Clear information about Ribbonside, your data, subscriptions, Apple Health, and support.
Ribbonside is a trading name of Diesel Advocacy Pty Ltd ACN 690 643 853 | ABN 82 690 643 853. We operate the Ribbonside mobile application and website at ribbonside.com.au. We handle personal information and health information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Privacy contact: support@ribbonside.com
Because health information is sensitive, Ribbonside relies on clear user action and consent for health-related features. You choose what health details to enter, whether to connect Apple Health, and whether to use What does this mean?. You can withdraw optional consent by disconnecting Apple Health, declining What does this mean?, deleting items, erasing the local vault, or deleting your account.
Withdrawing optional consent may limit the feature connected to that consent, but you can still use other available parts of Ribbonside.
You can choose not to add optional health details, connect Apple Health, or use AI features. Some app features may not work without the information needed for that feature.
| Provider | Purpose | Location | Privacy Policy |
|---|---|---|---|
| Supabase Inc. | Authentication, consent history, support and security records, subscription entitlement, AI usage limits, and limited online records needed to operate the service | Australia - Sydney (AWS ap-southeast-2) | supabase.com/privacy |
| Anthropic PBC | Optional What does this mean? plain-English explanations only when you choose to type and send a question | United States | anthropic.com/privacy |
| Apple Inc. | App Store, Sign in with Apple, Apple Health permission controls, notifications, billing, subscriptions, and refunds | United States / global | apple.com/legal/privacy |
| RevenueCat Inc. | Subscription entitlement status, purchase history, product identifiers, App Store transaction details, RevenueCat app user ID, and technical device/app identifiers needed to manage in-app purchases | United States / global | revenuecat.com/privacy |
| Expo / EAS | App build and update delivery infrastructure. Expo/EAS is not used by Ribbonside to store user-entered health vault content. | United States | expo.dev/privacy |
| Resend | Email delivery for support notifications and service messages. Support alert emails are designed not to include the private message body. | United States / global | resend.com/legal/privacy-policy |
| GitHub Pages / GitHub, Inc. | Static website hosting, content delivery, server request logs, IP address, browser/device request metadata, and security or abuse-prevention logs for ribbonside.com.au | United States / global | github.com privacy statement |
We choose service providers that support appropriate privacy and security protections for the type of information they handle. Where a provider processes personal information for Ribbonside, we expect them to use it only for the agreed service purpose and not for their own advertising or unrelated purposes.
Where a provider is listed as global, processing may occur in the country named and in other countries where that provider or its subprocessors operate, support the service, or meet legal/security obligations.
Ribbonside does not sell personal information or health information. Ribbonside does not use health information for advertising, profiling, insurance, employment, pharmaceutical marketing, or data-broker purposes. Ribbonside does not share Apple Health data with third parties.
Ribbonside does not currently use advertising cookies, tracking pixels, behavioural advertising tools, or web analytics on ribbonside.com.au. If this changes, we will update this policy and describe the provider, purpose, and choices available to visitors. Basic server and security logs may still be created when you visit the website.
Your core health records, documents, photos, notes, appointments, medications, symptoms, and diary entries are stored in Ribbonside's encrypted local vault on your device. Ribbonside does not use Supabase as the primary storage location for those records in this launch version.
Supabase stores limited online records needed for account sign-in, consent history, support, subscription entitlement, legal/security operations, and AI usage limits in Australia - Sydney (AWS ap-southeast-2). Trusted providers may process limited data where needed for billing, subscriptions, support, optional AI features, website hosting, or legal and security purposes.
Depending on your device settings, iPhone/iCloud backups, screenshots, exports, or files you share outside Ribbonside may be controlled by Apple, your cloud account, email provider, or another storage provider rather than by Ribbonside. Keep exports and backups secure.
For safeguards, support access, app lock, and incident response, see Security Practices.
Privacy requests can be sent to the Privacy Officer at support@ribbonside.com. Please include enough information for us to identify your account. We may need to verify your identity before providing access, correcting information, or deleting online account records.
If you choose to use What does this mean?, the text you type is sent securely to Anthropic's Claude API for processing. What does this mean? is designed for short plain-English explanations and is opt-in. Do not include your name, date of birth, Medicare number, medical record number, or full clinical reports. You can decline What does this mean? and continue using manual entry.
Anthropic's API retention depends on the API feature, model, account setting, and contract terms. Ribbonside uses What does this mean? only for short typed questions, does not use Claude consumer accounts, and does not ask users to include identifying health information. Anthropic may retain API inputs and outputs for up to 30 days for trust, safety, legal, service, and abuse-prevention purposes under its usage policies, and states that retained API data is not used for model training without express permission. Data may be retained longer where required for a service setting, Usage Policy enforcement, legal obligations, or abuse prevention.
Ribbonside logs limited AI usage metadata for security, limits, abuse prevention, and cost monitoring. This may include your user ID, feature name, timestamp, model, token counts, estimated cost, request ID, message count, rate-limit or quota events, and technical error status. Ribbonside does not store your AI prompt text in Supabase. Ribbonside does not offer AI report upload or report-reading in this launch version.
