Skip to main content
Legal & Compliance

Privacy Policy

Patient Flow Pty Ltd (ABN: 89 648 250 024)  ·  Last updated: January 2025

1. Purpose of our policy

1.1 Patient Flow Pty Ltd (ABN: 89 648 250 024) provides ApolloScribe and associated technologies ('Platform').

1.2 References to 'us,' 'we' and 'our' apply to ApolloScribe. References to 'you' and 'your' apply to: (a) general practitioners and employees of medical clinics who are customers or potential customers ('Clinic Representatives'); (b) patients of medical clinics who use the Platform ('Patients'); and (c) contractors, suppliers, potential employees, and other individuals in business dealings.

1.3 This policy explains what personal information we handle, why, how we collect, use and disclose it, and your rights regarding access and correction.

1.4 We commit to protecting privacy in compliance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and applicable health records legislation.

1.5 This policy may be updated periodically without notice. You should review it regularly.

2. The types of personal information we collect

2.1 Personal Information means information about an individual reasonably capable of identifying them, including health or sensitive information.

2.2 We collect Personal Information to identify individuals, facilitate patient-clinic communications, and conduct business transactions.

2.3For Patients:

(a) Information comes from patients directly, their carers, practitioners, or their medical clinic.

(b) Types of information collected include:

  • ·General: name, location, date of birth, Medicare details, family details, contact information, username, platform usage details
  • ·Health information relating to health services, or falling within applicable privacy legislation definitions
  • ·Sensitive information (racial or ethnic origin, sexual orientation, criminal record, religious beliefs) only if directly provided
  • ·Communication details from clinic interactions via the Platform
  • ·Aggregated statistical information from cookies (anonymised)

2.4For Clinic Representatives:

(a) Information comes from the representative directly, patients, their clinic, or other sources including advertising, public records, mailing lists, contractors, staff, and business partners.

(b) Types of information collected include:

  • ·General: name, location, date of birth, contact details, login details, platform usage
  • ·Financial: bank or credit card details for transactions
  • ·Communication details from patient interactions via the Platform
  • ·Online preferences, location information, cookie-derived data, and product preferences
  • ·Professional registration, associations, and memberships

2.5For contractors, suppliers, potential employees, and other business contacts:

(a) Information comes from individuals directly or third parties such as recruitment agencies and business partners.

(b) Types of information collected include:

  • ·Name and contact details
  • ·Professional qualifications and skills
  • ·Employment history and references
  • ·Financial information for transactions

2.6 We may also collect statistical information via cookies, analytical services, or pixel tags from website and Platform users and email subscribers.

3. How personal information is used and disclosed

3.1 Primary purposes are enabling Platform functionality, providing services, and supporting business operations.

3.2For Patients:

(a) Personal Information is never sold or shared for unrelated purposes.

(b) Information is used for its primary collection purpose, for example appointment confirmation.

(c) Secondary uses require consent or reasonable expectation, for example complaint investigation.

(d) Information is maintained in strict confidence and disclosed to third parties only when reasonably necessary for Platform provision or practitioner record-keeping, or when required by law (including law enforcement or serious safety threats).

(f) Third parties who may receive information include:

  • ·The patient's medical clinic
  • ·Service providers: IT, network, software, and cloud storage providers
  • ·Practice management software providers
  • ·External professional advisers

(g) Information is de-identified or anonymised where possible before sharing.

3.3For Clinic Representatives:

(a) Personal Information is used for service provision and Platform access, including: appointment communication, platform usage monitoring, patient information sharing, identity verification, and billing.

(b) Secondary uses include: relationship communication, goods and services marketing, promotions, surveys, issue and complaint investigation, and legally-required purposes.

(c) Information is disclosed to third parties only when reasonably necessary for business operation, service provision, or legal requirements.

(d) Third parties who may receive information include:

  • ·Patients and potential patients
  • ·The employing or engaging medical clinic
  • ·Service providers: IT, network, software, cloud storage, practice management software, subscription and mailing services, billing and financial functions
  • ·External professional advisers

3.4 For contractors, suppliers, potential employees, and other business contacts: information is used for the collection purpose or secondary purposes the individual might reasonably expect.

3.5 Some disclosures may involve overseas recipients, potentially including third parties located in the United States of America, though this may change from time to time. Where information is shared internationally, we take steps to ensure recipients provide equivalent privacy protections.

4. Opting out

4.1 You may opt out of Personal Information collection or request de-identification. Please note this may prevent access to some or all services. Contact us at support@apolloscribe.com.au.

4.2 If you have received unwanted communications, please also contact support@apolloscribe.com.au.

5. Keeping your personal information secure

5.1 We take reasonable precautions to protect Personal Information from unauthorised access, disclosure, misuse, or loss, including securing physical facilities and electronic networks.

5.2 ApolloScribe uses standard industry encryption methods when storing and transferring Personal Information, with monitoring and access controls in place.

5.3 Personal information is stored in secure, encrypted electronic format in Australia.

5.4 Personal Information is not disclosed outside Australia unless recipients are in jurisdictions with similar privacy regimes, or have contractually agreed to equivalent safeguards.

5.5 Personal Information is retained for as long as necessary for the stated purposes, or longer if legally required.

6. How to access, correct, or update your personal information

6.1 Under the Australian Privacy Principles, you have rights to request access to or correction of Personal Information we hold about you.

6.2 To request access or correction: (a) Platform users can update information within their profile; or (b) contact us using the details in section 9.

6.3 We will correct errors within 14 days of written notice, or provide access within 28 days of a written request.

6.4 Reasonable fees may apply for access or correction requests to cover costs incurred.

6.5 If access is denied or correction is refused, we will provide reasons.

8. Complaints and disputes

8.1 Queries or complaints about Personal Information handling should be addressed in writing using the contact details in section 9. We aim to resolve issues directly.

8.2 If unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner:

Phone: 1300 363 992

Online: www.oaic.gov.au

9. Contacting us

9.1 Questions, comments, or requests regarding this Privacy Policy should be addressed to:

Post

The Privacy Officer
Patient Flow Pty Ltd
55 Tyrrell Street
The Hill NSW 2300
Australia

9.2 Please email the Privacy Officer in the first instance.

10. Updates to this policy

10.1 We may update this Privacy Policy from time to time. Updated versions will be posted at www.apolloscribe.com/privacy-policy.

10.2 You should refer back to this page for amendments, as revised policies apply to all Personal Information we hold.

Questions about how ApolloScribe handles your data?

Talk to the team — we can walk you through our privacy and security architecture.

Get in touch