Bloom
Start Free Trial

Privacy Policy

Last updated: December 2025

Bloom Software Pty Ltd (ABN 81 680 336 145) ("Bloom", "we", "our", or "us") is committed to protecting privacy and handling personal information responsibly.

This Privacy Policy explains how we collect, use, store, and disclose information when you:

  • Visit our website at bloomhealth.ai
  • Use the Bloom application and related services
  • Interact with us as a customer, trial user, or organisation member

This policy is governed by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Who this policy applies to

This Privacy Policy applies to:

  • Website visitors (marketing pages, documentation, support)
  • Application users (doctors, clinic staff, administrators)
  • Organisation account holders (clinics and practices)

Bloom provides services to doctors and clinics. Our contractual relationship is with healthcare organisations, not directly with patients.

Information we collect

Website visitors

When you visit our website, we may collect limited technical information such as:

  • IP address
  • Browser type and device information
  • Pages viewed and referring URLs

This information is used to operate, secure, and improve our website.

Application users

When an organisation or user signs up for Bloom, we may collect:

  • Name
  • Email address
  • Organisation and role details
  • Authentication information (e.g. password hashes, passkeys)
  • Usage data and audit logs (e.g. login events, actions performed)

This information is required to provide and secure access to the Bloom platform.

Customer content and clinical data

Bloom is designed to support clinical workflows. Depending on how a clinic uses Bloom, Customer Content may include:

  • Audio recordings of consultations
  • Transcripts and clinical notes
  • Patient identifiers and EMR identifiers provided by the clinic
  • Generated clinical documents (e.g. referrals, letters, summaries)

Bloom processes Customer Content solely on behalf of the clinic or organisation and only in accordance with their instructions. Bloom does not independently collect data directly from patients.

How we use information

We use information to:

  • Provide, operate, and improve the Bloom platform
  • Authenticate users and manage organisation access
  • Process audio, transcripts, and documents as requested
  • Maintain audit logs and system integrity
  • Provide customer support and service communications
  • Meet legal, regulatory, and compliance obligations

We do not sell personal information.

AI and automated processing

Bloom uses automated and AI-assisted systems to provide features such as transcription and document generation.

Key principles:

  • Customer Content is processed only to deliver the requested service
  • Customer Content is not used to train AI models
  • AI providers are contractually prohibited from using Customer Content for training
  • Processing is performed under contractual confidentiality and security obligations

Data storage and sovereignty

Bloom stores and processes production data exclusively in Australia, using Australian-based cloud infrastructure.

We take reasonable steps to ensure:

  • Data remains within Australian jurisdictions
  • Access is limited to authorised systems and personnel
  • Appropriate technical and organisational safeguards are in place

Disclosure of information

We may disclose information to trusted service providers who assist in operating Bloom, including:

  • Cloud infrastructure and hosting providers
  • Security, authentication, and monitoring services
  • Payment processors (Stripe)
  • Processing services required to deliver Bloom features

These providers are contractually required to protect information and use it only to provide services to Bloom.

We may also disclose information where required or authorised by law.

Security

Bloom implements industry-standard security measures, including:

  • Encryption in transit and at rest
  • Role-based access controls
  • Audit logging
  • Secure authentication (including multi-factor authentication)
  • Regular security reviews and operational controls

No system is completely secure, but we take reasonable steps to protect information from misuse, loss, or unauthorised access.

Data retention

We retain personal information and Customer Content only for as long as necessary to:

  • Provide the Bloom service
  • Meet contractual, legal, and regulatory obligations
  • Maintain audit and compliance records

Retention periods may be configured or governed by agreements with clinics and organisations.

Cookies and analytics

Bloom does not use third-party analytics, advertising cookies, or cross-site tracking.

We use essential cookies only for authentication and session management. These cookies are necessary for the application to function and cannot be disabled.

If we introduce analytics tools in the future, this policy will be updated accordingly.

Your rights

Under the Australian Privacy Act, you may request to:

  • Access personal information we hold about you
  • Correct inaccurate or outdated information
  • Make a complaint regarding our handling of personal information

Requests can be made using the contact details below.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date and, where appropriate, notifying users.

Contact us

If you have questions or concerns about this Privacy Policy, please contact:

Bloom Software Pty Ltd (ABN 81 680 336 145)

Email: [email protected]

Website: bloomhealth.ai