Privacy Policy

Notive (“we”, “us”, or “our”) is committed to protecting the privacy of residents, care staff, and facility managers who use our platform. This policy explains how we collect, use, store, and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Notive is built and operated in Australia. We take data privacy seriously, particularly given the sensitive nature of aged care resident information.

All resident data is stored in Sydney, Australia on encrypted servers hosted on Amazon Web Services (AWS) in the ap-southeast-2 region.

We do not store data outside Australia except where necessary for AI processing (see below). We never sell, rent, or share personal data with third parties for marketing purposes.

Notive uses voice recording to capture handover observations. Voice recordings are transcribed in real time and immediately discarded. No audio is ever retained on our servers or any third-party server.

The transcription process may involve sending audio to an offshore AI provider for processing. This processing follows a strict zero data retention (ZDR) policy: no data is stored, cached, or logged by the processing provider. The resulting transcript is returned to Notive and stored in Australia.

Some AI processing may occur outside Australia. Where this is the case, Notive enforces a zero data retention policy with all offshore providers. This means:

• No data is stored or cached by the offshore provider
• No data is used for training AI models
• No logs containing personal information are retained
• Data is processed transiently and returned immediately

We collect only the information necessary to provide the Notive service:

• Facility administrators: Name, email address, facility details
• Care staff: Name, email address (for login), shift records
• Residents: Name, room number, handover notes (text only, no audio)

We do not collect health information beyond what carers choose to document in handover notes.

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. Access is role-based: care staff can only access their own facility's records. Managers have oversight of their facility only.

We implement brute-force protection, secure session management, and a complete audit trail of all access and actions.

Under the Privacy Act 1988 and Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your account and associated data
• Make a complaint about how we handle your information

To exercise any of these rights, contact us at hello@notive.com.au.

Notive is designed to support compliance with the Aged Care Quality and Safety Commission's standards, including requirements for accurate documentation and resident records. Our platform does not replace clinical judgement. It assists carers in creating consistent, professional documentation.

We may update this policy from time to time. Significant changes will be communicated to facility administrators via email. Continued use of the platform after notification constitutes acceptance of the updated policy.

If you have questions about this privacy policy or how we handle your data, please contact us: