Privacy Policy

Updated: 20/04/2026

Med CPD Pty Ltd ACN 646 012 562 (‘we’, ‘our’, ‘us’) is committed to protecting the personal information we collect and hold about you. This Privacy Policy (Policy) explains how we collect, use, disclose and protect personal information, and how you can contact us with questions, access requests, correction requests or complaints. We handle personal information in accordance with applicable Australian privacy laws, including the Privacy Act 1988 (Cth) (Privacy Act) where it applies.

By creating an account, using our website or services, contacting us, or otherwise providing information to us, you acknowledge that we may collect, hold, use and disclose your personal information as described in this Privacy Policy.

We may update this Privacy Policy from time to time. The most current version will be published on our website. Where we make material changes, we may also notify you by email, in-platform notification, or other reasonable means.

If you have any queries, concerns or complaints about how we handle your personal information, please contact our Privacy Officer in the first instance:

Privacy Officer Contact: Lars Paschburg
Email: admin@medcpd.com

Postal address
Attention: Privacy Officer
322 King William St
Adelaide, SA 5000

Our website may contain links to other websites. When you click on a link to another site, you are no longer subject to this Privacy Policy.

1. What personal information do we collect?

We collect personal information that is reasonably necessary to provide and improve the Med CPD platform and related services.

Depending on how you interact with us, we may collect:

– account information: such as your first name, last name, email address, date of birth, and login or authentication-related details
– profile information: such as your interests, preferences, general location, and professional ID number where you choose to provide it
– communications information: such as enquiries, feedback, support requests, and survey responses
– technical and usage information: such as IP address, browser type, device information, pages viewed, approximate location, and cookie or analytics data
– payment-related information from third-party payment providers: such as subscription status, billing confirmation, and limited transaction details needed to manage your account

We do not store your full payment card details ourselves. Payment processing is handled by third-party payment providers such as Stripe.

1.1 How we collect personal information

We may collect personal information:

– directly from you when you create an account, complete your profile, submit information through the platform, contact us, or otherwise interact with us
– automatically through cookies, analytics tools and similar technologies when you use our website or platform
– from third-party service providers where reasonably necessary to operate our services, including payment processors and technical service providers

1.2 Cookies and analytics

We use cookies and similar technologies to operate our website, keep users signed in where applicable, understand how the platform is used, improve performance, and support analytics and communications functions.

These technologies may collect technical and usage information such as IP address, browser information, device information, pages viewed, referring URLs and timestamps. Depending on the circumstances, this information may be associated with your account or otherwise constitute personal information.

We may use third-party analytics tools, such as Google Analytics, to help us understand website and platform usage. You can control or disable cookies through your browser settings, although this may affect website functionality.

1.3 Device and location information

If you access our website or services through a mobile or other device, we may receive technical information about that device and approximate location information derived from the device or network connection. Depending on the circumstances, this information may be linked to your account or otherwise treated as personal information.

1.4 Sensitive information

We do not ordinarily collect sensitive information such as health information, political opinions, religious beliefs, trade union membership, sexual orientation, or similar information.

In some cases, users may choose to provide, or we may incidentally receive, information that may be considered sensitive information under applicable law, including information about membership of a professional or trade association, college or similar body where you choose to provide that information through your account, profile, listing, onboarding process or other interaction with us.

Where this information is considered sensitive information under applicable law, we will only collect and handle it where it is reasonably necessary for our services and where permitted by law.

1.5 Anonymity and pseudonyms

Where lawful and practicable, you may choose not to identify yourself or to use a pseudonym when dealing with us. However, in many cases this will not be practicable if you wish to create an account, use key features of the platform, purchase a subscription, or otherwise access our services.

2. How do we use your personal information?

We use personal information to:

– create and manage user accounts
– provide access to the Med CPD platform and related services
– manage subscriptions, billing administration, and payment confirmation
– communicate with users about accounts, security, support, and service updates
– send marketing communications in accordance with user preferences and applicable law
– improve platform functionality, performance, security, and user experience
– conduct internal reporting, analytics, and service planning
– comply with legal obligations and protect our rights

We generally only use personal information for the purpose for which it was collected, for related purposes you would reasonably expect, where you have consented, or where otherwise permitted or required by law.

2.1 Marketing and service communications

We may send you service and account communications, such as:

– password reset emails
– login verification or two-factor authentication messages
– account confirmation emails
– billing or subscription notices
– important service announcements
– support and administrative communications

These communications are generally necessary to provide and secure your account and are not treated as marketing communications.

We may also send marketing communications, including by email, such as newsletters, product or feature updates, promotional campaigns, invitations, surveys or other engagement messages that promote our services.

We will send marketing communications in accordance with applicable law and your communication preferences. Where required, we will only send these communications where you have opted in or otherwise consented.

