Last updated: 23 June 2026 · Version 1.0
This Privacy Policy explains how Carenetics Pty Ltd (ABN 67 687 641 505) (“we”, “us”, “our”) trading as ravel'dcollects, uses, stores and discloses your personal information through the ravel'd application (raveld.com.au).
We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). As a health service provider, we are required to comply with the APPs regardless of our annual turnover.
Carenetics Pty Ltd (ABN 67 687 641 505) operates ravel'd, a digital health platform that helps Australian patients request, store and manage their personal health records.
Privacy enquiries: chris@carenetics.com.au
Postal address: Available on request
We collect the following personal and sensitive information:
Identity information
Government health identifiers
Contact information
Health information
Provider information
If you store health information about a dependent (such as a child under 18), you confirm you have the authority to manage that person's health information and that doing so is in their best interests.
We collect information:
We collect your personal and health information to:
5.1 We will not use or disclose your health information for a secondary purpose unless:
5.2 We do not sell your personal information. Ever.
5.3 We do not use your health information for direct marketing.
5.4 We may use de-identified, aggregated data for product improvement purposes. This data cannot identify you.
6.1 ravel'd uses Claude AI, developed by Anthropic PBC (United States), to power our Rights Assistant chat feature, appointment preparation summaries, the Chat feature for asking questions about your uploaded records, and translation of your record summaries and request letters.
6.2 When you use these features, relevant portions of your health records and your questions are sent to Anthropic's API for processing. Anthropic processes this data solely to generate your response and does not use it to train AI models.
6.3 ravel'd AI provides health information only — it does not provide medical advice, diagnosis or treatment recommendations. ravel'd is not a registered medical device under the Therapeutic Goods Act 1989 (Cth). Always consult a qualified healthcare professional for medical decisions.
6.4 From December 2026, we will be required under the Privacy and Other Legislation Amendment Act 2024 to notify you when automated systems make decisions that significantly affect your rights. We will update this policy accordingly.
7.1 Your data is stored in Microsoft Azure's australiaeast (Sydney) data centre. Your health information does not leave Australia for storage purposes.
7.2 When you use AI features, your data is processed by Anthropic PBC in the United States. Anthropic maintains appropriate data protection safeguards. By using AI features, you consent to this cross-border disclosure.
7.3 We use Google OAuth for authentication. Google receives your email address and processes your authentication. Google's privacy policy applies to this processing.
8.3 No system is completely secure. If you believe your account has been compromised, contact us immediately at chris@carenetics.com.au.
9.1 We retain your personal information for as long as your account is active.
9.2 When you delete your account:
9.3 We may retain information for longer if required by law or to resolve a dispute.
You have the right to access the personal information we hold about you. You can access most of your information directly within the ravel'd app. To request a complete export, contact chris@carenetics.com.au. We will respond within 30 days.
You have the right to correct personal information that is inaccurate, incomplete or misleading. You can correct most information directly in the app. For other corrections, contact us.
If you believe we have breached the APPs, you may:
Where practicable, you may use ravel'd anonymously or under a pseudonym. However, most features require identification to generate accurate record request letters.
ravel'd is designed for use by adults (18 years and over). Adults may store and manage health information about their dependent children. We do not knowingly collect personal information directly from children under 18 without parental or guardian consent.
If we experience a data breach that is likely to result in serious harm to you, we will notify you and the OAIC as required under the Notifiable Data Breaches scheme (Privacy Act 1988, Part IIIC).
We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice in the app. The current version is always available at raveld.com.au/privacy.
Privacy Officer
Carenetics Pty Ltd (ABN 67 687 641 505)
Email: chris@carenetics.com.au
Website: raveld.com.au