Bariatric SurgeryHub

Privacy Policy

Last Updated: October 23, 2025

Effective Date: October 23, 2025

1. Introduction

Bariatric SurgeryHub ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website bariatricsurgeryhub.com (the "Site").

This policy complies with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and, where applicable, the General Data Protection Regulation (GDPR).

2. Information We Collect

2.1 Personal Information You Provide

We may collect personal information that you voluntarily provide to us when you:

  • Complete consultation request forms
  • Subscribe to our newsletter
  • Use our cost calculator or BMI calculator
  • Contact us via email or phone
  • Participate in surveys or promotions

This information may include:

  • Name
  • Email address
  • Phone number
  • Location/suburb
  • Preferred procedure type
  • Health-related information (BMI, weight, height)
  • Messages or inquiries you send to us

2.2 Automatically Collected Information

When you visit our Site, we automatically collect certain information about your device and browsing behavior, including:

  • IP address
  • Browser type and version
  • Operating system
  • Referring website
  • Pages viewed and time spent on pages
  • Date and time of visit
  • Geographic location (city/country level)

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Site. For detailed information, please see our Cookie Policy.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide services: Connect you with bariatric surgeons, respond to consultation requests, and deliver requested information
  • To communicate: Send newsletters, updates, and marketing communications (with your consent)
  • To improve our Site: Analyze usage patterns, optimize content, and enhance user experience
  • To ensure security: Monitor and prevent fraudulent activity, abuse, and security incidents
  • To comply with legal obligations: Meet regulatory requirements and respond to lawful requests
  • Analytics and research: Understand user behavior and preferences to improve our services

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), our legal basis for collecting and using your personal information includes:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose
  • Contract: Processing is necessary for a contract with you
  • Legal obligation: Processing is necessary to comply with the law
  • Legitimate interests: Processing is necessary for our legitimate interests (e.g., improving our services)

5. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

5.1 With Healthcare Providers

When you submit a consultation request through our forms, we share your information (name, contact details, procedure interest) with the surgeon(s) you selected or indicated interest in. This is necessary to connect you with appropriate healthcare providers.

5.2 With Service Providers

We may share information with trusted third-party service providers who assist us in operating our Site, including:

  • Hosting services: Vercel (website hosting)
  • Analytics providers: Google Analytics, Microsoft Clarity
  • Email services: For newsletter distribution
  • Form processing: Google Sheets (via webhook for form submissions)

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or government request.

5.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or prominent notice on our Site of any such change.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Consultation requests: Retained for 2 years after submission
  • Newsletter subscriptions: Retained until you unsubscribe
  • Analytics data: Aggregated and anonymized data retained indefinitely
  • Website logs: Retained for 90 days

7. Your Rights and Choices

7.1 Access and Correction (APP 12 & 13)

You have the right to access and correct your personal information. To request access or correction, contact us at the details below.

7.2 GDPR Rights (EEA Residents)

If you are located in the EEA, you have additional rights under GDPR, including:

  • Right to access: Request a copy of your personal data
  • Right to rectification: Correct inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing: Request limitation on how we use your data
  • Right to data portability: Receive your data in a machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time (where processing is based on consent)

7.3 Marketing Communications

You can opt out of receiving marketing emails by:

  • Clicking the "unsubscribe" link in any marketing email
  • Contacting us directly at the email address below

7.4 Cookies

Most web browsers allow you to control cookies through browser settings. See our Cookie Policy for more information.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for data transmission
  • Secure hosting infrastructure (Vercel Edge Network)
  • Regular security assessments and updates
  • Access controls and authentication
  • Data backup and recovery procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Children's Privacy

Our Site is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Australia, including the United States (where our hosting provider Vercel operates). These countries may have different data protection laws than Australia.

When we transfer personal information internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission (for GDPR compliance)
  • Ensuring recipients are in countries with adequate data protection laws
  • Implementing appropriate technical and organizational security measures

11. Third-Party Links

Our Site may contain links to third-party websites (e.g., surgeon websites, health directories). We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to newsletter subscribers (for significant changes)
  • Displaying a prominent notice on our Site

Your continued use of the Site after any changes indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Bariatric SurgeryHub

Email: contact@bariatricsurgeryhub.com

Website: https://bariatricsurgeryhub.com

For Australian Privacy Act complaints, you may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au

For GDPR-related matters (EEA residents), you have the right to lodge a complaint with your local data protection authority.

14. Definitions

  • Personal Information: Information about an identified individual or an individual who is reasonably identifiable
  • Processing: Any operation performed on personal data, including collection, storage, use, and disclosure
  • Data Controller: Bariatric SurgeryHub, responsible for determining how and why personal data is processed
  • Data Subject: The individual to whom personal data relates (you)

Your Privacy Matters: We are committed to transparency and protecting your personal information. If you have any questions or concerns about how we handle your data, please don't hesitate to contact us.

Back to Home