CadenceHome
Working draft.This notice is the floor we’ll publish once legal review completes. The platform itself enforces Australian-only data residency and row-level isolation today. If you have a specific question while we’re finalising the wording, get in touch.

Cadence — Privacy Notice (Template)

Status: Template — legal review required before publication (Ticket C4).

This template becomes the public privacy notice served at cadence.clinic/privacy. Each tenant clinic may add an addendum specific to their practice.

Privacy Notice

Effective date: [to be set on publication]

This Privacy Notice explains how Cadence (the platform) and the clinic operating it ("we", "us") collect, use, store, and protect personal information about patients, practitioners, and other users. It follows the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and any applicable state health records legislation.

1. Who we are

Cadence is a clinic intelligence platform provided to allied health clinics. Your clinic is the data controller; Cadence is the data processor. Specific contact details for your clinic's privacy officer are in §10.

2. What we collect

We collect:

  • Identifying information about patients: name, date of birth, contact details, address, Medicare/health-fund details where applicable
  • Clinical information: appointment history, treatment notes (held in your clinic's practice management system, mirrored only as references in Cadence), outcome measures, communications with us
  • Account information about practitioners and staff: name, email, role, login activity, audit trail
  • Operational metadata: device, IP, browser, log information about platform use

We do not collect more than what's needed to run the clinic's operational, billing, and reporting functions.

3. How we collect it

  • From you when you book an appointment, complete intake, or interact with us
  • From your practitioners during care
  • Automatically from the booking and practice management software (Nookal) integrated with Cadence
  • From referrers (GPs, surgeons) when applicable
  • From you online when you use a clinic's customer-facing channels

4. How we use it

To:

  • Provide and improve care
  • Schedule, deliver, and bill for appointments
  • Maintain clinical records as required by AHPRA / state law
  • Communicate with you about your care, reminders, and recalls
  • Operate the clinic (KPIs, mentoring, business decisions)
  • Comply with legal and regulatory obligations
  • Detect and respond to security incidents

We do not:

  • Sell your personal information
  • Use clinical information for marketing
  • Use AI to generate medical advice or care decisions for you without practitioner oversight

5. Where it's stored

All patient-identifiable data is stored in Australia (ap-southeast-2, Sydney) on Supabase infrastructure. AI inference, when used, runs on AWS Bedrock in Sydney so that prompts and completions also stay in Australia. We use vendors with Australian data residency for email and SMS (where activated).

Build-time tooling (developer accounts, source code repositories) does not handle live patient data.

6. How we secure it

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Two-factor authentication mandatory for clinical and owner accounts
  • Row-level security in the database isolates each clinic's data
  • Append-only audit log retained ≥7 years
  • Daily backups; tested restore quarterly
  • Pen test by a CREST-accredited Australian provider before any external user has access

We follow APP 11.1.

7. How long we keep it

Patient records: at least 7 years from your last contact with us (or longer where state law requires it; longer again for minors per state law). After that, records are securely destroyed unless a longer retention is required by law.

Account / login data: as long as your account is active, then 7 years.

8. Your rights

You may, at any time, ask us to:

  • Access your personal information (Privacy Act APP 12)
  • Correct it if it's wrong (APP 13)
  • Delete information that is no longer required, where law allows
  • Withdraw consent for processing where it was the lawful basis
  • Lodge a complaint with us, with the OAIC, or with the relevant state health-records regulator

To make a request, contact the Privacy Officer in §10. We will respond within 30 days. Identification will be verified before any information is released.

9. Disclosures to others

We share personal information only where:

  • You consent
  • It's needed for your care (e.g., a referral letter to your GP, with you knowing)
  • A legal obligation requires it (e.g., subpoena, mandated reporting)
  • A service provider needs it to operate the platform (Supabase, AWS, our SMS/email provider) — all under data processing agreements with appropriate safeguards
  • A breach response under Part IIIC of the Privacy Act requires it

We do not share information outside Australia.

10. Contact us

11. Changes to this notice

We update this notice from time to time. Material changes will be communicated via the platform and (where you've consented) by email. The current version is always at cadence.clinic/privacy.

Tenant clinics may attach an Annex specific to their practice (additional services, marketing consents, etc.). The platform-level notice above is the floor.