Australian Privacy Principles

ToothNotes uses a layered privacy document set to support compliance with the Australian Privacy Principles, including a full privacy policy, APP 5 collection notices, recording notices, internal privacy governance documents, breach response procedures, and rights-handling procedures.

These materials are intended to support APP compliance. Actual compliance also depends on how the product is configured, how customer organisations use it, and whether all required operational controls are followed in practice.

The main public documents are:

• Privacy Policy for APP 1 privacy management transparency
• Privacy Collection Notice for APP 5 collection notice content
• Recording Notice for consult-audio use, customer responsibilities, and notice expectations
• Terms of Service for customer obligations, permitted use, and review requirements

The main internal documents cover:

• privacy governance and review cadence
• APP obligation mapping and evidence register
• APP 5 notice library for each collection point
• access, correction, and complaint handling
• direct marketing and unsubscribe controls
• subprocessor, retention, and data breach procedures

Documents alone do not make a product compliant. ToothNotes now uses an analytics choice gate, an account-entry collection notice, and a mobile recording acknowledgement flow, but compliance still depends on deployed vendor settings and day-to-day operational follow-through.

Customers are also responsible for their own clinic policies, patient notice or consent requirements, and lawful handling of clinical records.

Privacy enquiries, access requests, correction requests, and privacy complaints can be sent to support@toothnotes.com.