Privacy Policy

1. Who We Are

Biomicrology Pty Ltd (ABN [TBD]) (“Biomicrology”, “we”, “us”) operates the Biocrome diagnostic platform and this website. We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where we handle personal data of individuals in the European Economic Area, we also comply with the General Data Protection Regulation (GDPR).

2. Information We Collect

We collect information only as needed to operate our services:

• Contact and enquiry data — name, email address, organisation, and message content when you contact us via our website or book a call.
• Account data — email address and organisational details when you register for dashboard access.
• Device telemetry — operational metrics from Biocrome field devices (device ID, firmware version, connectivity status). This data does not include patient identifiers.
• Diagnostic data — anonymised assay results submitted by authorised healthcare facilities. All patient identifiers are removed before transmission.
• Technical data — IP address, browser type, and page visit data collected automatically by our hosting infrastructure (Cloudflare).

3. How We Use Your Information

• Responding to enquiries and booking requests
• Providing and improving the Biocrome platform and dashboard
• Monitoring device health and service continuity
• Complying with regulatory obligations (TGA, and applicable international IVD regulations)
• Sending service-related communications (no marketing without consent)

4. Diagnostic Data and Patient Privacy

The Biocrome platform is designed so that patient-identifiable information is never transmitted to our servers. Assay results are anonymised at the point of care before upload. We do not receive, store, or process patient health records. Healthcare facilities using Biocrome remain the data controller for patient data under applicable health privacy laws.

5. Sharing Your Information

We do not sell personal information. We share data only:

• With service providers operating under data processing agreements (hosting, email delivery, analytics)
• Where required by law or regulatory authority
• With your explicit consent

Key service providers include: Cloudflare, Inc. (hosting and CDN); Resend, Inc. (transactional email). These providers process data under their own privacy commitments and our instructions.

6. Data Retention

We retain personal data only as long as necessary for the purpose for which it was collected, or as required by law. Contact enquiry data is retained for [TBD] years. Device telemetry is retained for [TBD] years for quality and regulatory purposes.

7. Your Rights

Under Australian privacy law and, where applicable, the GDPR, you may request:

• Access to personal information we hold about you
• Correction of inaccurate information
• Deletion of your information (subject to legal retention obligations)
• Restriction of processing or objection to processing (GDPR)
• Data portability (GDPR)

To exercise any of these rights, contact us at privacy@biomicrology.com. We will respond within 30 days.

8. Security

We implement technical and organisational measures to protect personal information against unauthorised access, loss, or disclosure. These include encrypted data transmission (TLS), access controls, and regular security review. See our Security Disclosure Policy for how to report vulnerabilities.

9. Cookies

Our public website uses minimal cookies. See our Cookie Policy for details.

10. Changes to This Policy

We may update this policy from time to time. The “Last updated” date above reflects the most recent revision. Material changes will be communicated via our website.

11. Contact

For privacy enquiries or complaints, contact:

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).