Privacy Policy

1. Introduction

ClinLog ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service. This policy complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using the ClinLog service (the "Service"), you consent to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you provide directly to us when you:

• Create an account: Email address, name (optional)

• Complete onboarding: Pathway type (5+1 Internship or Registrar), qualification details, area of practice, start date

• Use the Service: Log entries including dates, hours, categories (direct client contact, indirect practice, supervision, CPD), subcategories, supervisor information, supervision types and modes, notes

• Add supervisors: Supervisor names, roles (primary/secondary), endorsed areas, area matching information

• Create programs: Program names, start dates, and associated data

• Contact us: Information provided through support requests or contact forms

• Subscribe: Payment information (processed through Stripe - we do not store full payment card details)

2.2 Automatically Collected Information

When you access the Service, we may automatically collect certain information, including:

• Usage data: Pages visited, features used, time spent on the Service

• Device information: Browser type, device type, operating system

• Log data: IP address, access times, dates and times of Service access

• Cookies and similar technologies: See Section 8 for more information

2.3 Third-Party Authentication

We use Neon Auth for user authentication. When you sign up or sign in, Neon Auth processes your email address and authentication credentials. We receive your user ID and email address from Neon Auth.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

• To provide, maintain, and improve the Service

• To process your subscription and manage your account

• To authenticate your identity and manage access to the Service

• To store and process your log entries, supervisor information, and program data

• To calculate and display your progress toward pathway requirements

• To generate analytics and reports

3.2 Communication

• To send you service-related communications (account updates, subscription information)

• To respond to your inquiries and provide customer support

• To send you important notices regarding changes to our Terms of Service or Privacy Policy

3.3 Legal and Safety

• To comply with legal obligations

• To enforce our Terms of Service

• To protect the rights, property, or safety of ClinLog, our users, or others

• To detect, prevent, or address fraud, security, or technical issues

3.4 Service Improvement

• To analyse usage patterns and improve the Service

• To develop new features and functionality

• To conduct research and analytics (using aggregated, anonymised data)

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Neon Database: Stores your account data, log entries, supervisors, and programs

• Neon Auth: Provides authentication services

• Stripe: Processes subscription payments (we do not receive or store your full payment card details)

• Relay.app: Processes support requests submitted through our contact form

These service providers are contractually obligated to protect your information and may only use it for the purposes specified by us.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with your explicit consent or at your direction.

5. Data Storage and Security

5.1 Data Storage

Your data is stored on servers operated by Neon Database, which uses secure cloud infrastructure. Data is stored in accordance with industry standards and may be stored in data centres located outside of Australia. By using the Service, you consent to the transfer of your information to these facilities.

5.2 Security Measures

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (using HTTPS/TLS)

• Secure authentication and access controls

• Regular security assessments

• Limited access to personal information on a need-to-know basis

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

5.3 Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfil the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. When you delete your account, we will delete or anonymise your personal information within a reasonable timeframe, except where we are required to retain it for legal purposes.

6. Your Rights and Choices

Under the Privacy Act 1988 (Cth) and Australian Privacy Principles, you have certain rights regarding your personal information:

6.1 Access

You have the right to request access to the personal information we hold about you. You can access most of your information directly through the Service. For additional information, please contact us at support@clinlog.au.

6.2 Correction

You have the right to request correction of inaccurate, incomplete, or out-of-date personal information. You can update most of your information directly through the Service's settings. If you need assistance, please contact us at support@clinlog.au.

6.3 Deletion

You have the right to request deletion of your personal information. You can delete your account and associated data through the Service's account settings. We will delete your information within a reasonable timeframe, except where retention is required by law.

6.4 Data Portability

You can export your data at any time through the Service's features. We recommend regularly exporting your data as a backup.

6.5 Opt-Out

You can opt out of certain communications by:

• Unsubscribing from marketing emails (if any) using the unsubscribe link

• Adjusting your account settings

• Contacting us at support@clinlog.au

6.6 Complaints

If you believe we have breached the Australian Privacy Principles, you have the right to make a complaint to:

1. Us first: Please contact us at support@clinlog.au with details of your complaint. We will investigate and respond within 30 days.

2. Office of the Australian Information Commissioner (OAIC): If you are not satisfied with our response, you can lodge a complaint with the OAIC at:

   • Website: https://www.oaic.gov.au

   • Phone: 1300 363 992

   • Email: enquiries@oaic.gov.au

7. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@clinlog.au, and we will delete such information.

8. Cookies and Tracking Technologies

8.1 Cookies

We use cookies and similar tracking technologies to track activity on the Service and store certain information. Cookies are small data files stored on your device that help us improve your experience.

8.2 Types of Cookies We Use

• Essential cookies: Required for the Service to function properly (e.g., authentication, session management)

• Functional cookies: Remember your preferences and settings

• Analytics cookies: Help us understand how users interact with the Service (we may use aggregated, anonymised analytics)

8.3 Cookie Management

Most web browsers allow you to control cookies through their settings. However, disabling cookies may limit your ability to use certain features of the Service.

9. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party sites you visit.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Australia, including the United States and other jurisdictions where our service providers operate. These countries may have different data protection laws than Australia. By using the Service, you consent to the transfer of your information to these countries.

We take steps to ensure that your information receives an adequate level of protection in the jurisdictions in which we process it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page

• Updating the "Last updated" date

• Sending you an email notification (if you have provided an email address)

• Providing a notice through the Service

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

12. Australian Privacy Principles Compliance

This Privacy Policy is designed to comply with the 13 Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth):

1. Open and transparent management of personal information - This policy provides clear information about our privacy practices

2. Anonymity and pseudonymity - You can use the Service with minimal personal information (email required for account)

3. Collection of solicited personal information - We only collect information necessary for the Service

4. Dealing with unsolicited personal information - We will destroy or de-identify unsolicited information where possible

5. Notification of collection - This policy notifies you of what information we collect

6. Use or disclosure - We only use and disclose information as described in this policy

7. Direct marketing - We do not engage in direct marketing without consent

8. Cross-border disclosure - We disclose information to service providers as described in Section 4

9. Adoption, use, or disclosure of government identifiers - We do not adopt government identifiers

10. Quality of personal information - We take reasonable steps to ensure information is accurate

11. Security of personal information - We implement security measures as described in Section 5

12. Access to personal information - You can access your information as described in Section 6

13. Correction of personal information - You can correct your information as described in Section 6

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: support@clinlog.au

We will respond to your inquiry within 30 days.