Astra Health AI provides AI-assisted healthcare software services, including but not limited to In-person consultations, Telehealth consultations, and other related services. Our Platform aims to help qualified medical practitioners and clinics deliver comprehensive healthcare to their patients with the use of AI. Our Privacy Policy includes information about how Astra Health AI handles Personal Data.
Astra Health AI Pty Ltd (ABN 33 673 876 223) ("Astra Health AI", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with our Astra Health AI platform and related services (collectively referred to as the "Platform").
Astra Health AI provides AI-assisted healthcare software services, including but not limited to in-person consultations, telehealth consultations, and other related services. Our Platform aims to help qualified medical practitioners and clinics deliver comprehensive healthcare to their patients with the use of AI.
We collect personal information necessary for the provision of our services, including:
Contact information: This includes your full name, email address, phone number, and mailing address (if applicable).
Account details: Your username, password, account preferences, and login history.
Professional information: Your role in healthcare (e.g., doctor, nurse, specialist), professional qualifications, specialties, years of experience, and practice location.
Health-related data: Information necessary for service provision, which may include patient medical histories, treatment plans, and diagnostic information. This data is always handled with the utmost confidentiality and in compliance with relevant healthcare privacy laws.
Usage data: Information about how you interact with our Platform, including features used, time spent, and frequency of use.
We collect information:
During account registration: When you create an account, we collect basic personal and professional information.
Through Platform usage: As you use our services, we gather data on your interactions and the information you input.
Via customer feedback: Through surveys, support interactions, and direct communications.
Website analytics: Using cookies and similar technologies to understand how users interact with our website.
Third-party sources: When necessary and with your consent, we may obtain information from other healthcare providers or systems to enhance our services.
We use your personal information to:
Provide and improve our services: This includes personalising your experience, enhancing our AI algorithms, and developing new features.
Manage your account: Maintaining your profile, processing payments, and handling account-related communications.
Communicate with you: Sending service updates, responding to inquiries, and providing customer support.
Conduct analysis and research: Analysing usage patterns to improve our Platform's functionality and user experience.
Comply with legal obligations: Meeting regulatory requirements, responding to legal requests, and protecting our legal rights.
Ensure platform security: Detecting and preventing fraud, unauthorised access, and other potential security issues.
We prioritise data security and implement a localised storage approach for our users:
For users in Australia and New Zealand, we store your personal information within your local jurisdiction. This ensures compliance with local data protection laws and regulations.
We implement robust security measures to protect your data, regardless of storage location, including:
State-of-the-art encryption: All data is encrypted both in transit and at rest using industry-standard protocols.
Access controls: Strict access policies ensure only authorised personnel can access sensitive information.
Continuous monitoring: We employ advanced threat detection systems to identify and respond to potential security risks in real-time.
Regular security audits: We conduct periodic assessments of our security measures to ensure they meet the highest standards.
For users outside of these specified countries, or in cases where certain Platform functionalities require it, data may be stored on secure servers in other locations. In such cases, we ensure that appropriate safeguards are in place to protect your information and comply with applicable data protection laws.
Some Platform functionalities may depend on third-party services whose servers are located internationally, including in the United States. All such services are HIPAA-compliant, and we enter into data processing agreements to ensure the protection of your data.We are committed to transparency regarding our data storage practices. If you have any questions about where your specific data is stored or how it's protected, please contact our Privacy Officer for more information.
We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Our data retention practices include:
Active accounts: Data is retained for the duration of your account's active status.
Dormant accounts: If an account remains inactive for 12 months, we initiate a review process.
Account deletion: Upon account deletion, we begin the process of destroying associated personal information.
Data destruction timeline: All personal information is securely destroyed within a 12-month period following account deletion or determined inactivity.
Anonymised data: We may retain certain anonymised data for analytical purposes, ensuring it cannot be linked back to any individual.
Our AI-powered transcription service captures and transcribes client consultations in real-time. All audio is immediately transformed into text, and the audio file is destroyed after transcription. This process occurs on our servers in Australia.
Unless you choose to save your notes within our Platform, they will be automatically deleted. If saved, notes are stored encrypted for 7 days by default, after which they are destroyed. You may opt to extend storage for up to 6 months in your settings.
Once you transfer consultation notes to your own systems, you are responsible for their security and management. You must comply with all relevant privacy and health records legislation, including obtaining necessary client consent.
We do not use or share personal information except as described in this policy. Exceptions include:
Legal or regulatory obligations
With your consent
To provide support services
We implement reasonable security measures to protect personal information, including:
Access-controlled premises
Encrypted electronic databases
Login and password protection
Staff training on data security
Confidentiality obligations for staff and third-party providers
While we strive to ensure data security, we cannot guarantee 100% protection against unauthorised access.
At Astra Health AI, we prioritise data security and privacy. Our data storage and transfer practices are as follows:
Local Data Storage: For users in Australia and New Zealand, we store your personal information within your local jurisdiction. This data localisation approach helps ensure compliance with local data protection laws and regulations.
Third-Party Services: Some functionalities of our Platform depend on third-party services, whose servers may be located internationally, including in the United States. All third-party services we use are HIPAA-compliant, ensuring a high standard of data protection.
Data Processing Agreements: When utilising third-party services, we enter into comprehensive data processing agreements. These agreements are crucial as they:
Enforce compliance with data protection standards and legal requirements
Safeguard your personal information from unauthorised use or disclosure
Maintain the integrity and confidentiality of your data
Enable us to provide enhanced functionality through external services while protecting your privacy
International Data Transfers: In cases where data must be transferred internationally to provide our services:
We ensure that appropriate safeguards are in place to protect your information
We comply with applicable data protection laws regarding international data transfers
We are transparent about when and why such transfers may occur
Data Protection Measures: Regardless of storage location, we implement robust security measures to protect your data, including encryption, access controls, and regular security audits.
We are committed to being transparent about our data storage and transfer practices. If you have any questions or concerns about where your data is stored or how it's protected, please contact our Privacy Officer for more information.
We use cookies and similar technologies to improve user experience and analyse website usage. You can set your browser to refuse cookies, but this may limit your ability to use all features of our website.
You have the right to:
Access your personal information
Correct inaccurate information
Request deletion of your data (subject to legal requirements)
Opt-out of certain data uses
To exercise these rights, please contact our Privacy Officer.
We may update this Privacy Policy from time to time. We will notify you of any significant changes and obtain your consent where required.
If you have questions or complaints about our privacy practices, please contact our Privacy Officer. If you're unsatisfied with our response, you may contact the Australian Privacy Commissioner.
Astra Health AI Pty Ltd
Sydney NSW
Email: contact@astrahealth.ai
By using our Platform, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our services.
