Privacy Policy

Last updated: March 2026

1. Introduction

Oak Med Spa (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Oak Med Spa mobile application and related services.

2. Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, date of birth, and gender when you create an account.
  • Health Data: Mood entries, symptom logs, heart rate, body temperature, HRV, and other vitals you choose to track or sync from Apple Health or Google Health Connect.
  • Medical Information: Test results, biomarker data, prescriptions, and clinical notes entered by your healthcare provider.
  • Usage Data: App interactions, device information, and analytics data to improve our services.
  • Appointment Data: Booking details, telehealth session information, and communication records.

3. How We Use Your Information

  • To provide and maintain our health tracking and appointment services
  • To generate personalised health insights and recommendations
  • To facilitate communication between you and your healthcare providers
  • To process and display your test results and medical records
  • To send appointment reminders and health-related notifications
  • To improve our app and develop new features

4. Data Storage and Security

Your data is stored securely using industry-standard encryption. We use Supabase as our database provider, which employs row-level security, encryption at rest, and encryption in transit. Authentication credentials are stored using secure device storage (Expo SecureStore).

5. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication
  • Apple Health / Google Health Connect: Health data synchronisation (only with your permission)
  • Twilio: SMS verification and video consultations
  • Zoom: Telehealth video appointments

6. Your Rights

You have the right to:

  • Access, update, or delete your personal information
  • Export your health data in a portable format
  • Opt out of analytics and personalised recommendations
  • Control data sharing preferences with your healthcare provider
  • Request account deletion, which will permanently remove all associated data

You can manage these settings within the app under Profile > Privacy & Data.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. When you delete your account, all personal data is permanently removed within 30 days, except where retention is required by law.

8. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the “Last updated” date and, where appropriate, through in-app notifications.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Oak Med Spa
Email: support@oakmedspa.com.au
Website: oakmedspa.com.au