Privacy Policy

1. Introduction

Sanvia Technologies Pty Ltd ("Sanvia", "we", "our", or "us") is committed to protecting the privacy of all individuals who access or use the Sanvia platform ("Platform"), including patients, clinicians, clinic administrators, and visitors.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal information — including sensitive health information — in accordance with the Privacy Act 1988 (Cth) ("Privacy Act"), the Australian Privacy Principles ("APPs") set out in Schedule 1 to the Privacy Act, and, where applicable, the My Health Records Act 2012 (Cth) and state-based health records legislation.

By accessing or using the Platform you consent to the collection, use, and disclosure of your personal information as described in this policy. If you do not agree, please do not use the Platform.

---

2. About Sanvia

Sanvia Technologies Pty Ltd is an Australian telehealth and prescriber platform that connects patients with AHPRA-registered healthcare practitioners for consultations, therapy management, prescribing, and ongoing care.

• Legal entity: Sanvia Technologies Pty Ltd
• ACN / ABN: 55 696 763 309
• Registered address: Craigieburn, Victoria, Australia
• Privacy contact: privacy@sanvia.com.au

For APP purposes, Sanvia Technologies Pty Ltd is the APP entity responsible for personal information collected via the Platform.

---

3. Information We Collect

We may collect the following categories of personal information:

3.1 Identity & Contact Information

• Full name, date of birth, gender identity
• Email address, phone number, postal address
• Profile photograph (optional)

3.2 Sensitive Health Information

Health information is sensitive information under the Privacy Act. We collect health information only where you have provided explicit consent or where collection is required or authorised by law. This includes:

• Medical history, diagnoses, symptoms, and conditions
• Medications, prescriptions, and dosing records
• Consultation notes and clinical assessments
• Referral documents and pathology/imaging results
• Mental health information
• FHIR-structured clinical resources (where My Health Record integration is enabled)

3.3 Practitioner & Clinic Information

• AHPRA registration number and registration status
• Medicare provider number
• Clinic name, ABN, address, and contact details
• Specialisation, qualifications, and availability

3.4 Account & Authentication Information

• Username and encrypted password
• Role and permission level (patient, clinician, clinic admin, platform admin)
• Authentication tokens and session metadata

3.5 Payment Information

Payment card details are processed exclusively by Stripe, Inc. We do not store full card numbers. We retain Stripe customer IDs, subscription status, and transaction references for billing purposes.

3.6 Usage & Technical Information

• IP address, browser type, and device information
• Pages visited, features used, and session duration
• Error logs and platform analytics (aggregated where possible)

---

4. How We Collect Information

We collect personal information:

• Directly from you — when you register, complete intake forms, book appointments, or interact with the Platform
• From healthcare practitioners — clinical notes, referrals, and prescriptions entered on your behalf
• From AHPRA — practitioner registration data sourced from the public AHPRA register and verified clinic submissions
• From My Health Record — where you have authorised Sanvia Technologies Pty Ltd as a healthcare provider organisation under the My Health Records Act 2012
• Automatically — through cookies, log files, and analytics tools when you use the Platform
• From third-party services — Stripe (payment events) and any integrations you explicitly authorise

---

5. How We Use Your Information

We use personal information to:

• Create and manage your account and verify your identity
• Facilitate bookings, consultations, prescriptions, and referrals between patients and practitioners
• Process payments and manage subscription billing
• Verify AHPRA registration status and clinic credentials
• Provide patient education content, learning pathways, and health modules
• Maintain clinical records and support continuity of care
• Integrate with My Health Record where authorised
• Comply with legal obligations under Australian healthcare law (including mandatory reporting obligations)
• Detect and prevent fraud, abuse, and security incidents
• Improve Platform functionality through aggregated, de-identified analytics
• Send transactional communications (booking confirmations, prescription reminders, platform notices)
• Send optional marketing communications — only where you have provided express consent, with an easy opt-out

We will not use health information for direct marketing purposes without your explicit, separate consent.

---

6. Disclosure to Third Parties

We may disclose personal information to:

6.1 Healthcare Practitioners & Clinics

Patient information is shared with the practitioner(s) you book with and, where applicable, the clinic they are affiliated with, for the purpose of providing care.

6.2 Technology & Infrastructure Providers

• Supabase — cloud database, authentication, and edge function hosting. Data is stored in Supabase-managed infrastructure subject to a data processing agreement consistent with APP 8.
• Stripe, Inc. — payment processing. Stripe's privacy policy governs handling of payment data.
• [Telehealth video provider] — where video consultations are facilitated (e.g. Coviu, Zoom for Healthcare — complete as applicable).

6.3 Regulatory & Government Bodies

• AHPRA — for practitioner registration verification
• Medicare / Services Australia — where Medicare-eligible services are billed
• Australian Digital Health Agency — in connection with My Health Record
• Law enforcement or courts — where required by law, court order, or regulatory demand

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal information may be transferred to the successor entity subject to the same privacy protections. You will be notified of any such change.

We do not sell, rent, or trade personal information to third parties for their own marketing purposes.

