Skip to content
Practitioner-led telehealth consultations, available Australia-wide Get started

Privacy Policy

Last updated: 15 May 2026

1. About This Policy

Televiora (ABN 87 695 209 851), operated by Mandeep Bedi ("we", "us", or "our"), is committed to protecting the privacy of every individual who interacts with our telehealth services. This Privacy Policy explains how we collect, hold, use, disclose, and otherwise manage your personal information, including health information, in accordance with the Australian Privacy Principles (APPs) set out in the Privacy Act 1988 (Cth) (the "Privacy Act").

Where we refer to "personal information" in this policy, we mean information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether it is recorded in a material form or not. This includes health information as defined in section 6FA of the Privacy Act.

We may also hold records subject to the Health Records and Information Privacy Act 2002 (NSW), the Health Records Act 2001 (Vic), the Information Privacy Act 2014 (ACT), and equivalent state and territory health records legislation, depending on where our patients are located.

A copy of the Australian Privacy Principles may be obtained from the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

2. Our Contact Details (APP 1)

If you have questions about this policy or how we handle your information, you can contact us using the details below.

  • Business name: Televiora (ABN 87 695 209 851)
  • Owner: Mandeep Bedi
  • Email: [email protected]
  • Address: Australia (registered office address will be updated prior to launch)
  • Website: televiora.com.au

3. Anonymity and Pseudonymity (APP 2)

Where it is lawful and practicable, we will give you the option of not identifying yourself, or of using a pseudonym, when dealing with us in relation to a particular matter. For example, you may browse our website and read general health information without identifying yourself.

However, due to the nature of the health services we provide, it is generally impracticable for us to deal with individuals who have not identified themselves. Accurate identification is required to ensure the safety and continuity of clinical care, to comply with our legal and professional obligations under applicable health legislation, and to meet the requirements of Medicare and private health insurance billing.

If you choose not to provide us with information we request, we may not be able to provide you with the health services you are seeking.

4. What Personal Information We Collect (APP 3)

We collect the types of personal information reasonably necessary for the provision of our telehealth services. This may include:

4.1 Identity and contact information

  • Full name, date of birth, and gender
  • Residential address and postal address
  • Email address and phone number
  • Medicare number, Individual Healthcare Identifier (IHI), and private health insurance details (where applicable)
  • Proof of identity documents

4.2 Health information

"Health information" is a subset of sensitive information and includes (but is not limited to):

  • Medical history, current health conditions, and symptoms
  • Information about current and past medications, treatments, and therapies
  • Pathology results, imaging reports, and clinical notes
  • Mental health assessments and psychosocial information
  • Information collected during telehealth consultations (video, phone, or written)
  • Health assessment questionnaire responses submitted through our website
  • Allergies, adverse reactions, and family health history
  • Information about disability, injury, or genetic information where relevant to clinical care
  • Referral letters and specialist correspondence
  • Care plans and management plans
  • Consultation metadata (date, time, duration, and mode of consultation)

4.3 Technical and usage information

  • IP address, browser type, device type, and operating system
  • Website usage data, pages visited, and referring URLs
  • Cookie data and analytics identifiers

5. How We Collect Personal Information (APP 3, APP 5)

Where reasonable and practicable, we collect personal information directly from you. This includes information you provide when you:

  • Complete a health assessment questionnaire on our website
  • Register for a Televiora account
  • Attend a telehealth consultation (video or phone)
  • Contact us by email, phone, or through the website contact form
  • Submit feedback or respond to a survey

In some cases, we may collect information about you from third parties, including:

  • Your referring GP or other treating health practitioners (with your consent, or where required by law)
  • Pathology and diagnostic imaging providers
  • Pharmacies that dispense medication on your behalf
  • Medicare and the Australian Immunisation Register
  • Hospitals and other health service providers involved in your care

Where we collect personal information from a third party, we will take reasonable steps to ensure you are aware of the collection and the matters set out in this policy.

6. Unsolicited Personal Information (APP 4)

From time to time, we may receive personal or health information that we did not solicit. Where we receive unsolicited personal information, we will promptly assess whether that information is of a kind we could have collected under our standard collection practices. If we determine that the information could not have been collected lawfully, and the information is not contained in a Commonwealth record, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

7. Purpose of Collection, Use, and Disclosure (APP 5, APP 6)

We collect, use, and disclose your personal information for the primary purpose of providing our telehealth services, which includes:

  • Assessing your suitability for our services through health questionnaires
  • Conducting telehealth consultations via video or phone
  • Preparing and issuing clinical notes, treatment plans, and prescriptions (where deemed medically appropriate)
  • Communicating with pharmacies for medication dispensing
  • Providing follow-up care, including check-in consultations and treatment adjustments
  • Coordinating with other treating health practitioners where relevant to your care
  • Processing payments and administering your account
  • Sending appointment reminders, treatment notifications, and service communications

We may also use your personal information for secondary purposes that are directly related to the primary purpose and which you would reasonably expect, including:

  • Internal quality improvement and clinical audit
  • Complying with our legal and regulatory obligations, including mandatory reporting requirements
  • Sending you communications about our services (you may opt out of marketing communications at any time by contacting us or using the unsubscribe link provided)

We will not use or disclose your health information for a purpose other than the primary purpose of collection without your consent, unless an exception under the Privacy Act applies (for example, where required or authorised by law, or where necessary to lessen or prevent a serious threat to the life, health, or safety of any individual).

