Legal

Privacy, security, and terms.

Clear information about Ribbonside, your data, subscriptions, Apple Health, and support.

Privacy Policy

Effective date: March 2026 · Last updated: 14 June 2026

Policy version 1.9 · Last reviewed 14 June 2026 · See "Policy Version And Changes" below.

1. Who We Are

Ribbonside is a trading name of Diesel Advocacy Pty Ltd ACN 690 643 853 | ABN 82 690 643 853. We operate the Ribbonside mobile application and website at ribbonside.com.au. We handle personal information and health information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Privacy contact: support@ribbonside.com

2. What We Collect And Why

Health information is sensitive information under Australian privacy law. We collect it only where needed to provide the app features you choose to use.

3. Consent And Withdrawal

Because health information is sensitive, Ribbonside relies on clear user action and consent for health-related features. You choose what health details to enter, whether to connect Apple Health, and whether to use What does this mean?. You can withdraw optional consent by disconnecting Apple Health, declining What does this mean?, deleting items, erasing the local vault, or deleting your account.

Withdrawing optional consent may limit the feature connected to that consent, but you can still use other available parts of Ribbonside.

4. If You Do Not Provide Information

You can choose not to add optional health details, connect Apple Health, or use AI features. Some app features may not work without the information needed for that feature.

5. Third-Party Service Providers

ProviderPurposeLocationPrivacy Policy
Supabase Inc.Authentication, consent history, support and security records, subscription entitlement, AI usage limits, and limited online records needed to operate the serviceAustralia - Sydney (AWS ap-southeast-2)supabase.com/privacy
Anthropic PBCOptional What does this mean? plain-English explanations only when you choose to type and send a questionUnited Statesanthropic.com/privacy
Apple Inc.App Store, Sign in with Apple, Apple Health permission controls, notifications, billing, subscriptions, and refundsUnited States / globalapple.com/legal/privacy
RevenueCat Inc.Subscription entitlement status, purchase history, product identifiers, App Store transaction details, RevenueCat app user ID, and technical device/app identifiers needed to manage in-app purchasesUnited States / globalrevenuecat.com/privacy
Expo / EASApp build and update delivery infrastructure. Expo/EAS is not used by Ribbonside to store user-entered health vault content.United Statesexpo.dev/privacy
ResendEmail delivery for support notifications and service messages. Support alert emails are designed not to include the private message body.United States / globalresend.com/legal/privacy-policy
GitHub Pages / GitHub, Inc.Static website hosting, content delivery, server request logs, IP address, browser/device request metadata, and security or abuse-prevention logs for ribbonside.com.auUnited States / globalgithub.com privacy statement

We choose service providers that support appropriate privacy and security protections for the type of information they handle. Where a provider processes personal information for Ribbonside, we expect them to use it only for the agreed service purpose and not for their own advertising or unrelated purposes.

Where a provider is listed as global, processing may occur in the country named and in other countries where that provider or its subprocessors operate, support the service, or meet legal/security obligations.

6. No Sale, Advertising, Or Tracking Use

Ribbonside does not sell personal information or health information. Ribbonside does not use health information for advertising, profiling, insurance, employment, pharmaceutical marketing, or data-broker purposes. Ribbonside does not share Apple Health data with third parties.

6A. Website Cookies, Analytics, And Tracking

Ribbonside does not currently use advertising cookies, tracking pixels, behavioural advertising tools, or web analytics on ribbonside.com.au. If this changes, we will update this policy and describe the provider, purpose, and choices available to visitors. Basic server and security logs may still be created when you visit the website.

7. Local Storage And Overseas Processing

Your core health records, documents, photos, notes, appointments, medications, symptoms, and diary entries are stored in Ribbonside's encrypted local vault on your device. Ribbonside does not use Supabase as the primary storage location for those records in this launch version.

Supabase stores limited online records needed for account sign-in, consent history, support, subscription entitlement, legal/security operations, and AI usage limits in Australia - Sydney (AWS ap-southeast-2). Trusted providers may process limited data where needed for billing, subscriptions, support, optional AI features, website hosting, or legal and security purposes.

