1.1 This Privacy Statement (“Statement”) describes how Avoca Systems Pty Ltd (ABN: 23 686 494 806) (“Avoca,” “the Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1.2 The Statement is intended to ensure transparency and to uphold the privacy rights of individuals engaging with our services, including patients, healthcare professionals, clinics, and business partners.
2.1 This Statement applies to all personal and health information collected and handled by Avoca in the course of providing AI-powered communication and automation services within the Australian healthcare sector.
2.2 It extends to data collected via:
2.2.1 Telephone interactions processed through our AI agents;
2.2.2 Electronic forms and booking systems;
2.2.3 Clinic management and referral platforms;
2.2.4 Direct communication with patients, providers, and clients.
3.1 Avoca may collect personal and health information including:
3.1.1 Names, contact details, and demographic information;
3.1.2 Referral and booking details;
3.1.3 Health information disclosed by patients or healthcare providers;
3.1.4 Communication and interaction history via our AI systems.
3.2 Information is collected:
3.2.1 Directly from individuals (e.g. during phone calls or digital form submissions);
3.2.2 From third-party systems such as Practice Management Software (PMS)
3.2.3 Through automated means where permitted by law.
3.3 All collection is guided by the principles of necessity, informed consent, and data minimisation.
4.1 Avoca collects and uses personal information for the following purposes:
4.1.1 To facilitate patient scheduling, communication, and engagement;
4.1.2 To process and triage referrals;
4.1.3 To enable clinic and provider coordination;
4.1.4 To improve service quality, safety, and automation accuracy;
4.1.5 To comply with legal, regulatory, and professional obligations.
4.2 Transcriptions and multilingual workflows are subject to additional safeguards, including de-identification for system improvement and clinical validation of medical translations.
5.1 Personal information may be disclosed to:
5.1.1 Clinics, referrers, and treating healthcare professionals for care coordination;
5.1.2 IT service providers who support our technology infrastructure;
5.1.3 Regulatory authorities where required by law.
5.2 Disclosures are limited to the minimum information necessary, subject to confidentiality agreements, and governed by Avoca’s Vendor Evaluation Checklist.
6.1 All identifiable personal and health information is stored on secure infrastructure physically located within Australia.
6.2 Avoca implements rigorous security measures, including:
6.2.1 Encryption in transit (TLS 1.2+) and at rest (AES-256);
6.2.2 Role-based access controls and multi-factor authentication;
6.2.3 Regular audits, monitoring, and vulnerability testing;
6.2.4 Business Continuity and Disaster Recovery planning.
6.3 Additional details are set out in Avoca’s Data Storage Policy and Cyber Security Policy.
7.1 Individuals may request access to, or correction of, their personal information by contacting our Privacy Officer (see Section 10).
7.2 Requests will be actioned within a reasonable timeframe, consistent with the Privacy Act 1988 (Cth).
8.1 Privacy-related complaints should be submitted in writing to our Privacy Officer.
8.2 Avoca will investigate all complaints and respond in writing within 30 calendar days.
8.3 If the complaint is not resolved to the individual’s satisfaction, they may escalate it to the Office of the Australian Information Commissioner (OAIC).
9.1 Avoca maintains a Data Breach Response Plan and Incident Response Plan.
9.2 In the event of an eligible data breach, Avoca will notify the OAIC and affected individuals in accordance with the Notifiable Data Breaches (NDB) Scheme.
10.1 This Statement is reviewed annually or earlier if required by:
10.1.1 Changes in legislation or regulation;
10.1.2 Changes to service offerings or data practices.
10.2 Amendments must be approved by executive management and published on Avoca’s official channels.
For all privacy-related enquiries, requests or complaints, please contact:
Privacy Officer
Avoca Systems Pty Ltd
3A Macquarie St, Sydney 2000 NSW, Australia
Email: privacy@getavoca.com