Privacy Policy

StrongHERside Daily · Version 7 July 2026 · Gair Media Pty Ltd (ABN 62 690 161 301) · Contact: hannah@strongherside.com

Who we are

StrongHERside Daily ("we", "us", "our") is an application operated by Gair Media Pty Ltd (ABN 62 690 161 301), founded by Hannah Gair.

Contact: hannah@strongherside.com

We are bound by the Australian Privacy Principles under the Privacy Act 1988 (Cth), including the additional protections that apply to "sensitive information" such as health information. State-based health records legislation may also apply depending on where you live (e.g. NSW HRIPA, VIC HRA, ACT HRPAA), as do the specific protections of the Healthcare Identifiers Act 2010 (Cth) for Medicare and NDIS numbers.

This app is designed for Australian carers. If you are accessing it from outside Australia, please be aware that your local privacy laws may differ from those described here.

Scope of this policy

This policy covers the StrongHERside Daily application. It explains what personal information we collect, how we use it, where it goes, your rights, and how to contact us with questions or complaints.

What we collect

Information you provide directly

Voice Quick Capture — how it works

When you tap the microphone on the Today screen, your device's built-in speech recognition transcribes what you say into text. On iOS Safari this happens on-device — audio never leaves your phone. On Chrome (desktop, Android), the browser sends audio to Google Cloud Speech for transcription as part of its standard Web Speech API behaviour. This is a browser feature, not a feature of this app — the app only receives the text result. We never receive audio, never store audio, and never transcribe audio ourselves. If you do not want any audio sent to Google, use Safari on iOS, or type your note instead of speaking it.

You must only record your own voice. Do not use Voice Quick Capture to record another person's voice without their knowledge and consent. Australian state and territory Surveillance Devices legislation (varies by state) makes it an offence to record a private conversation without the consent of all parties in many circumstances. You are responsible for compliance.

Information collected automatically

Information we do not collect

Sensitive (health) information

The Privacy Act gives extra protection to sensitive information, which includes health information. We treat the following as sensitive information:

We collect this information only with your express consent, given through the consent screens during onboarding. You can withdraw your consent at any time by clearing your data ("Reset App") or by emailing us.

Medicare and NDIS numbers (Healthcare Identifiers Act 2010)

The Healthcare Identifiers Act 2010 (Cth) places specific restrictions on how healthcare identifiers — including Medicare numbers and NDIS numbers — may be collected, used and disclosed.

Information you provide about other people

If you add care team members (e.g. paediatrician, OT, school contact) you may enter their name, role, and contact details. By adding this information you confirm that:

Care team contact details are stored only on your device. We do not contact, notify, or transmit information to anyone you add to your care team list.

The onboarding survey — what we ask, and your consent

When you first set up the App we ask a short set of questions about your caring situation — for example your country, whether your child has a formal diagnosis, how caring has affected your work and relationships, roughly how many hours a week you spend coordinating care, and how you are coping right now. We ask this so we can personalise the App to your circumstances and understand the real load carers carry.

How we may share or sell anonymised data

If you opt in (it's off unless you turn it on), the anonymised information you create across the App — from onboarding through everyday use, including your survey answers, de-identified usage and behaviour patterns, and your own wellbeing trends — may join our carer research dataset. Before anything is used this way, we remove everything that identifies you or your child (name, email, your child's name, exact postcode, Medicare / NDIS numbers, and other direct identifiers).

We may publish, share, or sell this data — but only:

We keep it genuinely anonymous by releasing data only in groups large enough that no one can be singled out, suppressing rare cases, and removing free-text. Any information about your child is included only as aggregated patterns — never as an identifiable record. We never sell anything that identifies you or your child. If you withdraw your consent, we stop using your data this way — though anything already shared cannot be recalled.

If StrongHERside is ever sold (business transfer)

StrongHERside may one day grow through a merger, investment, corporate restructure, or a sale of all or part of the business. If that happens, your information — including your care record and any anonymised research data — may be transferred to the new owner as part of that change. If it does:

This lets the business change hands responsibly. It does not permit anyone to sell your identifiable information.

How long we keep your data

Your care record is designed to grow with you for as long as you use the app — because evidence for NDIS reviews, plan reviews, and clinical appointments is most useful when it covers a meaningful period of time. There is no automatic 30-day, 90-day, or 12-month cut-off.

