Privacy Policy

This Privacy Policy explains how MedStory Pty Ltd handles personal information when you visit the MedStory website, contact us, join the early-access list, use MedStory services, or use future app features made available by MedStory.

Some app, connected-source, sharing, OCR, AI-assisted, subscription and My Health Record features described in this policy may be unavailable, prototype-only, invitation-only, or subject to additional notices before use.

This policy should be read together with our Terms of Use, Usage Policy, Accessibility Statement and any collection notice shown at the time information is requested.

We aim to handle personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles and other privacy or health-records laws that apply to MedStory.

Health information is sensitive information. Where MedStory handles health information, we take additional care with consent, access controls, security, retention, deletion, disclosure and support access.

This policy applies when you:

• visit medstory.com.au or another MedStory website
• join the early-access list or contact us
• create or use a MedStory account or profile, where available
• add health information, notes, dates, documents, photos or evidence
• use document intake, OCR, extraction, summarisation or AI-assisted features
• connect a supported health record source, if such a feature is available
• invite another person to access or help manage a profile
• request access, correction, export, deletion, support or privacy help

The current public website is designed for privacy-light early access interest. It asks for contact details only, such as name and email address.

Please do not include medication names, diagnoses, documents, clinical notes, Medicare details, My Health Record details or other health information in the public website form, early-access emails, or general website enquiries unless MedStory has provided an approved secure intake process for that purpose.

The information we collect depends on how you use MedStory. It may include:

• contact details, such as name, email address and communication preferences
• account details, authentication information and security settings, where accounts are available
• profile details, such as profile label, date of birth or age range, relationship to the account holder and access role
• health information you choose to enter, upload, import, link, confirm or share
• documents, photos, file names, file types, upload dates, extracted text and review status, where document features are available
• source dates, evidence links, notes, review flags and information marked as needing checking
• billing or subscription status, where paid plans are used
• support messages and related correspondence
• technical, security and performance information such as device type, browser type, IP address, timestamps, page views, error logs, audit logs and security events

MedStory collects health information only where it is reasonably necessary for features you choose to use, where you have provided consent, or where otherwise permitted by law.

By entering, uploading, importing, connecting, confirming or sharing health information in MedStory, you consent to MedStory handling that information as described in this policy and any relevant collection notice.

MedStory may collect consent through account setup, profile creation, document upload, connected-source access, OCR or AI-assisted review, invite flows, billing flows, collection notices or other in-product prompts.

You may withdraw consent for optional features by changing settings, disconnecting a source, removing access, deleting information or contacting us. Withdrawal of consent may limit our ability to provide some features.

Withdrawal does not affect lawful handling that occurred before consent was withdrawn. We may also need to retain some information where required or permitted by law, including for security, audit, dispute, backup or legal purposes.

MedStory may allow you to create, manage or access a profile for another person, such as a child, parent, family member or person you support.

Before creating, uploading to, editing, accessing or sharing another person's profile, you must have their consent, legal authority or another lawful basis to do so. You must not use MedStory to secretly collect, monitor, access or share another person's health information.

Where MedStory allows child, dependant or supported-person profiles, the person creating or managing that profile must have appropriate consent, parental responsibility, guardianship, legal authority or another lawful basis.

MedStory may require additional confirmation before allowing a user to create, manage, share, export, delete or upload information to a profile for a child, dependant or person who may not be able to manage their own information.

MedStory may suspend or restrict access where we reasonably believe this is necessary to protect privacy, safety, security or legal compliance.

MedStory is not operated by the Australian Government and is not a replacement for My Health Record. The current MedStory website may include prototype screens that describe possible future records access, but those prototype screens are not a live My Health Record connection.

If MedStory later offers a My Health Record or supported-source connection, that feature must use approved access and authorisation pathways. MedStory will not ask for, collect or store your myGov password, and will not bypass My Health Record permissions, access controls or authorisation requirements.

You must only access, import, view, store or use My Health Record information that you are legally permitted to access. Information from connected sources may be incomplete, unavailable, out of date or require checking with the original source or a qualified health professional.

You are responsible for making sure you have the right to upload each document, photo or file. Uploaded materials may contain sensitive health information and information about other people.

If you delete a document, related evidence links, extracted text, summaries or profile references may also be removed or affected, subject to technical, backup, audit and legal limitations.

MedStory may use OCR, extraction, summarisation or AI-assisted tools to help identify possible information from uploaded documents. Suggested information must be reviewed before it is treated as confirmed profile information.

OCR, extraction, summarisation and AI-assisted outputs can be wrong, incomplete, outdated or missing important context. MedStory does not use these features to diagnose, treat, recommend medication changes, provide emergency advice or replace professional clinical judgement.

Where MedStory uses third-party OCR, extraction, summarisation or AI-assisted service providers, we require them to process information only on our instructions and for the purposes we authorise. We do not permit service providers to use identifiable health information for their own independent purposes or to train their own or third-party AI models unless we clearly tell you and obtain any consent required by law.

