AttendMe Owl Logo
AttendMe
Sign In

AttendMe Pty Ltd Privacy Policy

Last updated: March 2026

AttendMe Pty Ltd operates the AttendMe medical research assistant application. This Privacy Policy describes how we collect, use, and share information about you when you use our websites, mobile applications, and related services (collectively, the “Services”). By using AttendMe, you agree to the collection and use of information as described in this policy.

1. Information We Collect

Personal Information

  • Name, email address, professional credentials
  • Payment details (processed securely via Stripe on web, RevenueCat on mobile)

Usage Data

  • Medical queries and research questions, search patterns, interaction data, feature preferences

Technical Information

  • Device type, IP address, browser data, operating system, app performance metrics

2. How We Use Your Information

  • Deliver AI-powered medical research, generate responses, and provide citations
  • Account management, authentication, and support
  • Service-related communications (account updates, security notices)
  • Enhance citation accuracy, develop new features, and conduct anonymized analytics to improve service quality
  • Legal compliance and responding to lawful requests

We do not sell your personal information. Your queries and usage data are never sold or shared with third parties for their marketing purposes.

3. Data Sharing

We do not sell your personal information. We share data only in these limited circumstances:

  • With service providers who help operate our platform (under strict confidentiality)
  • When required by law or legal process
  • With your explicit consent
  • In aggregated, non-identifiable form for research

We do not share your personal data with advertisers or marketing companies.

4. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: All data encrypted in transit (TLS) and at rest
  • Access Controls: Strict authentication and authorization protocols
  • Monitoring: Continuous security monitoring and error tracking
  • Compliance: Our infrastructure providers maintain SOC 2 Type II certification

5. Your Rights

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Delete your account and data
  • Portability: Export your data
  • Marketing: Opt-out of promotional emails

To exercise these rights, contact us at harry@attendme.ai

6. AI Processing & Third-Party AI Services

AttendMe uses third-party AI services to process your queries and generate responses:

  • AI Provider: Your queries are sent to OpenAI's API (GPT models) to generate evidence-based responses
  • Data Sent: Only the text of your query is transmitted. No patient data, personal identifiers, or medical records are sent
  • Zero Retention: OpenAI operates under a zero-retention API policy — your data is not stored by OpenAI and is not used to train their models
  • Embeddings: We use OpenAI's embedding models to match your queries against our curated medical literature database. Embeddings are mathematical representations, not readable text
  • No Patient Data: AttendMe is a literature research tool. Never enter patient-identifiable information into queries

By using AttendMe, you consent to your queries being processed by OpenAI as described above.

7. Data Retention

We retain your data as long as your account is active or as needed to provide services. You can request deletion at any time. Some data may be retained longer for legal or security purposes.

8. Third-Party Services

We use the following third-party services to operate AttendMe:

  • OpenAI — AI query processing and text embeddings (zero-retention API, US-based)
  • Supabase — Database and authentication (Singapore, Asia-Pacific)
  • Vercel — Web hosting and edge network (global)
  • Stripe / RevenueCat — Payment processing (web / mobile)
  • Sentry — Error monitoring and crash reporting
  • PostHog — Anonymized product analytics

Each service operates under its own privacy policy and data processing terms.

9. Data Storage and International Transfers

AttendMe Pty Ltd is an Australian company. Your data is primarily stored and processed within the Asia-Pacific region:

  • Singapore (Asia-Pacific) — Primary database (Supabase)
  • Sydney, Australia (Asia-Pacific) — Cache and session data
  • Global Edge Network — Web hosting (Vercel) — serves from nearest location to user
  • United States — AI processing (OpenAI), error monitoring (Sentry)

We ensure all data transfers are protected by:

  • Data Processing Agreements with all service providers
  • Verification that providers maintain appropriate security certifications (SOC 2 Type II)
  • Contractual obligations requiring comparable levels of data protection

For Australian users, these measures satisfy APP 8 requirements. For New Zealand users, these measures satisfy IPP 12 requirements for cross-border disclosure.

10. Your Rights by Jurisdiction

Australia (Privacy Act 1988)

Under the Australian Privacy Principles (APPs), you have the right to:

  • Access the personal information we hold about you (APP 12)
  • Correct inaccurate or out-of-date information (APP 13)
  • Complain about our handling of your personal information
  • Know how your information is collected, used, and disclosed

If you are not satisfied with our response to a privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or call 1300 363 992.

View our full Australian Privacy Act Compliance statement →

New Zealand (Privacy Act 2020)

Under the Information Privacy Principles (IPPs), you have the right to:

  • Access your personal information held by us (IPP 6)
  • Request correction of incorrect information (IPP 7)
  • Know how your information is used and disclosed
  • Complain to the Privacy Commissioner if you believe your privacy has been breached

Contact the New Zealand Privacy Commissioner at privacy.org.nz or call 0800 803 909.

United States (California and Other States)

If you are a California resident, you have rights under the CCPA/CPRA including:

  • Right to know what personal information we collect and how it is used
  • Right to delete your personal information (subject to exceptions)
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

Residents of other US states with privacy laws (Virginia, Colorado, Connecticut, etc.) have similar rights. Contact us at harry@attendme.ai to exercise these rights.

11. Important Notes

  • Australian Company: AttendMe Pty Ltd is registered and operated from Australia
  • TGA Regulatory Classification: AttendMe qualifies for the Clinical Decision Support Software (CDSS) exemption under Part 2 of Schedule 4 of the Therapeutic Goods (Medical Devices) Regulations 2002, is intended for licensed healthcare professionals, and in the current supplied product does not directly ingest patient context for analysis
  • For Healthcare Professionals: This application is intended for use by qualified healthcare professionals only
  • No response to “do not track” browser signals
  • Service-related emails cannot be unsubscribed while maintaining membership

AttendMe is committed to protecting your privacy. We do not sell your personal information to third parties. Our business model is based on subscription revenue, not data monetization.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through the service. Your continued use after changes constitutes acceptance of the updated policy.

Contact Us

For privacy-related questions or concerns:

Email: harry@attendme.ai

This privacy policy is effective as of March 2026