Because the health vault is local to your device, Ribbonside may not be able to recover your records if you delete the app, erase the vault, lose the phone, or cannot restore from your own backup or export.

Depending on your device settings, iPhone/iCloud backups, screenshots, exports, or files you share outside Ribbonside may be controlled by Apple, your cloud account, email provider, or another storage provider rather than by Ribbonside. Keep exports and backups secure.

For safeguards, support access, app lock, and incident response, see Security Practices.

8. Retention

9. Account Deletion

You can delete your Ribbonside account from Account - Delete My Account. When deletion succeeds, the app erases the local health vault on that device. Online account, consent, support, subscription, security, and AI usage-limit records will be deleted or de-identified within 30 days, unless limited records must be retained for legal, security, billing, or backup reasons. You can also erase only the local health vault from Account - Privacy & Your Data - Erase Health Vault. Deleting your Ribbonside account or deleting the app does not automatically cancel an Apple App Store subscription; subscriptions must be cancelled through Apple.

10. Your Rights

Privacy requests can be sent to the Privacy Officer at support@ribbonside.com. Please include enough information for us to identify your account. We may need to verify your identity before providing access, correcting information, or deleting online account records.

11. AI-Assisted Features

If you choose to use What does this mean?, the text you type is sent securely to Anthropic's Claude API for processing. What does this mean? is designed for short plain-English explanations and is opt-in. Do not include your name, date of birth, Medicare number, medical record number, or full clinical reports. You can decline What does this mean? and continue using manual entry.

Anthropic's API retention depends on the API feature, model, account setting, and contract terms. Ribbonside uses What does this mean? only for short typed questions, does not use Claude consumer accounts, and does not ask users to include identifying health information. Anthropic may retain API inputs and outputs for up to 30 days for trust, safety, legal, service, and abuse-prevention purposes under its usage policies, and states that retained API data is not used for model training without express permission. Data may be retained longer where required for a service setting, Usage Policy enforcement, legal obligations, or abuse prevention.

Ribbonside logs limited AI usage metadata for security, limits, abuse prevention, and cost monitoring. This may include your user ID, feature name, timestamp, model, token counts, estimated cost, request ID, message count, rate-limit or quota events, and technical error status. Ribbonside does not store your AI prompt text in Supabase. Ribbonside does not offer AI report upload or report-reading in this launch version.

12. Automated Decisions

Ribbonside does not use automated decision-making to make decisions that have a legal, financial, health treatment, insurance, employment, or similarly significant effect on you. What does this mean? explanations are general information only and must not be used as medical advice.

13. International Transfers

Anthropic, Apple, RevenueCat, Expo, Resend, GitHub Pages, and other trusted processors may handle limited data outside Australia where needed for the purposes described above. Core health records and files are stored in the local vault on your device. Limited online account, consent, support, security, subscription, and AI usage-limit records are stored in Australia via Supabase.

Where personal information is processed overseas by trusted providers, Ribbonside relies on contractual commitments and those providers' published privacy and data processing terms to support appropriate protections for the information they handle.

14. Children

Ribbonside is not intended for users under 18.

If we become aware that an under-18 user has created an account, we may suspend or delete the account and associated online records, subject to any legal, security, billing, or backup retention needs. A parent or guardian can contact support if they believe a child has provided personal information to Ribbonside.

15. Policy Version And Changes

Current policy version: 1.9. Last reviewed: 14 June 2026.

We may revise, update, or replace this Privacy Policy from time to time. We will notify you of any changes by posting the revised version on this website. Any changes take effect on the date posted.

16. Contact

Ribbonside (Diesel Advocacy Pty Ltd) · ABN 82 690 643 853 · New South Wales, Australia
support@ribbonside.com · Support page · ribbonside.com.au

Security Practices

Last updated: 14 June 2026 · Safeguards and incident response

1. What This Covers

This page summarises how Ribbonside protects personal information and health information. The Privacy Policy explains what information we collect, use, disclose, and delete. The Health Data Statement lists the health data categories handled by the app.