We may use personal information to:

• provide and operate MedStory
• manage accounts, profiles, access roles and invitations
• store, organise, display and export health information you choose to add
• connect to supported sources where available and authorised
• upload, link and review evidence
• suggest information from uploaded documents
• respond to enquiries, support requests, access requests and complaints
• process subscriptions or payments, where applicable
• improve reliability, safety, accessibility and usability
• protect against misuse, unauthorised access, fraud and security threats
• comply with legal and regulatory obligations
• enforce our Terms of Use and resolve disputes

MedStory does not:

• sell health information
• use private health information for third-party advertising
• provide emergency support
• provide medical advice
• diagnose conditions or recommend treatment
• recommend medication changes
• replace a qualified health professional
• guarantee that information is complete, current, accurate or verified
• collect your myGov password
• bypass official My Health Record permissions

If you need urgent medical help in Australia, call 000.

We may disclose personal information where reasonably necessary to:

• provide the service or feature you choose to use
• share a profile with people you invite
• connect with supported health record sources, where available and authorised
• use trusted service providers to operate, secure, support and improve MedStory
• process payments, where applicable
• provide customer support
• protect security or investigate misuse
• comply with legal or regulatory obligations
• respond to lawful requests from regulators, courts or authorities
• enforce our Terms of Use or resolve disputes
• lessen or prevent a serious threat to life, health or safety, where permitted or required by law

We do not sell health information and do not use private health information for third-party advertising.

MedStory may use service providers for hosting, authentication, database storage, file storage, email, analytics, error monitoring, customer support, payments, OCR, extraction, summarisation, AI-assisted processing, security monitoring and professional advice.

We aim to use service providers that are appropriate for the type of information they process. We require service providers to handle personal information only for authorised purposes and with appropriate privacy and security safeguards.

Where sharing is available, you may be able to invite trusted people to access a profile. Before inviting someone, check who you are inviting, which profile they can access, what they can see, what they can add, edit, export or delete, and whether access can be changed or removed.

Once information is downloaded, exported, screenshotted, printed or shared outside MedStory, we may not be able to recall or control that copy.

Some service providers may store, process or access information outside Australia. Where this occurs, we will take reasonable steps to use appropriate privacy and security safeguards.

Before using features that disclose health information overseas, MedStory may provide additional notices, request consent or offer configuration choices where required by law or appropriate for the feature.

We may create de-identified or aggregated information from information we hold. Where information has been de-identified so that it can no longer reasonably identify you, it is no longer personal information.

We may use de-identified or aggregated information for service improvement, safety, analytics, research, reporting, product development and improving MedStory features. We do not use identifiable health information to train third-party AI models unless we clearly tell you and obtain any consent required by law.

MedStory may use privacy-conservative analytics on public website pages to understand interest, improve the website and measure product engagement. The current public website uses GA4, Vercel Web Analytics and Vercel Speed Insights.

Public website analytics should not intentionally include medication names, condition names, document contents, private notes or other detailed health information. Logged-in health areas should not use advertising pixels, retargeting pixels or invasive session replay tools unless specifically reviewed and approved.

If you sign up for updates, we may send product updates and MedStory communications. You can unsubscribe from optional marketing communications. Private health information is not used for third-party advertising.

You may request access to personal information we hold about you and ask us to correct information that is wrong, incomplete, misleading or out of date.

Where available, MedStory may provide tools to export or delete account, profile, document or health item information. Deletion may be subject to technical, legal, backup, security and audit-log limitations.

Cancelling a paid subscription does not necessarily delete your account, profiles, documents or records. Account deletion and subscription cancellation may be separate actions.

We retain personal information only for as long as reasonably necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

Retention periods may vary depending on the type of information, feature used, legal requirements, dispute requirements, backup processes, security needs and whether the information relates to a profile, document, connected source, audit log, support request or billing record.

Where information is no longer required, we will take reasonable steps to destroy, delete or de-identify it, subject to legal, technical, backup, audit and security limitations.

We use administrative, technical and organisational safeguards designed to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure.

Support access to personal information should be limited to authorised people who need access for support, security, operation, legal compliance or another approved purpose. Audit logs should not contain document text, clinical notes, secrets or full record snapshots.

No online service can guarantee absolute security. If you believe your account or information has been accessed without permission, contact us promptly.

If MedStory becomes aware of a data breach involving personal information, we will take steps to contain and assess the breach. Where required, we will notify affected individuals and the Office of the Australian Information Commissioner under the Notifiable Data Breaches scheme.

MedStory may provide short collection notices at the point information is requested. A collection notice may explain why information is requested, whether it is required or optional, what happens if it is not provided, who it may be shared with, whether it may be processed overseas, and where to find this policy.

For privacy questions, access requests, correction requests, deletion requests or complaints, contact info@medstory.com.au.

We aim to acknowledge privacy complaints within 7 days and respond within 30 days, where reasonable and practicable. If you are not satisfied with our response, you may have the right to contact the Office of the Australian Information Commissioner or another relevant regulator.

We may update this Privacy Policy as MedStory changes. If we make material changes to how personal or health information is collected, used, disclosed or protected, we will take reasonable steps to notify affected users before or when the change takes effect. Where required or appropriate, we may ask for fresh consent.