DaoBook - Legal Documentation

At DaoBook, we are committed to protecting the privacy of everyone who interacts with our platform, whether you're a practitioner using our services or a patient whose information is stored in our system. This Privacy Policy outlines our approach to collecting, using, and protecting personal information.

We may periodically update this policy to reflect changes in our practices or regulatory requirements. When we make significant changes, we'll notify our users through the DaoBook platform and other appropriate channels.

Key Terms

To help you better understand this policy, here are some important terms we'll be using:

Emba Digital (ABN 89 683 319 486) is the company that develops and operates DaoBook.
DaoBook refers to our software platform and related services for Traditional Chinese Medicine practitioners.
Personal Information is any information that can identify an individual, whether directly or indirectly.
Practitioners are the healthcare professionals who use DaoBook for their practice management.
Patients are individuals whose information is entered into DaoBook by practitioners.

1. Information We Collect

We collect information in two main ways: directly from practitioners who use our platform, and indirectly when practitioners enter information about their patients.

Information We Collect Directly

When you register for DaoBook, contact our support team, or interact with our website, we collect information such as:

Your name, email address, and contact details
Professional information, including qualifications and AHPRA registration
Billing information and payment details
Communication preferences and service customizations
Technical information about your device and how you use DaoBook

Information Collected Indirectly

When practitioners use DaoBook to manage their practice, they may enter information about their patients, which can include:

Patient names, contact details, and demographic information
Health-related information, including medical history and treatment records
Prescription and formula details
Appointment history and billing information
Health fund details

We also collect technical information when you use our platform:

Device information (such as browser type, operating system, and screen resolution)
Usage patterns and navigation data
Cookies and similar technologies (as detailed in our Cookie Policy)
Account activity, including login times and feature usage

2. How We Use Your Information

We use the information we collect to:

Provide and improve the DaoBook platform and its features
Process payments and manage your subscription
Offer customer support and respond to your inquiries
Send important service updates and notifications
With your consent, share educational content and product news
Analyze usage patterns to enhance our platform
Ensure security and prevent unauthorized access
Comply with legal and regulatory requirements

Importantly, we only use patient information entered by practitioners to provide and support the DaoBook service. We don't use this information for marketing or other unrelated purposes.

3. How We Protect Your Information

Protecting your information is our priority. We implement industry-standard security measures, including:

End-to-end encryption for sensitive data
Secure, monitored data centers with restricted access
Regular security assessments and vulnerability testing
Staff training on data protection and privacy practices
Access controls limiting data visibility to only those who need it

In the unlikely event of a data breach affecting your personal information, we'll notify you within 72 hours of discovery. We'll explain what happened, what information was affected, and what steps we're taking to address the situation.

For more details on our security practices, please visit our Data Security Policy.

4. Sharing Your Information

We respect your privacy and only share your information in limited circumstances:

Service Providers: We work with trusted partners who help us operate DaoBook, such as payment processors, cloud hosting providers, and customer support tools. These providers are bound by strict confidentiality agreements.
Legal Requirements: We may disclose information when required by law, court order, or government regulation.
Business Transfers: If Emba Digital is acquired or merged with another company, your information may be transferred as part of that transaction.
With Your Permission: We'll share your information with third parties when you explicitly authorize us to do so.

We never sell your personal information to third parties or use it for advertising purposes without your explicit consent.

5. Healthcare Data Protection

As a platform serving healthcare practitioners in Australia, we adhere to all relevant healthcare data protection laws and guidelines, including:

The Australian Privacy Principles under the Privacy Act 1988
Health Records legislation across Australian states and territories
AHPRA guidelines for healthcare information management
Relevant Traditional Chinese Medicine practice standards

For more information on how we comply with these requirements, please see our Healthcare Compliance Statement.

6. Your Rights and Choices

We respect your control over your personal information. You have the right to:

Access: Request a copy of the personal information we hold about you
Correction: Update or correct any inaccurate information
Deletion: Request that we delete your information (where legally permitted)
Portability: Receive your data in a structured, machine-readable format
Restriction: Limit how we use your information in certain circumstances
Objection: Opt out of certain uses of your information

To exercise these rights, please contact us at admin@daobook.com.au. We'll respond to your request within 30 days.

Please note that certain information may be essential to providing you with our services, and deleting it may limit or prevent your use of DaoBook.

7. Patient Information Access

If you're a patient whose information has been entered into DaoBook by a practitioner, and you wish to access or modify this information, please contact your healthcare provider directly. They maintain primary control over patient records in their account.

If you're unable to resolve your request with the practitioner, you can contact us with details of the practitioner, and we'll help facilitate your request in accordance with applicable privacy laws.

8. Data Retention

We keep your personal information for as long as needed to provide you with our services and to comply with legal obligations. Specifically:

Account information is retained while your account is active
After account closure, we retain certain information for 90 days before permanent deletion
Billing records are kept for the period required by tax regulations
De-identified usage data may be retained for analytical purposes

For patient data, we adhere to the health records retention requirements set by Australian healthcare regulations, which typically require long-term storage of medical records.

9. International Data Considerations

DaoBook is designed primarily for Australian practitioners, and we host our data primarily within Australia. However, some of our service providers may process data in other countries. When we transfer data internationally, we implement appropriate safeguards to ensure your information remains protected to Australian standards.

We recognize that healthcare data is subject to strict privacy regulations, and we design our systems to comply with Australian legal requirements for medical information.

10. Children's Privacy

DaoBook is designed for adult healthcare practitioners. We do not knowingly collect information from children under 16 years of age. If we discover we have collected information from a child under 16, we will promptly delete it.

We recognize that practitioners may treat children as patients and enter their information into DaoBook. This information is protected under the same strict standards as all patient data, with appropriate safeguards for sensitive information.

11. Policy Updates

We'll review this Privacy Policy regularly to ensure it accurately reflects our practices and complies with current regulations. When we make significant changes, we'll notify you through the DaoBook platform and update the "last modified" date at the top of this policy.

We encourage you to review this policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have questions, concerns, or feedback about this Privacy Policy or our privacy practices, please contact our Privacy Officer at: admin@daobook.com.au

We're committed to addressing your privacy concerns and will respond to your inquiry as quickly as possible, typically within 5 business days.