Privacy Policy — Surgibud
Surgibud Surgibud Terms of Service →

Privacy Policy

Effective date: 30 May 2026

This Privacy Policy explains how Surgibud ("we", "us", or "our") collects, uses, stores, and protects information when you use our surgical logbook platform. We are committed to complying with the Privacy Act 2020 and the Health Information Privacy Code 2020 (New Zealand), and the Privacy Act 1988 (Cth) and the Australian Privacy Principles (Australia).

1. Who we are

Surgibud is a personal professional logbook for surgical clinicians. We are the data controller for the information you provide when creating an account and using the platform. If you have privacy questions, contact our Privacy Officer at support@surgibud.com.

2. What information we collect

Account information

  • Email address — used for authentication (one-time password), account management, and transactional emails (share invites, PROM notifications)
  • Name and job title — entered in your profile; used to personalise the interface and to identify you to colleagues in case-sharing notifications

Surgical case data

When you log a surgical case, you may record:

  • Surgery date, hospital, procedures performed and approach, operative role
  • Non-identifying patient demographics: a clinician-assigned patient code (e.g. "WGN-001"), age, BMI, ethnicity, and ASA grade
  • Operative details: estimated blood loss, discharge date, anaesthetic type, timing
  • Clinical notes and reflections
  • Complication grading (Clavien-Dindo classification)
  • Audit status and histology specimen tracking

We do not collect and you must not enter: patient names, National Health Index (NHI) numbers, Australian Medicare or DVA numbers, dates of birth, or any other information that directly identifies a patient.

Patient contact details for PROM surveys

If you choose to send Patient-Reported Outcome Measure (PROM) surveys to patients, you may enter a patient's first name, email address, and/or phone number. This information is:

  • Encrypted at rest using AES-256-GCM encryption before being stored
  • Accessible only to the automated survey-delivery system — Surgibud staff cannot read it
  • Automatically and permanently deleted once all scheduled surveys have been sent, or immediately if the patient opts out
  • Not used for any purpose other than delivering the scheduled surveys

AI feature data

When you use AI-powered features (field extraction, reflection enhancement):

  • The text or image you submit is sent to Anthropic's API for processing (see section 7)
  • We record the time and type of each AI request for rate-limiting purposes; we do not store the content of AI requests

Technical and usage data

  • Authentication event logs (login times, IP addresses) — retained by Supabase for security purposes
  • Standard server access logs

3. How we use your information

PurposeLegal basis
Providing and operating the Surgibud platformContract performance
Authentication and account securityContract performance / Legitimate interest
Sending PROM survey emails to patientsYour explicit instruction as the clinician
Case sharing notificationsYour explicit action (initiating a share)
AI feature processingYour explicit action (submitting content)
Rate limiting and abuse preventionLegitimate interest
Complying with legal obligationsLegal obligation

We do not use your surgical case data for marketing, sell it to third parties, or use it to train AI models.

4. Data storage and security

Where your data is stored

Your data is stored on Supabase, hosted on Amazon Web Services in the ap-southeast-2 region (Sydney, Australia). This means your data is physically located in Australia, which is relevant for both New Zealand and Australian users.

Surgibud's application layer is delivered via Cloudflare Pages. Cloudflare may process request metadata at global edge nodes but does not store your health information.

Security measures

  • All data is transmitted over HTTPS (TLS 1.2 or higher)
  • Patient contact details are encrypted at the application layer (AES-256-GCM) before storage — the database stores only ciphertext
  • Row-level security (RLS) policies on all database tables ensure each user can access only their own data
  • Optional multi-factor authentication (WebAuthn/passkey) is available
  • Authentication tokens are validated server-side on every request

Data retention

Surgical case records are retained for 10 years from the date of creation, consistent with medical record retention obligations under the Health (Retention of Health Information) Regulations 1996 (New Zealand) and equivalent Australian guidelines. After 10 years from soft-deletion, records are permanently purged by an automated process and a compliance record is written to an append-only audit log.

You may delete individual records or your entire account at any time. Account deletion triggers immediate deletion of all associated case records and personal data, subject to the retention obligations above.

5. Health information

The surgical case data you record may constitute health information under the Health Information Privacy Code 2020 (New Zealand) and the Privacy Act 1988 (Cth) (Australia). We handle this information with the additional care required for sensitive information:

  • It is used only for the purposes you specify
  • It is not disclosed to third parties without your consent except as required by law
  • It is subject to enhanced security controls as described above

As the clinician entering the data, you are also subject to your own professional and legal obligations regarding health information, including obligations under the Health Information Privacy Code and your professional body's standards.

6. Case sharing

When you share cases with other Surgibud users, the recipient receives a copy of the de-identified case record. Your name appears in the share notification email. The recipient's email address is recorded in our system for audit purposes. You can view your sharing history (including who has accepted shares) in Settings.

7. Third-party services

Supabase

Our database and authentication infrastructure. Supabase processes account data and case data as a data processor on our behalf, subject to their Data Processing Agreement. Data is stored in Sydney, Australia (AWS ap-southeast-2). See supabase.com/privacy.

Anthropic

When you use AI features, text or images you submit are sent to Anthropic's API. Anthropic does not use API content to train their models (see their usage policies). We strongly advise you not to submit identifiable patient information to AI features. See anthropic.com/privacy.

Resend

We use Resend to send transactional emails (share invite notifications). Resend processes the recipient email address and the email content. See resend.com/privacy.

Cloudflare

Our application delivery network. Cloudflare may process IP addresses and request metadata at their global network. See cloudflare.com/privacypolicy.

8. Your rights

New Zealand (Privacy Act 2020)

Under the Privacy Act 2020 and the Health Information Privacy Code 2020, you have the right to:

  • Access the personal information we hold about you (Information Privacy Principle 6)
  • Correct inaccurate personal information (Information Privacy Principle 7)
  • Know why we collect information, how it will be used, and to whom it may be disclosed (IPP 3)
  • Complain to the Office of the Privacy Commissioner if you believe your privacy rights have been breached

Australia (Privacy Act 1988, Cth)

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you (APP 12)
  • Correct personal information that is inaccurate, out of date, incomplete, or misleading (APP 13)
  • Complain to the Office of the Australian Information Commissioner (OAIC) if you are dissatisfied with how we have handled your personal information
  • Anonymity — where lawful and practicable, you may interact with us anonymously or under a pseudonym

To exercise any of these rights, contact us at support@surgibud.com. We will respond within 20 working days (New Zealand) or 30 days (Australia).

9. Cookies and tracking

Surgibud uses only functional cookies necessary to maintain your authenticated session. We do not use advertising cookies, tracking pixels, or third-party analytics.

10. Children

Surgibud is intended for registered medical professionals and is not directed at people under 18 years of age. We do not knowingly collect personal information from minors.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you by email or in-app notification before material changes take effect. The effective date at the top of this page shows when the policy was last updated.

12. Complaints

If you have a privacy concern, please contact us first at support@surgibud.com. If you are not satisfied with our response:

  • New Zealand: Office of the Privacy Commissioner — privacy.org.nz — 0800 803 909
  • Australia: Office of the Australian Information Commissioner — oaic.gov.au — 1300 363 992

13. Contact our Privacy Officer

Privacy Officer, Surgibud
support@surgibud.com