Ribbonside does not use automated decision-making to make decisions that have a legal, financial, health treatment, insurance, employment, or similarly significant effect on you. What does this mean? explanations are general information only and must not be used as medical advice.
Anthropic, Apple, RevenueCat, Expo, Resend, GitHub Pages, and other trusted processors may handle limited data outside Australia where needed for the purposes described above. Core health records and files are stored in the local vault on your device. Limited online account, consent, support, security, subscription, and AI usage-limit records are stored in Australia via Supabase.
Where personal information is processed overseas by trusted providers, Ribbonside relies on contractual commitments and those providers' published privacy and data processing terms to support appropriate protections for the information they handle.
Ribbonside is not intended for users under 18.
If we become aware that an under-18 user has created an account, we may suspend or delete the account and associated online records, subject to any legal, security, billing, or backup retention needs. A parent or guardian can contact support if they believe a child has provided personal information to Ribbonside.
Current policy version: 1.9. Last reviewed: 14 June 2026.
We may revise, update, or replace this Privacy Policy from time to time. We will notify you of any changes by posting the revised version on this website. Any changes take effect on the date posted.
Ribbonside (Diesel Advocacy Pty Ltd) · ABN 82 690 643 853 · New South Wales, Australia
support@ribbonside.com · Support page · ribbonside.com.au
This page summarises how Ribbonside protects personal information and health information. The Privacy Policy explains what information we collect, use, disclose, and delete. The Health Data Statement lists the health data categories handled by the app.
Support tickets may include account details, app diagnostics, and any details you choose to send us. Do not send Medicare numbers, medical record numbers, full reports, or highly identifying health details unless they are genuinely needed for the support issue. Support access is used only to investigate tickets, security issues, billing or account problems, suspected misuse, or legal obligations.
Ribbonside maintains an internal data breach response plan. If we suspect an eligible data breach, we will contain the incident, preserve evidence, assess the risk, and take reasonable and expeditious steps to complete the assessment within 30 calendar days. If a breach is likely to cause serious harm, we will notify affected users and the OAIC as soon as practicable, including what happened, what information was involved, and recommended steps. If direct contact is not practicable, we may publish a notice on this website and take reasonable steps to publicise it.
If you believe you have found a privacy or security issue, email support@ribbonside.com with "Security report" in the subject and enough detail for us to investigate. Administrative security notices may also be sent to admin@ribbonside.com. Please do not access, copy, change, delete, or disclose anyone else's information while reporting an issue.
No app, device, or online service can guarantee perfect security. A stolen, unlocked, jailbroken, rooted, or compromised device may still expose local records. If you suspect a privacy or security issue involving Ribbonside, contact support@ribbonside.com.
By using Ribbonside you agree to these Terms. Governed by the laws of New South Wales, Australia.
Ribbonside is a private support organiser for the practical side of breast cancer. It helps you record, store, organise, export, and remember information you choose to add.
Ribbonside is a private organiser, not an emergency or medical support service. It is not monitored 24/7 and must not be used in an emergency. If you need urgent help in Australia, call Triple Zero (000), or contact your care team, hospital, pharmacist, or another qualified health professional about treatment concerns, medication questions, or clinical decisions.
You must be 18 or older to use Ribbonside.
You retain full ownership of all data, photos and content you provide. Ribbonside does not claim ownership of your health data. In this launch version, core records and uploaded files are stored in the local vault on your device, while limited online account, consent, support, subscription, legal/security, and AI usage-limit records are stored online as described in the Privacy Policy.
You give Ribbonside a limited permission to process your content only as needed to provide the app, keep local records available on your device, create exports you request, provide support, operate subscriptions and security controls, and process optional What does this mean? text you choose to send.
Ribbonside may change, pause, update, or discontinue features from time to time. We aim to keep the service reliable, but no app or online service is guaranteed to be uninterrupted or error-free. Because core records are stored locally on your device in the launch version, Ribbonside may not be able to recover records if you delete the app, erase the vault, lose the device, forget access details, or do not maintain your own backups or exports.
Subject to your non-excludable ACL rights, Ribbonside is not liable for health outcomes, treatment decisions, missed appointments, medication errors, data loss caused by local device loss or deletion, or loss or damage arising from use of the app beyond the remedies required by law.
You may cancel your subscription at any time through Apple App Store. To stop the next renewal, cancel at least 24 hours before the renewal date. Upon cancellation, your subscription will remain active until the end of your current billing period unless Apple or applicable law provides otherwise. Refund requests should be made through Apple. Nothing in these Terms limits your Australian Consumer Law rights.
We reserve the right to suspend or terminate your account if you have violated these Terms, your use poses a security risk, your account has been inactive for an extended period, or continued provision is no longer commercially viable. Where reasonable, we will give notice and an opportunity to export available data before termination.
Upon termination, your right to access the Service will cease immediately. Online account records will be handled in accordance with our Privacy Policy and deleted or de-identified within 30 days of account closure, unless limited records must be retained for legal, security, billing, or backup reasons. Local vault records remain on your device until you erase the vault, delete the app, or remove them yourself. Account deletion does not automatically cancel an Apple App Store subscription.