2. Safeguards

3. Support Access

Support tickets may include account details, app diagnostics, and any details you choose to send us. Do not send Medicare numbers, medical record numbers, full reports, or highly identifying health details unless they are genuinely needed for the support issue. Support access is used only to investigate tickets, security issues, billing or account problems, suspected misuse, or legal obligations.

4. User Controls

5. Data Breach Response

Ribbonside maintains an internal data breach response plan. If we suspect an eligible data breach, we will contain the incident, preserve evidence, assess the risk, and take reasonable and expeditious steps to complete the assessment within 30 calendar days. If a breach is likely to cause serious harm, we will notify affected users and the OAIC as soon as practicable, including what happened, what information was involved, and recommended steps. If direct contact is not practicable, we may publish a notice on this website and take reasonable steps to publicise it.

6. Vulnerability Or Privacy Issue Reporting

If you believe you have found a privacy or security issue, email support@ribbonside.com with "Security report" in the subject and enough detail for us to investigate. Administrative security notices may also be sent to admin@ribbonside.com. Please do not access, copy, change, delete, or disclose anyone else's information while reporting an issue.

7. Limits And Reporting

No app, device, or online service can guarantee perfect security. A stolen, unlocked, jailbroken, rooted, or compromised device may still expose local records. If you suspect a privacy or security issue involving Ribbonside, contact support@ribbonside.com.

Terms of Use

Effective date: March 2026 · Last updated: 14 June 2026 · Governing law: New South Wales, Australia

1. Agreement

By using Ribbonside you agree to these Terms. Governed by the laws of New South Wales, Australia.

2. What Ribbonside Is

Ribbonside is a private support organiser for the practical side of breast cancer. It helps you record, store, organise, export, and remember information you choose to add.

3. Not Medical Advice

Ribbonside is a personal organiser and general information tool ONLY. Nothing constitutes medical advice, diagnosis, or treatment recommendation. Always consult your oncologist or qualified healthcare professional before making any health decision.

4. No Emergency Use

Ribbonside is a private organiser, not an emergency or medical support service. It is not monitored 24/7 and must not be used in an emergency. If you need urgent help in Australia, call Triple Zero (000), or contact your care team, hospital, pharmacist, or another qualified health professional about treatment concerns, medication questions, or clinical decisions.

5. Eligibility

You must be 18 or older to use Ribbonside.

6. Your Responsibilities

7. Subscriptions

8. Your Data

You retain full ownership of all data, photos and content you provide. Ribbonside does not claim ownership of your health data. In this launch version, core records and uploaded files are stored in the local vault on your device, while limited online account, consent, support, subscription, legal/security, and AI usage-limit records are stored online as described in the Privacy Policy.

You give Ribbonside a limited permission to process your content only as needed to provide the app, keep local records available on your device, create exports you request, provide support, operate subscriptions and security controls, and process optional What does this mean? text you choose to send.

9. Service Availability, Local Storage, And Backups

Ribbonside may change, pause, update, or discontinue features from time to time. We aim to keep the service reliable, but no app or online service is guaranteed to be uninterrupted or error-free. Because core records are stored locally on your device in the launch version, Ribbonside may not be able to recover records if you delete the app, erase the vault, lose the device, forget access details, or do not maintain your own backups or exports.

10. Australian Consumer Law Guarantees

Nothing in these Terms excludes your non-excludable rights under the Australian Consumer Law (Competition and Consumer Act 2010 (Cth)). If the Service fails to meet a consumer guarantee, you may be entitled to a remedy. Contact support@ribbonside.com or NSW Fair Trading on 13 32 20.

11. Limitation of Liability

Subject to your non-excludable ACL rights, Ribbonside is not liable for health outcomes, treatment decisions, missed appointments, medication errors, data loss caused by local device loss or deletion, or loss or damage arising from use of the app beyond the remedies required by law.

12. Termination

12.1 Cancellation by You

You may cancel your subscription at any time through Apple App Store. To stop the next renewal, cancel at least 24 hours before the renewal date. Upon cancellation, your subscription will remain active until the end of your current billing period unless Apple or applicable law provides otherwise. Refund requests should be made through Apple. Nothing in these Terms limits your Australian Consumer Law rights.

