Privacy Policy - MEDD Australia Website

Quick-Reference Overview

  • Who we are: MEDD Australia Pty Ltd (“MEDD”, “we”, “us”).

  • Why we collect data: To create and manage professional member accounts; provide news, CPD content, and networking features; ensure safety; improve services; meet legal duties.

  • Key data types: Identity details, professional credentials, profile & CV, CPD activity records, user-generated content (posts, messages), usage & cookie data, optional location.

  • Sharing: With members you choose to connect with, accredited CPD bodies, trusted processors, or where the law compels us.

  • Your rights: Access, correction, deletion, portability, objection, complaint to the OAIC (Australia) or other regulator.


1. Introduction

MEDD.com.au is a membership platform that lets registered medical professionals, healthcare organisations, and approved allied users share professional content, complete continuing professional development (CPD) activities, and network via messaging and a news feed (the “Services”). This Privacy Policy explains how MEDD Australia Pty Ltd (ABN 12 345 678 910) collects, uses, discloses, and safeguards your information.

2. Data Controller Contact

MEDD
3/8 Stuart Street, Bulimba, QLD, 4171, Australia
[email protected]

3. What Information We Collect

Category Typical Examples Source
Account & Identity Name, professional title, workplace, AHPRA number or equivalent, e-mail, password hash You / verifying bodies
Professional Profile Bio, CV, qualifications, skills, specialty, profile photo You
CPD & Education Course enrolments, completion status, assessment scores, certificates System generated / CPD providers
Networking & UGC Posts, comments, likes, direct messages, uploaded files You
Contact Lists Connections, followers, groups You / other members (if they invite you)
Usage & Log Data IP address, browser type, device ID, time-stamps, page interactions, referral URLs Automatic
Cookies & Similar Tech Session cookies, analytics pixels, preference cookies Automatic
Optional Location City/region for local event suggestions (if you enable) Browser / device

Sensitive data note: We may process limited health-related details (e.g., speciality, CPD topics) strictly for professional-use purposes and under enhanced safeguards.

4. How We Collect It

  • Directly from you via registration forms, profile edits, posts, messages, or support requests.

  • Automatically through cookies, server logs, and analytics scripts (e.g., Google Analytics, Matomo).

  • From third parties such as CPD accrediting bodies, employer organisations, or publicly available AHPRA/MCNZ registers to verify credentials.

5. Purposes & Legal Bases

Purpose Legal Basis* Details
Operate & secure the website, create accounts, authenticate members Contract – Terms of Use Mandatory data
Provide networking features, public profiles, news feed, messaging Contract; Legitimate interest Visibility controlled by your privacy settings
Deliver CPD courses, track progress, issue certificates Contract; Legal obligation (professional standards)  
Personalise content (recommended articles, events) Legitimate interest; Consent (for location)  
Marketing newsletters, event invitations Consent (opt-in) Unsubscribe anytime
Analytics, research & service improvement Legitimate interest Aggregated or pseudonymised data
Compliance, fraud prevention, dispute handling Legal obligation; Legitimate interest  

*For GDPR/UK GDPR users; Australian users rely on APPs equivalents.

6. Community Visibility & User-Generated Content

  • Public vs Member-only: Your core profile (name, specialty, city) is visible to logged-in members. You can adjust visibility for additional fields.

  • Posts & comments are visible to the audience you select (public, connections, groups).

  • Direct messages are end-to-end encrypted and visible only to participants.

  • Deletion: Deleting a post removes it from public/member view, but copies may persist in backups for up to 30 days.

7. How We Share Information

Recipient Purpose Safeguards
Other members Networking, messaging, CPD collaborations Controlled by your settings
CPD Accrediting Bodies Verify completion and issue CPD points Secure data transfer; contractual protection
Service Providers (hosting on AWS, email delivery, analytics) Operate infrastructure, analytics, customer support Data-processing agreements, encryption
Legal Authorities Compliance with law, court orders, public-health directives Minimum necessary disclosure
Corporate Transactions (merger, acquisition) Business continuity Prior notice if permissible

We never sell your personal data.

8. Cookies & Tracking Technologies

We use:

  • Essential cookies for login and session management (cannot be disabled).

  • Analytics cookies (e.g., GA4) to understand performance (opt-out via cookie banner or browser settings).

  • Functional cookies to remember preferences (language, layout).

  • Advertising cookies only with explicit opt-in and, where required, consent under EU ePrivacy and Australian spam laws.

Cookie durations range from session-only to 12 months; see our detailed Cookie Notice for full list and opt-out methods.

9. Data Retention

  • Account & profile: Kept while you hold an account and for up to 7 years after closure (professional record-keeping).

  • CPD records: Stored for 10 years to meet regulatory audit requirements.

  • Back-ups & logs: Rotated and deleted within 30-90 days.

  • On expiry, data are anonymised or securely destroyed.

10. Security Measures

  • TLS 1.3 encryption for data in transit.

  • AES-256 encryption at rest.

  • Zero-trust network architecture.

  • Role-based access controls and MFA for admin users.

  • Annual penetration tests and ISO 27001-aligned policies.

  • Bug-bounty programme.

11. International Transfers

Data may be processed in Australia, the EU, the United States, and other jurisdictions where our vendors operate. We use Standard Contractual Clauses or equivalent legal mechanisms plus technical safeguards (encryption) for cross-border transfers.

12. Your Rights

Depending on your location, you can:

  • Access the personal data we hold.

  • Correct inaccurate or incomplete data.

  • Delete your account or specific content (“right to be forgotten”).

  • Port data to another service (JSON/CSV export).

  • Object / Restrict certain processing (e.g., marketing, analytics).

  • Withdraw consent for optional features at any time.

  • Complain to the Office of the Australian Information Commissioner (OAIC) or your local data-protection authority.

Exercise rights via Account Settings → Privacy or by contacting [email protected].

13. Children’s Privacy

The Service is designed exclusively for users aged 18 and older. We do not knowingly process children’s data. Parents who believe a minor has registered should contact us to delete the account.

14. Automated Decision-Making & Profiling

We do not make decisions with legal or similarly significant effects solely by automated means. Content recommendations use simple relevance algorithms; no credit or employment decisions are made.

15. Third-Party Links

External articles, CPD providers, or sponsor pages may link to third-party sites. We are not responsible for their privacy practices. Review their policies before providing data.

16. Changes to This Policy

We may update this Policy to reflect legal, technical, or business changes. Material updates will be announced via the website banner or e-mail at least 30 days before taking effect.

17. Contact Us

For questions, requests, or complaints, contact:
Privacy Officer — MEDD
E-mail: [email protected]
3/8 Stuart Street, Bulimba, QLD, 4171, Australia

>

We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By using MEDD, you consent to our use of cookies. To find out more about the cookies we use, please see our Privacy Policy