The Ribbonside name, app, design and content belong to Diesel Advocacy Pty Ltd. You may not reproduce or distribute without written permission.
Governed by NSW law. Disputes subject to NSW courts. Consumer complaints: NSW Fair Trading 13 32 20 · ACCC 1300 302 502.
We may update these Terms from time to time. We will notify you of any changes by posting the revised version on this website. Any changes take effect on the date posted. Continued use after the effective date constitutes acceptance.
If an Apple App Store trial or introductory offer is available to you, Apple will show the offer details, first charge date, renewal price, and cancellation options before you confirm purchase.
On iPhone: Settings - Apple ID - Subscriptions - Ribbonside - Cancel Subscription.
Cancellation usually takes effect at the end of the current billing period. To stop the next renewal, cancel at least 24 hours before the renewal date. You retain Plus access until that date unless Apple or applicable law provides otherwise. Uninstalling the app or deleting your Ribbonside account does not automatically cancel your subscription.
Refund requests for in-app purchases should be made through Apple App Store. Refund decisions and processing times are handled by Apple.
Ribbonside is a personal organiser and health tracking application. All content — including AI-generated explanations, medication information, cancer type descriptions, diagnosis fields, symptom logs, and wellbeing check-ins — is provided for general informational and personal tracking purposes only.
What does this mean? provides general educational explanations generated by AI. These are not personalised to your medical situation, not reviewed by medical professionals, and may not reflect current Australian clinical guidelines. Always discuss your specific case with your oncologist.
Diesel Advocacy Pty Ltd accepts no liability for health outcomes arising from use of or reliance upon Ribbonside.
| Data Type | How Collected | Stored Where | Deleted Or Erased When |
|---|---|---|---|
| Cancer type, stage, grade, Ki-67 | You enter it | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| ER/PR/HER2, tumour size, lymph nodes | You enter it | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| Medications and dose logs | You enter and tap to log | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| Appointments | You enter them | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| Photos and documents | Camera, photo library, document picker, or manual entry | App-private local vault storage on your device | When you delete the item, erase the vault, or delete the app |
| Diary entries | You write them | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| Symptom logs and wellbeing check-ins | You complete them | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| Healthcare team details | You enter them | Encrypted local vault on your device | When you delete the item, erase the vault, or delete the app |
| What does this mean? query text | You type it and choose to send it | Sent to Anthropic for processing; not stored in Supabase by Ribbonside | Handled under Anthropic API retention terms; Ribbonside logs limited usage metadata only |
| Account, consent, support, subscription, security, and AI usage-limit records | Created when you sign in, accept legal notices, contact support, subscribe, or use AI limits | Supabase - Sydney | Deleted or de-identified within 30 days of account deletion unless retention is required |
Ribbonside may request access to Apple Health data including steps, exercise minutes, resting heart rate, and workout information. This data is read from your device only and is not transmitted to our servers. You may revoke this access at any time through your iPhone settings. Ribbonside does not use health data for any purpose other than displaying it to you within the app.
| Data Type Read | HealthKit Identifier | Where It Stays |
|---|---|---|
| Daily step count | HKQuantityTypeIdentifierStepCount | On your device only |
| Exercise minutes | HKQuantityTypeIdentifierAppleExerciseTime | On your device only |
| Resting heart rate | HKQuantityTypeIdentifierRestingHeartRate | On your device only |
| Workouts | HKWorkoutTypeIdentifier | On your device only |
If you export records, save screenshots, back up your phone, share files, or move records outside Ribbonside, those copies may be protected by your device, cloud account, email, or storage provider rather than by Ribbonside's local vault. Depending on your device settings, iPhone/iCloud backups, screenshots, exports, or shared files may be controlled by Apple, your cloud account, email provider, or another storage provider rather than by Ribbonside. Keep exported health information somewhere private and secure.
Ribbonside is intended as a personal organiser and general information tool. It is not registered as a medical device with the TGA. It is not designed for diagnosis, treatment, monitoring, prediction, prognosis, or care decisions. This position should be read as launch-facing product wording, not legal or regulatory advice.
Ribbonside marketing should stay in conservative personal-organiser language such as "track", "log", "record", "store", "organise", and "remind". It must not claim to diagnose, treat, monitor, prevent, cure, improve, or manage a disease or treatment pathway, and it must not make therapeutic benefit claims.
This compliance position statement is reviewed annually. Last reviewed: June 2026.
Ribbonside aims to be usable by people navigating breast cancer treatment and recovery, including people who may be tired, stressed, visually strained, or using assistive technologies.
We aim to use clear language, readable contrast, predictable navigation, scalable text where supported by the platform, and plain support pathways. We aim to align with WCAG 2.2 AA where practical, while continuing to test and improve the app and website over time. This statement is not a claim of full certification.
If any part of the app or website is difficult to use, email support@ribbonside.com with the device, browser, assistive technology if relevant, and the issue you encountered. We aim to respond within two business days.