1. Introduction

1. At Scripify ( (“Scripify”, “we”, “our”, “us”), we respect your right to privacy and protect personal information under the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and applicable State and Territory health privacy laws, including those in Western Australia.
   
   
2. Scripify operates the Scripify platform, website and mobile applications (“Platform”).
   
   
3. Through our Platform, we provide confidential access to telehealth and digital health services, including:
   
   
   • telehealth/video consultations with registered clinicians (Partner Practitioners); and, where clinically appropriate,
     
     
   • online prescriptions (with pharmacy fulfilment), pathology referrals, specialist referrals, and medical certificates.
     
     
4. We take the security and confidentiality of your personal and health information seriously.
   
   
5. This Policy explains what we collect, how we use/disclose it, and how we keep it secure.
   
   
6. “Personal information” is information about an identified or reasonably identifiable individual. “Sensitive information” includes health information and other protected categories.
   
   
7. In this Policy, references to personal information include sensitive information unless stated otherwise.
   
   
8. Contact (single intake for all privacy matters):
   
   
   • Privacy Officer
     
     
   • Email: [email protected]
     
     
   • Postal: 2/4 King edward Road Osborne Park 6017 W.A
     
     
9. Send all requests (access/correction/deletion/complaints/marketing opt-outs) to [email protected].
   
   
   
10. Our website may link to third-party sites. Their privacy practices apply to those sites.
    
    

2. Personal Information We Collect

1. We collect information via the Platform/website and through phone, email, chat and other communications.
   
   
2. Types of information include:
   
   
   • Identification and contact details (name, address, email, phone);
     
     
   • Health information (history, prescriptions, referrals, notes, results);
     
     
   • Sensitive information (e.g., gender at birth, Aboriginal or Torres Strait Islander status);
     
     
   • Government identifiers (e.g., Medicare number, IHI);
     
     
   • De-identified technical data (cookies, device/browser info, session logs).
     
     
3. We collect information about patients, Representatives, Partner Practitioners, employees/contractors/applicants and service providers.
   
   
4. Sources include you, your Representative (with consent), Partner Practitioners, and third-party login providers (e.g., Google, Apple, Meta).
   
   

3. Why We Collect, Use & Disclose Information

We collect, hold, use and disclose personal information to:

• communicate with you and deliver healthcare services;
  
  
• connect you with Partner Practitioners via the Platform;
  
  
• facilitate prescriptions, referrals, medical certificates and related services;
  
  
• process payments and maintain records consistent with AHPRA requirements;
  
  
• meet obligations under TGA advertising/compliance frameworks;
  
  
• conduct quality assurance, training and insurance-related activities;
  
  
• comply with law or respond to serious and imminent threats to life/health/safety;
  
  
• run de-identified analytics to improve services.
  If you do not provide requested information, we may be unable to provide services.
  
  

4. Information Sharing

1. We may share information with:
   
   
   • Partner Practitioners providing your care;
     
     
   • Accredited pharmacies, pathology providers and specialists (as needed);
     
     
   • IT, hosting, security, payment and delivery service providers;
     
     
   • Accreditation/quality bodies (with your consent);
     
     
   • Regulators/law enforcement where authorised/required by law.
     
     
2. We do not sell your information or share with unrelated providers without your explicit consent.
   
   
3. If our business is sold/merged/restructured, information may transfer under strict confidentiality.
   
   
4. We may share de-identified data for service improvement and research.
   
   

5. Storage & Security

• Data is encrypted in transit and at rest and hosted on secure Australian infrastructure.
  
  
• Access requires secure authentication; all access is role-based and logged.
  
  
• We use firewalls, encryption, segregation, backups and monitoring.
  
  
• We comply with interoperability and record-keeping obligations under AHPRA and WA law.
  
  

6. Cookies & Tracking

• We use cookies and similar tech to improve site functionality and experience.
  
  
• Cookies we use are not for collecting identifiable information.
  
  
• You may disable cookies; some features may then be limited.
  
  

7. Marketing & Promotions

• With your consent, we may contact you about relevant services or offers.
  
  
• You can opt out at any time by using the unsubscribe link or emailing [email protected].
  
  
• We may use permitted remarketing tools (e.g., Google/Meta). We never sell your data.
  
  

8. Your Rights

You can:

• Access your personal information;
  
  
• Correct inaccuracies;
  
  
• Request deletion (subject to medical record retention laws, typically 7 years);
  
  
• Complain about our handling of your information.
  Send all requests/complaints to [email protected]. If you’re not satisfied with our response, you may contact the OAIC (and, for health information, the relevant State/Territory health complaints entity).
  
  

9. Updates to This Policy

Effective 02/01/2025 . We may update this Policy; the latest version will be on our website. Continued use of the Platform indicates acceptance of any updates.