Legal
Privacy Policy
Last updated: April 2026
Overview
OptoGuide™ is a clinical workflow tool for Australian optometrists. This policy describes what information we collect, how we use it, and the safeguards in place to protect it. We have designed OptoGuide™ from the ground up to minimise data collection and to ensure that no patient-identifiable information is ever stored or transmitted through our systems.
Patient data — explicit statement
OptoGuide™ does not store or transmit patient-identifiable information.
Prescription and referral generation is performed entirely in your browser. Any patient name, address, date of birth, or Medicare number you enter into a prescription or referral form is processed locally on your device only — it is never transmitted to OptoGuide™ servers or to any third-party service. OptoGuide™ does not create or maintain a patient record and is not intended to function as a clinical record system. No patient record is created, retained, or accessible outside your session.
Practitioner responsibility. As a healthcare practitioner, you remain responsible for meeting your obligations under applicable privacy legislation — including the Australian Privacy Act 1988 and any relevant state or territory requirements — when collecting and handling patient information in your clinical practice. OptoGuide™ does not alter or limit those obligations.
Account data
When you create an OptoGuide™ account, we collect:
- Your email address (used to authenticate your account)
- Your professional role (e.g. optometrist, student), if provided during onboarding
- A record of whether onboarding was completed
- Your subscription status and plan tier
Account data is stored in Google Firebase (Firestore), hosted in the us-central1 region, and protected by Firebase Authentication. We do not sell or share your account data with third parties.
Usage analytics
We collect anonymised usage data to understand how OptoGuide™ is used and to improve the product. This includes:
- Page views and navigation events
- Feature interactions (e.g. which modules are opened)
- Error events and performance metrics
Analytics events do not include patient data, free-text clinical notes, or any information that could identify a patient. Analytics are collected via Firebase Analytics and are subject to Google's privacy policy.
Contact and support data
If you contact us using the contact form or by email, we retain your name (if provided), email address, and message content. This information is used only to respond to your enquiry and is not shared with third parties.
Cookies and local storage
OptoGuide™ uses browser local storage to remember interface preferences (for example, whether you have dismissed a banner). Authentication tokens are managed by Firebase Authentication. We do not use third-party advertising cookies.
Third-party services and data processors
OptoGuide™ uses the following third-party services to operate. Each receives only the data necessary to perform its function.
Google Firebase
Used for user authentication and account data storage (Firestore). Firebase holds your account profile, email address, and subscription status — it does not receive patient data. Data is subject to Google's privacy policy.
Stripe
Used to process subscription payments. Stripe receives your payment card details and billing information directly — OptoGuide™ never sees or stores your full card number. Data is subject to Stripe's privacy policy.
Resend
Used to send transactional emails (for example, subscription confirmations). Resend receives your email address for the purpose of delivery only. Data is subject to Resend's privacy policy.
Security
Your account data is protected by Firebase Authentication. Access to Firestore is controlled by security rules that prevent users from reading or writing other users' data. All communication between your browser and our servers uses HTTPS. We apply the principle of least-privilege to all database access rules.
Your rights
You may request deletion of your account and associated data at any time by contacting us. Under the Australian Privacy Act 1988, you have the right to access, correct, and in some circumstances request deletion of personal information we hold about you.
Changes to this policy
We may update this policy as the product evolves. Material changes will be communicated to registered users by email. Continued use of OptoGuide™ after an update constitutes acceptance of the revised policy.
Privacy enquiries
For privacy-related enquiries or to request access to, correction of, or deletion of your personal information, contact us at support@optoguide.com.au or use the contact form.