12.2 Suspension or Termination by Ribbonside

We reserve the right to suspend or terminate your account if you have violated these Terms, your use poses a security risk, your account has been inactive for an extended period, or continued provision is no longer commercially viable. Where reasonable, we will give notice and an opportunity to export available data before termination.

12.3 Effect of Termination

Upon termination, your right to access the Service will cease immediately. Online account records will be handled in accordance with our Privacy Policy and deleted or de-identified within 30 days of account closure, unless limited records must be retained for legal, security, billing, or backup reasons. Local vault records remain on your device until you erase the vault, delete the app, or remove them yourself. Account deletion does not automatically cancel an Apple App Store subscription.

13. Intellectual Property

The Ribbonside name, app, design and content belong to Diesel Advocacy Pty Ltd. You may not reproduce or distribute without written permission.

14. Governing Law

Governed by NSW law. Disputes subject to NSW courts. Consumer complaints: NSW Fair Trading 13 32 20 · ACCC 1300 302 502.

15. Changes to Terms

We may update these Terms from time to time. We will notify you of any changes by posting the revised version on this website. Any changes take effect on the date posted. Continued use after the effective date constitutes acceptance.

16. Contact

support@ribbonside.com

Refund Policy

Effective date: March 2026 · Last updated: 14 June 2026

1. Free Trial

If an Apple App Store trial or introductory offer is available to you, Apple will show the offer details, first charge date, renewal price, and cancellation options before you confirm purchase.

2. How To Cancel

On iPhone: Settings - Apple ID - Subscriptions - Ribbonside - Cancel Subscription.

Cancellation usually takes effect at the end of the current billing period. To stop the next renewal, cancel at least 24 hours before the renewal date. You retain Plus access until that date unless Apple or applicable law provides otherwise. Uninstalling the app or deleting your Ribbonside account does not automatically cancel your subscription.

3. Refund Requests

Refund requests for in-app purchases should be made through Apple App Store. Refund decisions and processing times are handled by Apple.

4. Australian Consumer Law Rights

Nothing in this policy limits your non-excludable rights under the Australian Consumer Law. If our Service fails to meet a consumer guarantee, you may be entitled to a remedy. Contact support@ribbonside.com, NSW Fair Trading on 13 32 20, or the ACCC on 1300 302 502.

5. Contact

support@ribbonside.com

Medical Disclaimer

Last updated: 14 June 2026 · Displayed at first launch · Users must acknowledge before proceeding

Ribbonside is a personal organiser and general information tool. It is not registered as a medical device with the TGA. It does not diagnose, treat, monitor, predict, provide medical advice, or support clinical decision-making.

1. What Ribbonside Is

Ribbonside is a personal organiser and health tracking application. All content — including AI-generated explanations, medication information, cancer type descriptions, diagnosis fields, symptom logs, and wellbeing check-ins — is provided for general informational and personal tracking purposes only.

2. You Must Always

3. AI-Generated Content

What does this mean? provides general educational explanations generated by AI. These are not personalised to your medical situation, not reviewed by medical professionals, and may not reflect current Australian clinical guidelines. Always discuss your specific case with your oncologist.

4. Emergency

Severe or sudden symptoms — call Triple Zero (000) immediately. Cancer Council NSW: 13 11 20 · Lifeline: 13 11 14 · Beyond Blue: 1300 22 4636

Diesel Advocacy Pty Ltd accepts no liability for health outcomes arising from use of or reliance upon Ribbonside.

Health Data Statement

Last updated: 14 June 2026 · Every category of health data we handle, where it is stored, and how you can delete or erase it - in plain English

In this launch version, user-entered health records, documents, photos, appointments, medications, diary entries, symptoms, results, and care notes are stored in the encrypted local vault on your device. Supabase is used for limited online account, consent, support, subscription, security, and AI usage-limit records.