---

7. My Health Record

Sanvia Technologies Pty Ltd may be registered as a healthcare provider organisation with the Australian Digital Health Agency (ADHA) and may access and upload clinical documents to a patient's My Health Record where:

• The patient has a My Health Record and has not restricted access;
• The access is for the purpose of providing healthcare to that individual; and
• The access complies with the My Health Records Act 2012, ADHA guidelines (DH-3669-2022 v2.2), and applicable FHIR R4 conformance requirements.

Patients may manage their My Health Record access controls, including restricting access by specific providers, directly through the My Health Record system at myhealthrecord.gov.au.

---

8. Overseas Disclosure

Some of our third-party service providers operate infrastructure or have personnel outside Australia. Before disclosing personal information overseas, we take reasonable steps under APP 8.1 to ensure the recipient handles that information consistently with the APPs.

Relevant overseas disclosures include:

• Supabase — may store or replicate data in the United States and other jurisdictions. Supabase executes a Data Processing Agreement incorporating Standard Contractual Clauses.
• Stripe — processes payments in the United States and is subject to its own compliance frameworks.

By using the Platform, you acknowledge that your information may be transferred to, stored in, or processed in countries outside Australia. Where we transfer personal information overseas, we implement appropriate safeguards.

---

9. Data Security

We implement reasonable technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, and destruction. These include:

• Encryption in transit (TLS 1.2+) and at rest for all stored data
• Row-Level Security (RLS) policies enforced at the database layer
• Role-based access controls with least-privilege principles
• Secure session management and token rotation
• Regular security reviews and dependency audits
• Staff access to health records limited to those with a legitimate need

No method of electronic storage or transmission is 100% secure. In the event of a data breach likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act.

---

10. Data Retention

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, and to comply with legal obligations:

• Patient health records: Minimum 7 years from the date of last entry (or until the patient turns 25 where records relate to a child), in accordance with applicable state health records legislation.
• Practitioner records: Duration of registration on the Platform plus 7 years.
• Financial / billing records: 7 years from the relevant financial year, in accordance with the Tax Administration Act 1953 (Cth).
• Account data: Until account deletion is requested, plus any legally required retention period.
• Usage logs: Up to 12 months, then aggregated or deleted.

After retention periods expire, personal information is securely deleted or de-identified.

---

11. Cookies & Analytics

The Platform uses cookies and similar technologies to:

• Maintain authentication sessions
• Remember user preferences
• Understand how users interact with the Platform (analytics)

Essential cookies are required for the Platform to function and cannot be disabled. Analytics cookies are only set with your consent.

You can control cookies through your browser settings. Disabling non-essential cookies will not prevent access to core Platform features. Analytics data is aggregated and de-identified where possible.

---

12. Your Rights

Under the Privacy Act and the APPs, you have the right to:

12.1 Access (APP 12)

Request access to the personal information we hold about you. We will respond within 30 days. A reasonable fee may apply for requests requiring significant effort.

12.2 Correction (APP 13)

Request correction of personal information that is inaccurate, out-of-date, incomplete, or misleading. Clinical records may only be corrected by an authorised practitioner.

12.3 Anonymity & Pseudonymity (APP 2)

Where lawful and practicable, you may interact with us anonymously or using a pseudonym. Note that clinical services require verified identity.

12.4 Withdrawal of Consent

You may withdraw consent for use of your personal information for purposes beyond core clinical care (e.g. marketing communications) at any time. Withdrawal will not affect the lawfulness of prior processing.

12.5 Account Deletion

You may request deletion of your account. Statutory retention obligations (see Section 10) may prevent immediate deletion of health and financial records.

To exercise any of these rights, contact us at privacy@sanvia.com.au.

---

13. Children

The Platform is not directed at children under 16 years of age. We do not knowingly collect personal information from children under 16 without verifiable parental or guardian consent. Where a practitioner provides care to a minor, the practitioner is responsible for ensuring appropriate consent has been obtained under applicable state and territory law.

If you believe a child has provided personal information without appropriate consent, contact us at privacy@sanvia.com.au and we will take steps to delete that information.

---

14. Complaints

If you believe we have breached the APPs or this Privacy Policy, please contact our Privacy Officer in the first instance:

• Email: privacy@sanvia.com.au
• Post: Privacy Officer, Sanvia Technologies Pty Ltd, Craigieburn, Victoria, Australia

We will acknowledge your complaint within 5 business days and endeavour to resolve it within 30 days. If you are not satisfied with our response, you may lodge a complaint with the:

• Office of the Australian Information Commissioner (OAIC)
  www.oaic.gov.au  ·  1300 363 992
• State/territory health complaints body — e.g. NSW Health Care Complaints Commission, Victorian Health Complaints Commissioner, depending on your jurisdiction.

---

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated policy will be published on this page with a revised "Last updated" date. Where changes are material, we will notify registered users by email or in-Platform notice at least 14 days before the changes take effect.

Continued use of the Platform after the effective date of a revised policy constitutes your acceptance of the changes.