8. Disclosure to Third Parties (APP 6)

We may disclose your personal information to the following types of third parties as part of delivering our services:

  • Treating health practitioners: Doctors, pharmacists, pathology providers, and other health professionals involved in your clinical care
  • Pharmacies: Registered Australian pharmacies that dispense medication prescribed during your consultation
  • Technology and platform providers: Providers of our telehealth platform, electronic health records system, hosting infrastructure, and communication tools (subject to contractual obligations regarding data protection)
  • Payment processors: Secure third-party payment gateways for processing consultation and treatment fees
  • Government and regulatory bodies: Including Medicare, the Australian Taxation Office, AHPRA, state and territory health complaints bodies, and law enforcement agencies, where required or authorised by law
  • Professional advisors: Our legal, accounting, and insurance advisors, where necessary for the operation of our business
  • Analytics providers: De-identified and aggregated data may be shared with analytics providers to improve our services. This data cannot be used to identify you personally

We will not sell your personal information to any third party.

9. Limits of Confidentiality and Mandatory Reporting

Your health information is treated as confidential. However, there are limited circumstances in which we are required or authorised by law to disclose your information without your consent. These include:

  • Mandatory reporting of notifiable diseases under public health legislation
  • Mandatory reporting of suspected child abuse or neglect to relevant child protection authorities
  • Court orders, subpoenas, or lawful requests from law enforcement agencies
  • Where there is a serious and imminent threat to an individual's life, health, or safety, or a serious threat to public health or safety
  • Reporting to AHPRA where a registered health practitioner has behaved in a way that constitutes notifiable conduct

10. Cross-Border Disclosure (APP 8)

We store your personal information in Australia wherever possible. However, some of the technology services we use (including cloud hosting, email delivery platforms, and analytics tools) may process or store data in overseas locations, including but not limited to the United States of America, the European Union, and Singapore.

Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient does not breach the Australian Privacy Principles in relation to your information. This may include entering into contractual arrangements that require the recipient to handle information in accordance with standards substantially similar to the APPs.

Where you consent to an overseas disclosure and the overseas recipient breaches the APPs, you may not be able to seek redress under the Privacy Act. We will inform you of this before seeking your consent.

11. Data Security and Storage (APP 11)

We take reasonable steps to protect your personal information from misuse, interference, loss, and from unauthorised access, modification, or disclosure. Our security measures include:

  • Encryption of data in transit and at rest
  • Access controls and role-based permissions for staff and clinicians
  • Secure hosting with Australian-based data centres where available
  • Regular security reviews and vulnerability assessments
  • Staff training on privacy and information security obligations

12. Retention and Destruction of Records (APP 11)

We retain your personal information, including clinical records, for as long as required to fulfil the purposes for which it was collected, or as required by law. Retention periods for health records are governed by a combination of Commonwealth and state or territory legislation, including:

  • Adult clinical records: A minimum of seven (7) years from the date of last entry, or longer where required by applicable state or territory health records legislation
  • Records of minors: Until the patient turns 25 years of age, or seven (7) years from the date of last entry, whichever is later
  • Medicare records: As required by Medicare legislation and the Health Insurance Act 1973 (Cth)

When personal information is no longer needed for any purpose for which it may lawfully be used or disclosed, and is not required to be retained by law, we will take reasonable steps to destroy it or ensure it is de-identified. Destruction is carried out securely, including the use of certified data destruction methods for electronic records.

13. Access to Your Personal Information (APP 12)

You have the right to request access to the personal information we hold about you. To make an access request, please contact us using the details in Section 2 of this policy.

We will respond to your request within 30 days. We will not charge a fee for making an access request, but we may charge a reasonable administrative fee for providing copies of records, particularly where the request requires significant preparation. We will advise you of any applicable fees before proceeding.

In limited circumstances, we may refuse access where permitted under the Privacy Act. For example, where providing access would pose a serious threat to the life or health of any individual, or where the request is frivolous or vexatious. Where we refuse access, we will provide you with written reasons for the refusal and advise you of your right to complain.

