Privacy Policy

Last updated: February 2026

1. Information We Collect

When you use SorryBoss, we collect:

  • Personal information: Name, email, phone number, date of birth
  • Health information: Symptoms, duration of illness, and consultation notes
  • Payment information: Processed securely by Stripe (we don't store card details)
  • Usage data: How you interact with our website

2. How We Use Your Information

We use your information to:

  • Provide pharmacist consultations and issue certificates
  • Process payments and send receipts
  • Send your certificate via email
  • Verify certificates when requested by employers (limited information only)
  • Comply with legal and regulatory requirements
  • Improve our services

3. Certificate Verification

When an employer verifies a certificate, they only see:

  • Patient name
  • Certificate type (personal leave or carer's leave)
  • Valid dates
  • Issuing pharmacist details

We never share: Your specific symptoms, health conditions, phone number, email, or any other personal details with employers.

4. Data Storage & Security

Your data is stored securely using industry-standard encryption. We use:

  • SSL/TLS encryption for all data transmission
  • Secure cloud infrastructure (Vercel, Supabase)
  • PCI-compliant payment processing (Stripe)

5. Data Retention

We retain your consultation records for 7 years as required by Australian health record-keeping requirements. You may request deletion of non-essential data at any time.

6. Your Rights

Under Australian privacy law, you have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion (where legally permitted)
  • Complain to the Office of the Australian Information Commissioner (OAIC)

7. Third Parties

We share data with trusted service providers:

  • Stripe: Payment processing
  • Resend: Email delivery
  • Supabase: Database hosting
  • Vercel: Website hosting

These providers are contractually bound to protect your data.

8. Cookies

We use essential cookies only for website functionality. We do not use tracking cookies or share data with advertisers.

9. Contact Us

For privacy inquiries or to exercise your rights, contact us at: privacy@sorryboss.com.au

10. Changes to This Policy

We may update this policy from time to time. Significant changes will be notified via email or website notice.