How we use your information

We never sell anything that identifies you or your child, and we do not use your information for advertising or combine it with profiles from other services. We may share or sell anonymised, de-identified insights and data — see "How we may share or sell anonymised data" below.

Where your data lives

Cross-border transfers (APP 8)

Your core data is hosted in Australia: your care records and documents in MongoDB Atlas, and your login in Supabase — both in AWS Sydney. Some other providers process data overseas; by using the App you consent to that cross-border processing:

These providers have their own privacy commitments. We have taken reasonable steps to ensure they handle your information consistently with the Australian Privacy Principles. The United States is a jurisdiction where privacy protections may differ from Australia, including in relation to lawful access by US government agencies under instruments such as the CLOUD Act and FISA.

If you do not consent to any of these cross-border transfers, do not use the relevant feature. AI features can be paused in Settings → Privacy. Voice Quick Capture can be avoided by typing your notes instead.

The Handover Pack and reports you send

The App lets you generate a Handover Pack and other reports (NDIS evidence, GP / clinician summary, carer impact statement) that gather your child's care and health information into one document you can download or email — for example to a respite carer, a school, or a clinician.

Your rights

You have the right to:

Security and encryption

Protecting your information — and your child's — is core to how the App is built.

Encryption at rest (when you set a PIN)

Other protections

Our approach is designed in line with recognised standards, including the OWASP Mobile Application Security Verification Standard (MASVS) and NIST guidance on encryption (SP 800-38D for AES-GCM and SP 800-132 for key derivation). No system, and no method of electronic transmission or storage, is ever 100% secure — so while we design to a high bar and treat security issues as priority defects, we cannot and do not guarantee absolute security.

Automated decision-making (Privacy and Other Legislation Amendment Act 2024)

The Privacy and Other Legislation Amendment Act 2024 (Cth) introduced new transparency obligations for automated decision-making that significantly affects an individual. We confirm:

Where AI processing happens (on-device roadmap)

We are working toward a future where as much AI processing as possible happens on your phone, never reaching our servers. Today's status:

When AI moves on-device for a feature, your data for that feature stops reaching Anthropic entirely. You do not need to take any action — the change will be transparent and announced in the in-app changelog.

Accessibility commitment (Disability Discrimination Act 1992 + WCAG 2.2 AA)

The App is designed against the Web Content Accessibility Guidelines (WCAG) 2.2 at the AA level and is intended to comply with the Disability Discrimination Act 1992 (Cth). Specific accessibility commitments include:

If any part of the App is not accessible to you, email Hannah at hannah@strongherside.com. We will treat accessibility issues as priority defects.

Alignment with the Voluntary AI Safety Standard (DISR, September 2024)

The Australian Department of Industry, Science and Resources published a Voluntary AI Safety Standard in September 2024 setting out ten guardrails for organisations deploying AI. We have designed the App in alignment with those guardrails as relevant to a non-decisioning, carer-facing assistant:

Notifiable Data Breaches

We take the security of your information seriously and comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth).

If we become aware of an eligible data breach — an unauthorised access, disclosure or loss of your personal information that is likely to result in serious harm to you (for example identity theft, financial loss, or the exposure of sensitive health information) — we will:

Most of your care data is encrypted, and sensitive information is protected by your PIN, which we cannot read — this significantly reduces the risk that a breach would expose readable information. The information held centrally that could be affected is limited (see "Where your data lives" above).

Children's information

This app is built for adult parents and carers. Children do not use the app directly, do not enter their own information, do not have accounts, and the app is not marketed to anyone under 18.

By entering information about a child, you warrant that:

We do not independently verify these warranties. If any of them is untrue, you indemnify us against any resulting claim under clause 13 of the Terms of Use.

All information about a child stays on your device unless you choose to share it (for example, by emailing a report to a clinician). You can delete a child's profile and all associated data at any time from inside the app.

Ongoing improvements

Changes to this policy

We may update this policy. The "Last updated" date at the top will change. For material changes — especially anything that affects what we collect or share — we'll re-prompt you for consent the next time you open the app.

How to contact us

Hannah Gair — StrongHERside Daily hannah@strongherside.com

If you're not satisfied with our response to a privacy concern, you can complain to:

Office of the Australian Information Commissioner (OAIC) www.oaic.gov.au 1300 363 992