In order to protect your personal information, we may require you to verify your identity before we release any records.

14. Correction of Personal Information (APP 13)

You have the right to request that we correct personal information we hold about you that is inaccurate, out of date, incomplete, irrelevant, or misleading. To request a correction, please contact us using the details in Section 2.

We will respond to correction requests within 30 days. If we agree the information needs correcting, we will take reasonable steps to correct it. If we disagree, we will provide you with written reasons and advise you of your right to request that a statement of the correction sought be associated with the information.

15. Notifiable Data Breaches (Part IIIC, Privacy Act 1988)

In the event of a data breach that is likely to result in serious harm to any individual whose personal information is involved, we will comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act. This includes:

  • Conducting a reasonable and expeditious assessment of the suspected breach within 30 days
  • Notifying the Office of the Australian Information Commissioner (OAIC) if the breach is assessed as an eligible data breach
  • Notifying affected individuals as soon as practicable, including a description of the breach, the types of information involved, and recommended steps to reduce potential harm
  • Taking reasonable steps to contain the breach and mitigate any harm

16. Cookies and Website Analytics

Our website uses cookies and similar technologies to improve your experience and help us understand how our website is used. Cookies are small text files stored on your device when you visit a website.

We use the following types of cookies:

  • Essential cookies: Required for the website to function correctly (for example, session management and security)
  • Analytics cookies: Help us understand website traffic and user behaviour in an aggregated, non-identifying way
  • Marketing cookies: Used to measure the effectiveness of our advertising campaigns

You can control cookie settings through your browser preferences. Disabling certain cookies may affect the functionality of our website.

17. Complaints (APP 1)

If you believe we have breached the Australian Privacy Principles or handled your personal information inappropriately, you are entitled to make a complaint. To lodge a complaint:

  1. Contact us first: Write to us at [email protected] or by post to the address listed in Section 2. Please describe the nature of your complaint and any outcome you are seeking.
  2. Our response: We will acknowledge your complaint within five (5) business days and aim to provide a full response within 30 days. We may need to contact you to gather more information during this time.
  3. Escalation to the OAIC: If you are not satisfied with our response, or if we do not respond within 30 days, you may lodge a complaint with the Office of the Australian Information Commissioner:

You may also contact the relevant state or territory health complaints body if your complaint relates to the handling of your health records under state or territory legislation. For patients in New South Wales, this is the Health Care Complaints Commission (HCCC). For patients in Victoria, this is the Health Complaints Commissioner. Contact details are available on their respective websites.

Direct Marketing (APP 7)

We will only use your personal information for direct marketing purposes where we have obtained your express consent. We will not infer consent from silence or inaction.

You may opt out of receiving marketing communications at any time by:

We will process your opt-out request promptly and at no cost to you.

Government and Healthcare Identifiers (APP 9)

Where we collect government identifiers such as Medicare numbers or Individual Healthcare Identifiers (IHIs), these are used solely for their intended purpose, including Medicare billing and healthcare coordination.

We do not adopt government identifiers as our own internal patient identifiers. These identifiers are stored securely and are not disclosed except as required or authorised by law.

Automated Tools and Artificial Intelligence

Our online health assessment uses automated tools to collect and organise your health information for clinical review. These tools do not make clinical decisions, diagnoses, or prescribing determinations.

All clinical decisions, including whether to prescribe medication, are made by a qualified Australian practitioner who reviews your information and conducts a real-time consultation with you.

Telehealth Privacy

For telehealth consultations, we take the following privacy measures:

  • Identity verification is conducted before each consultation to confirm your identity
  • We recommend you attend your consultation from a private location
  • Your practitioner will confirm who, if anyone, is present with you before commencing
  • Consultations are not recorded unless you provide express consent
  • If a telehealth consultation is not clinically appropriate for your needs, your practitioner will advise you accordingly and may recommend an in-person consultation or referral

My Health Record

Televiora does not currently upload clinical documents to the My Health Record system. If this changes, we will update this policy and notify you before any information is uploaded. You retain the right to control what information is included in your My Health Record.

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through our website.

We encourage you to review this policy periodically. Your continued use of our services after changes are posted constitutes your acceptance of the updated policy.

19. Regulatory References

This Privacy Policy has been prepared with reference to the following legislation and regulatory guidance:

  • Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs)
  • Notifiable Data Breaches scheme (Part IIIC, Privacy Act 1988)
  • Health Records and Information Privacy Act 2002 (NSW)
  • Health Records Act 2001 (Vic)
  • Information Privacy Act 2014 (ACT)
  • My Health Records Act 2012 (Cth)
  • Health Insurance Act 1973 (Cth)
  • OAIC guidelines on Australian Privacy Principles
  • OAIC guidelines on health information and the Privacy Act