June 2025
Website Terms & Conditions of Use
Privacy Policy by DappleCRM Pty Ltd (ABN 57 682 693 170).
Privacy Policy
DappleCRM Pty Ltd (ABN 57 682 693 170) ("we","us" or the "Company") is committed to privacy protection. At dappleos.com ("this site"), we understand the importance of keeping personal information private and secure. This privacy policy ("Privacy Policy") describes generally how we manage personal information and safeguard privacy. If you would like more information, please don't hesitate to contact us.
This Privacy Policy forms part of, and is subject to the provisions of, our Website Terms of Use (dappleos.com/terms-conditions).
Privacy Commitment
- We will never rent, trade or sell your email address.
- We will never publicly display personal details that identify you.
The Australian Privacy Principles
We comply with the Privacy Act 1988 (Cth), including the 13 Australian Privacy Principles, which govern the handling of personal information.
What Is “Personal Information”?
Examples include:
- Name and date of birth
- Contact details (postal, email, phone)
- Payment details (bank account/credit card)
- Information from your user profile
- Preferences and login credentials
- Any data you share with us
Payment Information via Stripe
All purchases on this site are processed securely by Stripe. Unless consented otherwise, we do not access your financial data.
Health Information and Medical Records
We handle medical data in accordance with the Privacy Act 1988 and state health records legislation.
Examples include:
- Medical history, clinical notes, prescriptions
- Healthcare provider interactions
- Medicare numbers
- Diagnostic reports
Security measures:
- Encrypted data at rest and in transit
- Strict access controls for authorised users only
Collection of Information
We collect personal data when you:
- Register or update your user profile
- Make purchases or request services
- Submit forms or contact us
- Participate in marketing or surveys
Third Party Integrations
The platform may integrate with services like Medicare, Mimms, Evermed, and Symbio. As a healthcare provider, it is your duty to obtain patient consent before sharing their sensitive data.
IP Addresses and Cookies
We collect:
- IP addresses for session and security management
- Cookies for improving user experience
You may configure your browser to decline cookies. However, this may affect your ability to use interactive features.
Why We Use Cookies
Cookies help:
- Remember login status and preferences
- Process orders
- Display relevant alerts
- Save form data
- Integrate social media functions
Third Party Cookies
Used for:
- Analytics (Google Analytics)
- Advertising (Google AdSense)
- Social media plugins (e.g. Facebook, LinkedIn)
Use of Personal Information
We may use your data to:
- Verify identity
- Process payments
- Handle enquiries or changes to your account
- Improve our services
- Conduct fraud checks
- Send marketing (with opt-out options)
Disclosure of Information
Your data may be shared with trusted third parties providing:
- IT and mailing services
- Debt recovery
- Market research
- Professional advisers (e.g. legal, accounting)
- Government regulators (if legally required)
Direct Marketing Communications
We comply with the Spam Act 2003 (Cth). Marketing messages will only be sent with:
- Your consent, or
- A reasonable expectation based on our relationship
Opt-out methods include:
- Unsubscribe links
- Emailing support@dappleos.com with “UNSUBSCRIBE”
Artificial Intelligence (AI) Processing
Our software includes AI tools which:
- Analyse health data to support clinical decisions
- Are operated in secure environments
- Never train on identifiable data without consent
All AI outputs are reviewed by qualified professionals.
Healthcare Compliance Framework
We comply with:
- Healthcare Identifiers Service
- My Health Records Act 2012
- RACGP Standards
- ADHA requirements
DappleOS provides support tools, not medical advice.
Medical Disclaimer and Limitation of Liability
- DappleOS is not a healthcare provider
- Clinical decisions rest solely with practitioners
- We are not liable for medical outcomes, prescriptions, or adverse events
- Users must validate suggestions and maintain documentation
Controlled Substances & Prescription Guidance
Healthcare providers must:
- Follow legal and regulatory protocols
- Keep complete prescription records
- Meet real-time prescription monitoring (RTPM) requirements
Disclaimer Summary
The software is a supporting tool only.
Users must:
- Exercise independent judgement
- Maintain compliance with all applicable healthcare laws
- Accept full responsibility for clinical decisions
Access to Personal Information
You may request access to your data. Exceptions apply where access would:
- Be unlawful
- Impact another’s privacy
- Prejudice legal proceedings
We will explain any refusal in writing.
Correction of Personal Data
We will update or correct inaccurate records upon request.
All requests should be sent to support@dappleos.com
Security Measures
We use:
- Firewalls, antivirus, passwords
- Secure storage for paper and digital records
- Enhanced health data safeguards:
- End-to-end encryption
- Multi-factor authentication
- Security audits
External Websites
This policy applies only to dappleos.com. External sites are subject to their own privacy policies.
Re-marketing
We may use:
- Google AdWords
- Facebook Ads
No personal data is shared with these platforms. Preferences can be managed via their settings.
GDPR (EU General Data Protection Regulation)
We aim to comply with the GDPR for any EU-resident data we process, including:
- Access, correction, deletion rights
- Right to withdraw consent
- Right to restrict or object to processing
We will act within legal obligations even after consent is withdrawn.
Third Party Data Processing
Some data may be processed by overseas providers (e.g. AWS, Microsoft Azure). We ensure these processors:
- Maintain confidentiality
- Have appropriate technical safeguards
- Follow privacy protocols
Data Retention
Data is kept only as long as required. After the retention period:
- It is deleted or anonymised
- You may request data deletion under certain conditions
Data Breaches
We comply with the Notifiable Data Breaches Scheme.
If a breach occurs:
- We assess within 30 days
- Notify affected users and the OAIC (if required)
- Provide clear instructions and support
- Conduct post-incident reviews and prevention
Healthcare providers will be notified of breaches affecting patient data.
Keeping Information Up to Date
Notify support@dappleos.com of any updates to your personal information.
Changes to This Policy
We may update this Privacy Policy periodically. Updates will be posted on dappleos.com
Additional Resources
For further details on Australian privacy law, visit: