MedflowMedflow
Back to Home

Privacy Policy

Last updated: December 17, 2025

Introduction

MedFlow Solutions ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PBS Authority Portal.

By using our service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Personal Information

  • Contact details (name, email, phone number)
  • Professional credentials (AHPRA number, prescriber number)
  • Clinic and practice information

Patient Information

  • Patient demographics and contact information
  • Medicare and DVA numbers
  • Medical conditions and treatment information
  • Prescription and authority application data

Usage Data

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Application usage statistics

How We Use Your Information

We use the collected information for:

  • Processing PBS authority applications
  • Managing user accounts and clinic profiles
  • Communicating with users about submissions and updates
  • Improving our service and user experience
  • Compliance with legal obligations
  • Preventing fraud and ensuring security

Data Security

We implement industry-standard security measures to protect your information:

  • End-to-end encryption for sensitive data
  • Secure HTTPS connections
  • Multi-factor authentication (MFA)
  • Role-based access controls
  • Regular security audits and monitoring
  • Secure cloud infrastructure (Supabase)

Data Sharing and Disclosure

We may share your information with:

  • Government Authorities: PBS submissions are shared with the Department of Health
  • Service Providers: Third-party services that help us operate (email, hosting, analytics)
  • Legal Requirements: When required by law or to protect our rights

We do not sell your personal information to third parties.

Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. PBS submission data is retained for 7 years in accordance with Australian healthcare record-keeping requirements.

Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your data (subject to legal requirements)
  • Export your data
  • Withdraw consent for marketing communications

Cookies and Tracking

We use cookies and similar technologies to maintain your session, remember your preferences, and analyze usage patterns. You can control cookie settings through your browser.

Children's Privacy

Our service is not directed to individuals under 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: privacy@medflow.com.au

Address: MedFlow Solutions, Sydney, Australia