You can opt out of marketing emails at any time by using the unsubscribe link in the message or by contacting us using the details in this Privacy Policy. We will continue to send necessary service or account-related communications where required for the operation or security of your account.

2.2 Who do we disclose personal information to?

We may disclose personal information to third parties that help us operate our website, platform and services, including:

– cloud hosting and infrastructure providers
– payment processors and subscription management providers
– analytics and reporting providers
– email, authentication and communications providers
– IT support, development and security providers
– professional advisors such as legal, accounting or compliance advisors
– regulators, government bodies, courts, law enforcement agencies or other parties where disclosure is required or authorised by law

We do not sell your personal information to third parties.

We may also disclose information where reasonably necessary to protect our rights, investigate misuse of our platform, enforce our terms, or respond to lawful requests.

2.3 Public-facing content

Some information you choose to include in your profile, provider listing, business page, course listing, review or similar content may be visible to other users or the public and may be indexed by search engines or otherwise accessed by third parties. You are responsible for deciding what information you choose to make publicly available through the platform.

3. How do we store and protect personal information?

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, and unauthorised access, modification or disclosure.

These steps may include:

– hosting data on secured Australian cloud infrastructure
– applying access controls and role-based permissions
– using secure authentication and verification controls
– using encryption and secure transmission methods where appropriate
– monitoring systems and maintaining security processes and procedures
– limiting internal access to personal information to those who need it
– using reputable service providers and requiring appropriate security standards from them
– reviewing retention and deletion practices so information is not kept longer than reasonably necessary

No system is completely secure. While we take reasonable steps to protect personal information, we cannot guarantee absolute security.

3.1 Payment processing

We use third-party payment processors, including Stripe, to process payments for subscriptions and other paid services. Stripe processes payment card details on our behalf. We do not store full payment card numbers ourselves.

We may receive limited information from Stripe and similar providers to help us manage subscriptions, reconcile payments, detect fraud, respond to support requests and maintain account records.

3.2 Overseas disclosure and storage

Our primary hosting environment is based in Australia, including Australian AWS infrastructure used to support the Med CPD platform.

Some third-party service providers we use, such as payment, analytics, communications, authentication or support providers, may store, process, access or disclose personal information outside Australia, or may permit access from overseas, in the course of providing their services. These service providers may be located in, or operate from, various jurisdictions globally. Where we engage such providers, we take reasonable steps to use reputable providers and to ensure appropriate contractual, technical and organisational safeguards are in place.

3.3 Retention

We keep personal information only for as long as it is reasonably necessary for the purposes described in this Privacy Policy, including to provide our services, maintain account records, comply with legal and accounting requirements, resolve disputes, enforce our agreements, and support security and fraud prevention processes.

When personal information is no longer reasonably required, we take reasonable steps to destroy it or de-identify it, unless we are required or permitted by law to retain it.

3.4 Data breaches

If we become aware of a data breach affecting personal information, we will assess the incident promptly and take reasonable steps to contain and respond to it. Where required by applicable law, we will notify affected individuals and any relevant regulator. Even where notification is not legally required, we may notify affected individuals where we consider the incident presents a material risk.

4. Accessing, correcting and managing your information

You can access and update much of your personal information directly by logging into your account.

You may also request access to the personal information we hold about you, or request correction of inaccurate, incomplete or out-of-date information, by contacting us in writing using the details below.

We may need to verify your identity before processing your request. We will respond within a reasonable period and, where applicable, aim to respond within 30 days.

We will not charge a fee for making an access or correction request, although we may charge a reasonable administrative fee for giving access in limited circumstances where permitted by law.

If we refuse a request, we will provide written reasons where required and explain how you can make a complaint.

4.1 Account closure and deletion

You may close or disable your account through your account settings where that functionality is available. You may also contact us to request account closure or deletion assistance.

When an account is closed, we may retain certain information for as long as reasonably necessary for legal, accounting, security, fraud prevention, dispute resolution, technical backup, operational or business record purposes. We may also retain de-identified information or information that we are required or permitted to keep by law.

5. Complaints

If you have a question, concern or complaint about how we handle personal information, please contact our Privacy Officer using the details below, preferably by email. We may ask you to provide your complaint in writing so we can properly investigate and respond.

We may also need to verify your identity before dealing with requests or complaints relating to personal information.

We will consider your complaint and respond within a reasonable period.

If you remain dissatisfied and applicable law gives you that right, you may contact the Office of the Australian Information Commissioner.

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001

For more information on privacy, visit the Office of the Australian Information Commissioner website.

Collection notice:

By creating an account, you acknowledge that Med CPD may collect, use and disclose your personal information as described in this Privacy Policy, including for account creation, platform access, support, billing administration, security, analytics and communications. Where required by law, we will ask for your consent. You can manage your profile information and communication preferences through your account settings.