Where this policy applies
This policy covers three things kept clearly separate below: (1) this public demonstration website you are reading now, (2) the Well Engaged iPad app in its demonstration release, and (3) the intended approach for the facility app once it is used with real residents in a paid pilot. Right now, only part (1) is live — there is no public app yet, no public account signup, and no real resident data anywhere in this product.
1. This demonstration website, today
What we collect
Nothing, by default. This site is static — plain pages with no server-side application behind them, no cookies, no analytics or tracking scripts, and no account system. Fonts and every other asset are served from this site itself, not a third party. Like any website, the hosting provider that serves these pages keeps standard, short-lived server logs (such as IP address and page requested) for security and operations; we do not use these to identify or profile visitors. If you email us at the addresses below, we hold that email in our mailbox like any other correspondence, and use it only to reply to you.
Synthetic data only
Every screen, name and "resident" you see on this site and in any linked interactive demo is synthetic — invented for illustration. No real person's information appears anywhere in the demonstration.
No third-party sharing
Because we don't collect data from visitors in the first place, there is nothing to share, sell or disclose to advertisers, data brokers or other third parties.
2. The Well Engaged iPad app — demonstration release
A synthetic showcase, not a data product
When the Well Engaged app first appears on the App Store, it will run entirely against a built-in demonstration facility: every resident, photo, activity record and family moment in it is synthetic. In this demonstration release the app collects no information from you or your device — no accounts are created by the public, no analytics run, and nothing you tap is transmitted for any purpose beyond operating the demonstration itself. Real facilities are enabled individually, under the pilot approach described below, and never through the public download alone.
3. The intended approach for a future pilot
This section describes, at a high level, how we intend to handle personal and health information once a residential aged care provider signs up for a paid pilot and real residents begin using the app. It is a statement of intent for design and contracting purposes — the detailed collection notices, consent forms and data processing agreement will be finalised with our privacy lawyer before any pilot goes live, consistent with our regulatory brief.
Consent-based collection
We intend to collect information about a resident only after consent is obtained at onboarding — from the resident where they have capacity, or from their nominated substitute decision-maker (for example, an enduring attorney or guardian) where they do not. Consent will be able to be reviewed and withdrawn, with the practical effect of withdrawal explained up front.
What we intend to collect, and why
- Activity preferences and participation records — which activities a resident engages with and how, so lifestyle staff can personalise sessions and produce participation evidence for their own quality reporting.
- Basic profile details (name, room, interests) — supplied by facility staff, used to personalise sessions and give families appropriate visibility.
- Family-contributed material (photos, stories) — supplied voluntarily by family members who have been granted access by the facility or resident, used to build reminiscence activities.
- Staff account details — for facility coordinators and quality managers using the app, used for authentication and audit logging.
Storage and security
We intend to host all pilot data on servers located in Australia, with encryption in transit and at rest, role-based access controls, and append-only audit logging of who accessed what. Data will be retained only as long as needed for the purposes above and the facility's own record-keeping obligations, then deleted or de-identified on an agreed schedule.
Family portal access
Family members will only ever see what the resident (or their substitute decision-maker) has authorised. Access will be granted individually by the facility, with the ability to revoke it, recognising that not every family relationship is a safe one.
Access and correction
Residents, their substitute decision-makers, and facility staff acting on their behalf will be able to request access to, and correction of, information we hold about them, subject to verifying identity and any legal exceptions that apply.
Who is in control of the data
We intend the facility to remain the data controller for resident information, with Well Engaged acting as a processor under a data processing agreement — meaning the facility sets the rules for use of resident data, and we agree to follow them.
4. Cookies and tracking
This site does not use cookies, browser storage, or any third-party analytics or advertising scripts. Nothing about your visit is tracked or profiled.
5. Contact us about privacy
Questions about this draft policy, or about privacy generally, can be sent to:
Because this policy is a draft, please treat any response as informal guidance rather than a final legal position.