail request. (termly.io)

10. App Privacy Details (Apple)

In App Store Connect we list the data categories collected and whether they are linked to the user. We request App Tracking Transparency (ATT) permission before any tracking across other apps or websites. (developer.apple.com)

11. Retention

We retain account and health information for as long as your account is active and for up to 7 years thereafter, or as required by Australian health-record laws. Aggregated analytics data may be kept longer in de-identified form.

12. Security

  • TLS 1.3 encryption for all network traffic
  • AES-256 encryption at rest
  • Zero-trust access controls
  • Regular penetration testing and security audits
  • Bug-bounty programme

13. Your Privacy Rights

  • Access & correction of your personal or health data
  • Deletion/erasure (“right to be forgotten”)
  • Portability (JSON export)
  • Withdraw consent at any time via in-app settings
  • Complain to the Office of the Australian Information Commissioner (OAIC) or your local regulator (oaic.gov.au, oaic.gov.au)

14. International Transfers

Data may be processed in Australia, the United States and other countries where our partners operate. We rely on Standard Contractual Clauses or equivalent safeguards for EU/UK transfers.

15. Children’s Privacy

The App is not directed to children under 13. We do not knowingly process children’s personal data. Parents who believe their child has provided data should contact us for deletion.

16. Device Permissions & Purpose

  • Camera & Photo Library: Upload profile photo or scan documents.
  • Microphone: Optional voice-note feature.
  • Location (approximate): Find nearby medical services (disabled by default).
  • Notifications: Send reminders and security alerts.

17. Third-Party SDKs & Services

  • Google Firebase (Crashlytics, Analytics)
  • Apple App Analytics
  • Amazon Web Services (hosting)
  • Stripe (optional standalone payments)
    Each provider is bound by contractual privacy terms aligned with Google Play and Apple guidelines. (play.google)

18. Automated Decision-Making

We do not engage in automated decision-making that produces legal or similarly significant effects.

19. Changes to This Policy

We may update this Privacy Policy. Material changes will be notified in-app, via push notification or e-mail at least 30 days before they take effect.

20. Contact Us

Questions or requests?
E-mail [email protected] or write to:
Privacy Officer, MEDD
3/8 Stuart Street, Bulimba, QLD, 4171, Australia

>

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .

We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By using MEDD, you consent to our use of cookies. To find out more about the cookies we use, please see our Privacy Policy