What We Collect and Why

Data TypeHow CollectedStored WhereDeleted Or Erased When
Cancer type, stage, grade, Ki-67You enter itEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
ER/PR/HER2, tumour size, lymph nodesYou enter itEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
Medications and dose logsYou enter and tap to logEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
AppointmentsYou enter themEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
Photos and documentsCamera, photo library, document picker, or manual entryApp-private local vault storage on your deviceWhen you delete the item, erase the vault, or delete the app
Diary entriesYou write themEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
Symptom logs and wellbeing check-insYou complete themEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
Healthcare team detailsYou enter themEncrypted local vault on your deviceWhen you delete the item, erase the vault, or delete the app
What does this mean? query textYou type it and choose to send itSent to Anthropic for processing; not stored in Supabase by RibbonsideHandled under Anthropic API retention terms; Ribbonside logs limited usage metadata only
Account, consent, support, subscription, security, and AI usage-limit recordsCreated when you sign in, accept legal notices, contact support, subscribe, or use AI limitsSupabase - SydneyDeleted or de-identified within 30 days of account deletion unless retention is required

Health Data (Apple Health / HealthKit)

Ribbonside may request access to Apple Health data including steps, exercise minutes, resting heart rate, and workout information. This data is read from your device only and is not transmitted to our servers. You may revoke this access at any time through your iPhone settings. Ribbonside does not use health data for any purpose other than displaying it to you within the app.

Data Type ReadHealthKit IdentifierWhere It Stays
Daily step countHKQuantityTypeIdentifierStepCountOn your device only
Exercise minutesHKQuantityTypeIdentifierAppleExerciseTimeOn your device only
Resting heart rateHKQuantityTypeIdentifierRestingHeartRateOn your device only
WorkoutsHKWorkoutTypeIdentifierOn your device only

Exports And Backups

If you export records, save screenshots, back up your phone, share files, or move records outside Ribbonside, those copies may be protected by your device, cloud account, email, or storage provider rather than by Ribbonside's local vault. Depending on your device settings, iPhone/iCloud backups, screenshots, exports, or shared files may be controlled by Apple, your cloud account, email provider, or another storage provider rather than by Ribbonside. Keep exported health information somewhere private and secure.

What We Never Do

Deletion

Account - Privacy & Your Data - Erase Health Vault removes local records from this device only. Account - Delete My Account erases the local vault on that device and deletes or de-identifies online account records within 30 days, unless limited records must be retained for legal, security, billing, or backup reasons. Deleting the online account or app does not automatically cancel an Apple App Store subscription; subscriptions must be cancelled through Apple.

Regulatory Position & ACL Statement

Last updated: 14 June 2026 · Conservative launch wording · Australian Consumer Law

1. TGA Position

Ribbonside is intended as a personal organiser and general information tool. It is not registered as a medical device with the TGA. It is not designed for diagnosis, treatment, monitoring, prediction, prognosis, or care decisions. This position should be read as launch-facing product wording, not legal or regulatory advice.

2. How Ribbonside Is Positioned

3. TGA Advertising Compliance

Ribbonside marketing should stay in conservative personal-organiser language such as "track", "log", "record", "store", "organise", and "remind". It must not claim to diagnose, treat, monitor, prevent, cure, improve, or manage a disease or treatment pathway, and it must not make therapeutic benefit claims.

4. Australian Consumer Law Guarantees

The Australian Consumer Law (Schedule 2 of the Competition and Consumer Act 2010 (Cth)) provides automatic consumer guarantees that cannot be excluded by contract. Nothing in our Terms excludes these non-excludable rights. Contact support@ribbonside.com or NSW Fair Trading on 13 32 20.

5. Contact

support@ribbonside.com

6. Annual Review

This compliance position statement is reviewed annually. Last reviewed: June 2026.

Accessibility Statement

Last updated: 14 June 2026 · Accessibility and support

1. Our Aim

Ribbonside aims to be usable by people navigating breast cancer treatment and recovery, including people who may be tired, stressed, visually strained, or using assistive technologies.

2. Current Approach

We aim to use clear language, readable contrast, predictable navigation, scalable text where supported by the platform, and plain support pathways. We aim to align with WCAG 2.2 AA where practical, while continuing to test and improve the app and website over time. This statement is not a claim of full certification.

3. Feedback

If any part of the app or website is difficult to use, email support@ribbonside.com with the device, browser, assistive technology if relevant, and the issue you encountered. We aim to respond within two business days.