How we protect clinic and client data, and how partners and clinics can obtain our compliance documents and DPA.
We treat clinic and client data as carefully as you do. Our security and privacy programme is designed to meet the Australian Privacy Act 1988 (APPs) and to align with the EU/UK GDPR where it applies. This page summarises how we protect data and how partners and clinics can obtain our compliance documents.
Our primary database is hosted in Sydney, Australia. Some specialist functions — AI transcription and note-drafting, SMS and email — are performed by trusted providers, some located overseas, under contractual safeguards including Standard Contractual Clauses (SCCs) and data-processing agreements consistent with Australian Privacy Principle 8.
For partnership and procurement reviews, we maintain a Data Protection & Compliance Pack (Article 30 record of processing, lawful bases, subprocessor register with SCCs, technical and organisational measures, breach procedure and data-subject-rights process) and can provide a signed Data Processing Agreement (DPA) to clinics and integration partners. To request these, contact support@apexhqvet.com.au.
We use a small set of vetted providers (database hosting, application hosting and recording storage, SMS/voice, transcription, AI note-drafting, and email), each under a data-processing agreement. The current register is available on request as part of our compliance pack.
AI-generated clinical notes are always drafts for a vet to review and approve — nothing is auto-finalised. Under our agreements, our AI providers do not use your content to train their models. We are introducing pseudonymisation to minimise the personal information sent to AI providers.
Individuals can request access to, correction, export or deletion of their personal information. We respond within 30 days. Privacy questions and DPA requests: support@apexhqvet.com.au. See also our Privacy Policy.