top of page

Privacy Policy – Metavate Connect

Effective Date: 1st September 2025

Issued by: Metavate Consulting ABN 42 648 920

1. Introduction

Metavate Connect is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose and store your health-related and personal information, in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our app, you agree to the terms of this Privacy Policy and consent to the handling of your information as described below.

2. What Information We Collect

We may collect the following types of information from you:

2.1 Health Information (Sensitive Information)

  • Responses to cognitive tests, health, mood, psychological and wellness surveys

  • Information related to symptoms, lifestyle, or outcomes

  • Feedback on cognitive, health and wellness products and interventions

2.2 Technical and Usage Information

  • Device type and operating system

  • App usage metrics (e.g., time spent, button taps)

  • Error reports and diagnostics

2.3 Optional Identifiable Information

  • Name and contact details (if you voluntarily provide them)

  • Address for product shipment (if applicable)

  • Demographic information about you (e.g., gender, age, and other information related to how you may respond to a product or intervention)

We will not collect any personally identifiable health information without your explicit and informed consent.

 

3. How We Collect Your Information

We collect information:

  • Directly from you when you complete tasks/tests, surveys, questionnaires, or forms within the app

  • Automatically through app usage logs and analytics tools

  • From any communication you initiate with us (e.g., email, support)

 

4. Why We Collect Your Information

We collect your information to:

  • Deliver personalised app features and improve usability (e.g., to communicate to you whether your score on a test or questionnaire has changed due to taking a product or completing an intervention).

  • Conduct health-related research and analysis (e.g., to collect large scale data to answer an important question about the efficacy and safety of a health product or an intervention)

  • Evaluate the effectiveness of health interventions (e.g., does an intervention improve wellbeing?)

  • Develop new services, insights, and recommendations (e.g., does a product work as intended?)

  • Comply with ethical and legal obligations for health data management

 

5. Legal Basis for Collection and Use

Under Australian law, health data is considered sensitive information. We will only collect and use your health data if:

  • You have given informed consent, or

  • It is required for research or statistical purposes and is de-identified, or

  • We are required to do so by law

 

6. Disclosure of Your Information

We may share your de-identified or aggregated data with:

  • Research partners, companies who’s products we are testing or interventions that we are evaluating, ethics-approved investigators, or academic institutions

  • Our data hosting providers and IT support services (bound by confidentiality)

  • Regulatory authorities if required by law

  • In the form of de-identified data for journal or other publications

We will never sell or rent your personal or health data to third parties.

 

7. Data Storage and Security

We take reasonable steps to protect your data, including:

  • encryption of data in transit (TLS) and at rest (AES-256)

  • access controls and secure authentication

  • using Google’s Firebase data collection software. Using this application data in real time is hosted by a cloud-hosted NoSQL database that stores data as a JSON tree. Data is stored using Google Cloud's infrastructure. Specifically, the data is stored in one of Firebase's cloud-based database services. Firebase uses multiple security layers, including Firebase Authentication for user identity, Firebase Security Rules to control data access for databases and Cloud Storage, and Firebase App Check to block unauthorized traffic. Firebase also adheres to international standards like ISO 27001 and SOC compliance for its services, ensuring robust security infrastructure. Data is protected with SSL encryption, and we use FCM server keys and service account keys to keep data secret.

  • your data will be stored in a Google cloud base server located in either Melbourne or Sydney Australia.

 

8. Cross-Border Transfers

We do not transfer your data overseas unless:

  • it is necessary for processing and

  • appropriate safeguards (e.g., contractual clauses) are in place to protect your data

 

9. Your Rights

You have the right to:

  • access the information we hold about you

  • request correction or deletion of your data

  • withdraw your consent at any time

  • make a complaint about how your information is handled

To exercise these rights, contact our Privacy Officer:

Email: privacy@metavate.consulting
Address: Level 17, International Towers 3, 300 Barangaroo Av. Sydney 2000, NSW, Australia  

Phone: +61 407 202012

 

10. Data Retention

  • Depersonalised research data may be retained indefinitely

  • Identifiable personal data (if collected) is retained only as long as necessary to provide the service or as required by law

  • You can request your data to be deleted at any time

 

11. Complaints

If you are concerned about your privacy, contact our Privacy Officer. If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

 

12. Changes to This Policy

We may update this policy from time to time. Any changes will be posted in the app and on our website with the updated date.

 

13. Contact Us

For any questions or feedback about this policy:
Metavate Consulting Privacy Officer

Email: privacy@metavate.consulting
Address: Level 17, International Towers 3, 300 Barangaroo Av. Sydney 2000, NSW, Australia  

Phone: +61 407 202012

bottom of page