Privacy Policy

MiKare Health – Privacy Policy
Effective date: 1 December 2025

1. Introduction

MiKare Health Pty Ltd ("MiKare", "we", "us", "our") is committed to protecting your privacy and handling your personal information in a lawful, transparent and secure manner.

This Privacy Policy explains how we collect, use, disclose, store and protect your personal data when you access or use:

Our website (mikare.health),
Our mobile application,
Any MiKare services or products,
Any communications between you and us.

This Policy applies globally. Where the laws of your country impose additional rights or obligations, those rights continue to apply.

2. Who We Are

MiKare Health Pty Ltd
Registered in Australia
Address: 81–83 Campbell Street,
Surry Hills NSW 2010, Australia
Email: hello@mikare.health

MiKare may act as:

Data Controller (when we determine how your information is used), and/or
Data Processor (when processing information on behalf of a client, partner or organisation).

3. Information We Collect

3.1 Information you provide

We may collect:

Identity and Account Information

Name
Email address
Telephone number
Login credentials
Address (if provided)

Health and Personal Data (only if you choose to upload it)

Health notes
Medical documents
Symptoms
Care information
Records and files stored by you

Communications

Support requests
Emails
In-app messages

3.2 Automatically collected information

When you use our services we may collect:

IP address
Browser type
Device type
Operating system
Usage activity
Date and time stamps
Diagnostics and error logs

4. How We Collect Information

We collect data when you:

Register or log in to an account
Use application features
Upload content
Communicate with support
Make purchases
Use website or app tools
Manage preferences
Provide consent

5. Legal Bases for Processing

We process your personal data under the following lawful bases:

Purpose Legal Basis

Account management – Contract
Health data storage – Explicit consent
Customer service – Legitimate interest
Billing and subscriptions – Contract
Fraud prevention – Legal obligation
Compliance – Legal obligation
Platform improvement – Legitimate interest
Marketing – Consent
Security – Legal obligation

We maintain a written Record of Processing Activities under Article 30 of the GDPR.

6. Health Data and Sensitive Information

Health data is treated as high-risk personal data.

MiKare:

Encrypts health data in transit and at rest
Restricts access by role
Logs access to systems
Does not sell health data
Does not disclose without a lawful basis
Never uses health data for advertising
Segregates sensitive records from general systems

Unless legally required, identifiable health data is never shared without consent.

7. Data Retention

Category Retention

Health uploads – While account is active + 90 days
Account details – Up to 90 days after closure
Support communications – Up to 12 months
Legal records – As required by law

After expiry, data is securely deleted or anonymised.

8. Account Deletion & Erasure

You may delete your account at any time through the app or by contacting support.

Once deleted:

Identifiable data is removed according to retention rules
Legal data is retained only when required
Anonymised usage data may be retained for analytics

Confirmation is provided within 14 business days.

9. Purchases, Subscriptions & Payments

When you make payments:

Third-party payment providers handle transactions
MiKare does not store complete card information
Refund rights follow compulsory local law
Subscriptions can be cancelled at any time
Pricing and renewal terms are displayed before purchase

Consumer rights apply in: Australia, the UK, the EU, the United States, Canada, and other applicable regions.

10. Sharing of Information

We may share information with:

Accredited hosting providers
Payment processors
Support platforms
Analytics providers
Security vendors
Professional advisers
Regulatory bodies when legally required

All recipients are contractually required to protect your data.

11. International Transfers

Your information may be transferred internationally.

We apply safeguards including:

GDPR Standard Contractual Clauses
Encryption
Security audits
Access control
Contractual restrictions on processing

12. AI and Automated Processing

MiKare may use automation for:

Platform performance
Security monitoring
De-identified analytics
Service improvements

We do not use identifiable health data to train AI systems without explicit consent.

You may object to automated processing affecting your rights.

13. Cookies and Tracking

We use cookies for:

Essential operation
Analytics
Security
Functionality
Advertising (where permitted)

You control cookies through our Cookie Control Panel.

14. Your Rights

GDPR / UK GDPR Users

You may:

Access your data
Correct your data
Delete data
Restrict processing
Export data
Object to marketing
Withdraw consent
Lodge complaints with regulators

United States Users

You may:

Request access
Request deletion
Opt out of data sharing
Correct personal data
Request disclosure reports

All Users

Requests are handled within 30 days.

Email: hello@mikare.health

15. Marketing

You can opt out at any time through:

App settings
Email preferences
Contacting support

16. Children

MiKare does not knowingly collect data from children under 16 without parental consent.

17. Security

We apply:

Encryption
Firewalls
Secure infrastructure
Monitoring
Staff training
Breach response controls

If a breach occurs:

Authorities are notified within the required timeframes
Affected users are informed promptly

18. Governing Law

This Policy is governed by the laws of New South Wales, Australia, subject to mandatory consumer rights in your country.

19. Updates

We may update this Policy.

The current version will always appear on our website.

20. Contact

MiKare Health Pty Ltd
81–83 Campbell Street
Surry Hills NSW 2010
Support@mikare.health

Our Core Values

Empathy

Innovation

Integrity