Privacy Policy

WELLSPRING is an allied health marketplace operated by Inevara Pty Ltd (ABN [TBD — confirm with Inevara Pty Ltd before public launch]), a company incorporated in Australia (“Inevara”, “we”, “us”, or “our”). WELLSPRING is one of the SINGULARITY family of marketplace platforms operated by Inevara.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information (including sensitive health information) when you use the WELLSPRING platform and associated applications (collectively, the “Platform”).

We are bound by the Privacy Act 1988 (Cth) (“Privacy Act”), the Australian Privacy Principles (“APPs”), and the National Disability Insurance Scheme Act 2013 (Cth) where applicable. Because the Platform handles health information, we apply heightened protections consistent with APP 3 (collection of sensitive information) and APP 6 (use or disclosure of personal information).

By creating an account or using the Platform you acknowledge you have read this Policy. If you do not agree, please do not use the Platform.

2.1 Account information

When you register, we collect:

• Full name and display name
• Email address
• Password (stored as a salted cryptographic hash — never in plain text)
• Mobile phone number (optional, used for appointment reminders)

2.2 Health and care information (consumers)

To enable our practitioner-matching service, we collect sensitive health information with your explicit consent:

• Health concerns and areas you are seeking support with
• Referral source (GP, specialist, self-referred, NDIS, or WorkCover)
• NDIS participant number (optional, if applicable)
• WorkCover claim status
• Private health fund name (optional)
• Whether you have a current GP referral letter on file
• Preferred geographic area and communication preferences

This information is classified as “sensitive information” under the Privacy Act. We collect it only with your explicit consent and use it solely for the purposes described in Section 3.

2.3 NDIS information

If you access the Platform as an NDIS participant, by proceeding you consent to sharing your NDIS participant information with matched providers to facilitate service delivery under your approved NDIS plan. Your information is handled in accordance with the Privacy Act 1988 and the NDIS Act 2013.

2.4 Provider profile information

If you register as an allied health practitioner, we also collect:

• AHPRA registration number and registration type
• Professional credentials, licences, and insurance details
• Service menu, pricing, and availability
• Business address and service-area postcode(s)
• WorkCover registration status (state/territory)
• Bank account details for payment disbursement (held by our payment processor — see Section 4)

2.5 Booking and claims records

For every booking and claim, we record:

• Date, time, service type, practitioner, and booking status
• Referral number and claim number (Medicare, NDIS, or WorkCover)
• Claim type (Medicare, NDIS, WorkCover, or private health fund)
• Payment metadata: amount, rebate, gap fee, and transaction reference
• Notes entered by the consumer at the time of booking

2.6 Device and analytics data

When you use the Platform, we automatically collect technical information including IP address (truncated), browser type, device identifiers (anonymised), pages visited, and session identifiers stored in secure HTTP-only cookies. We use this data for security monitoring, fraud detection, and product improvement. We do not sell this data to advertisers.

We do not sell your personal information. We disclose it only in the following circumstances:

4.1 With practitioners upon booking

When you confirm a booking, we share your name, contact information, relevant health concerns, referral details, and funding type with the practitioner. Practitioners are contractually prohibited from using this information for any purpose outside delivering services to you through the Platform.

4.2 Payment processors

Payments are processed by third-party processors (Stripe and/or Paddle). These processors operate under their own privacy policies and are bound by PCI-DSS obligations. We do not store full card numbers on our infrastructure.

4.3 Government and regulatory bodies

For Medicare claims, relevant transaction data is shared with Services Australia as required by the Health Insurance Act 1973. For NDIS claims, relevant data is shared with the NDIA as required by the NDIS Act 2013. For WorkCover claims, relevant data is shared with the applicable state or territory insurer.

4.4 Infrastructure and hosting

We host the Platform on Amazon Web Services (Sydney region, ap-southeast-2). Inevara has data processing agreements with AWS requiring compliance with the Privacy Act.

4.5 Legal requirements

We may disclose personal information if required by law, court order, or regulatory direction, or where necessary to prevent harm.

• Account and profile data: retained for the life of your account plus 24 months after closure.
• Health and booking records: retained for 7 years from the date of the appointment, consistent with Australian health records obligations and taxation law.
• Medicare/NDIS/WorkCover claim records: retained for the minimum period required by the applicable legislation (generally 7 years).
• Device and analytics logs: retained for 13 months in identifiable form, then aggregated and de-identified.

• TLS 1.2+ encryption for all data in transit
• AES-256 encryption at rest for sensitive fields
• Passwords stored using cryptographic hashing — never in plain text
• Role-based access controls — staff access personal data only as required for their role
• Multi-factor authentication required for administrative access
• Data stored in AWS ap-southeast-2 (Sydney) — Australian soil

In the event of a data breach likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required under the Notifiable Data Breaches scheme (Privacy Act 1988, Part IIIC).

We use essential session cookies to maintain your authentication state, preference cookies to remember your settings, and (with your consent where required) analytics cookies to improve the Platform. Non-essential cookies do not affect core Platform functionality.

The Platform is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware a minor has created an account, we will promptly delete that account and associated data.

• Access: Request a copy of the personal information we hold about you within 30 days.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your account and data, subject to legal retention obligations. Go to Settings → Account → Delete Account, or contact us.
• Withdrawal of consent: Where processing is based on consent (e.g. health profiling for matching), you may withdraw consent at any time in account settings. This will not affect the lawfulness of prior processing.
• Complaint: You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

To exercise your rights or make a privacy enquiry, contact our Privacy Officer:

We aim to respond to all privacy enquiries within 30 days.

We may update this Privacy Policy from time to time. When we make a material change, we will notify you by email and/or by displaying a prominent notice on the Platform at least 14 days before the changes take effect. Continued use of the Platform after a change takes effect constitutes acceptance of the updated Policy.