Proactive AI is committed to protecting your personal information in accordance with the Australian Privacy Act 1988, all 13 Australian Privacy Principles, and the Notifiable Data Breaches Scheme.
Last updated: June 2026 · Proactive AI · ABN 89 628 778 147
This Privacy Policy is a working template and does not constitute legal advice. You should seek independent legal advice from a qualified professional before relying on any part of this document. Proactive AI accepts no liability for any loss or damage arising from its use.
Proactive AI ("we", "us", "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy outlines how we collect, use, and safeguard your information when you visit our website or use our AI-powered services. By accessing and using our Website and Services, you agree to the practices described in this Privacy Policy.
When you create an account, sign up for our services, or contact us, we may collect:
We may collect information about how you access and interact with our Website, including:
When you or your patients interact with our AI-powered automations and voice assistants, we may collect:
We use cookies and similar tracking technologies to collect data on user interactions with our Website. These technologies allow us to remember your preferences and improve your user experience. You can control cookies through your browser settings.
We use the information we collect in the following ways:
We do not sell or rent your personal information to third parties. However, we may share your information with third parties in the following circumstances:
Australia does not yet have a standalone AI Act, but AI is actively regulated through a combination of existing laws and voluntary frameworks. As an AI automation business handling health information, Proactive AI operates in compliance with all applicable frameworks:
All 13 Australian Privacy Principles apply to Proactive AI as a handler of health information. The Privacy and Other Legislation Amendment Act 2024 introduced enhanced enforcement powers, a statutory tort for serious privacy invasions (effective June 2025), and automated decision-making transparency requirements (effective December 2026) — all addressed in this policy.
Voluntary principles published by the Department of Industry, Science and Resources that form the foundational framework for responsible AI in Australia. Our full commitment to all 8 principles is set out in section 15 of this policy.
The National AI Centre's primary guidance for responsible AI governance, setting out six essential practices. This replaced the earlier Voluntary AI Safety Standard and is the current benchmark for responsible AI adoption in Australia. Proactive AI aligns its operations with these six practices.
Australia's whole-of-government AI strategy, confirming that AI will be governed through existing laws rather than a standalone AI Act. The new Australian AI Safety Institute (operational early 2026) supports regulators in managing AI-related risks across the economy.
Our SMS automation services comply with Australia's anti-spam and telecommunications laws as administered by ACMA. All SMS communications require appropriate consent and include clear opt-out mechanisms.
Prohibits misleading or deceptive conduct, including through AI outputs. All AI communications are configured to be accurate and truthful. The proposed Unfair Trading Practices Bill 2026 includes AI-enabled manipulation within scope — Proactive AI does not engage in any such practices.
We take appropriate technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction. This includes encryption of data in transit, secure storage of conversation logs, and access controls for AI system administration. However, no method of transmission over the internet or electronic storage is 100% secure, so we cannot guarantee absolute security.
Proactive AI is committed to operating at the security standard defined by SOC 2 (System and Organisation Controls 2) — the internationally recognised security and privacy framework developed by the American Institute of Certified Public Accountants (AICPA). SOC 2 defines rigorous requirements across five Trust Service Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.
Our commitment to the SOC 2 standard means we operate with the following controls in place:
In relation to our AI-powered services, the following data practices apply:
Proactive AI handles health information and is therefore subject to the Privacy Act 1988 (Cth) and all 13 Australian Privacy Principles (APPs), regardless of business size. Under Australian privacy law, you have the following rights:
To exercise any of these rights, please contact us using the details in section 14.
Our Website and Services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from children. If we learn that we have inadvertently collected personal information from a child, we will take steps to delete that information as soon as possible. A Children's Online Privacy Code is expected to take effect in December 2026, and we will update our practices accordingly when that code is registered.
Some of our AI processing services and cloud infrastructure operate outside of Australia. Before transferring personal information to an overseas recipient, Proactive AI takes reasonable steps to ensure the recipient handles that information in accordance with the Australian Privacy Principles — as required by APP 8 of the Privacy Act 1988 (Cth).
You should be aware that if an overseas recipient breaches the APPs, Proactive AI may itself be treated as having breached the APPs and may be liable under Australian privacy law. We mitigate this risk by only engaging overseas service providers who maintain data protection standards consistent with Australian requirements and by entering into appropriate data processing agreements with those providers.
By using our Services, you consent to the transfer of your personal information to these overseas recipients in accordance with the above safeguards.
Proactive AI is subject to the Notifiable Data Breaches (NDB) Scheme under Part IIIC of the Privacy Act 1988 (Cth). If we become aware of an eligible data breach — that is, a breach that is likely to result in serious harm to any individual whose personal information is involved — we are required to:
In the event of a data breach, we will act promptly to contain the breach, assess its severity, and notify affected individuals and the OAIC in accordance with our legal obligations. If you believe your personal information may have been involved in a data breach, please contact us immediately at [email protected].
For more information about the NDB scheme, visit the OAIC website at oaic.gov.au/privacy/notifiable-data-breaches.
Proactive AI uses AI-powered automation to assist with patient communications, appointment scheduling, call handling, and enquiry responses. Some of these automated processes may produce outputs that affect individuals — for example, classifying an enquiry as routine or urgent, or determining the appropriate response to a patient question.
In accordance with the Privacy and Other Legislation Amendment Act 2024 (Cth), which introduces mandatory automated decision-making transparency requirements taking effect on 10 December 2026, we disclose the following:
We will review and update this section as the December 2026 requirements come into force.
From 10 June 2025, under Schedule 2 of the Privacy and Other Legislation Amendment Act 2024 (Cth), individuals have the right to bring a legal action against any person or organisation that has seriously invaded their privacy — including through the misuse of personal or health information. This right exists independently of any complaint to the OAIC.
Proactive AI takes this obligation seriously. We are committed to handling all personal and health information in a manner that respects the privacy of every individual, and we will not use or disclose information in ways that could constitute a serious invasion of privacy. If you believe your privacy has been seriously invaded, you may seek legal advice about your rights under this statutory tort in addition to any complaint process through the OAIC.
We reserve the right to update this Privacy Policy from time to time to reflect changes in the law, our services, or our data practices. Any changes will be posted on this page with the updated date. We encourage you to review this Privacy Policy periodically. Where changes are material, we will notify you by email or prominent notice on our website.
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us at:
Contact: Paul Dorotich CPA
Website: proactiveai.pro
Email: [email protected]
ABN: 89 628 778 147
Mildura, Victoria, Australia
By using our Website and Services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described.
If you are not satisfied with our response to a privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC): oaic.gov.au · Phone: 1300 363 992
Proactive AI's approach to privacy is underpinned by Australia's 8 AI Ethics Principles. Here is how each principle shapes how we handle your data and your patients' data:
Data collected through our AI systems is used solely to improve patient care outcomes, reduce administrative burden, and support your practice — never for purposes that could harm individuals, communities, or the environment.
Patients always have the right to speak with a human and to withdraw from AI interactions at any time. Our systems respect individual autonomy and are never used to manipulate, deceive, or surveil patients without their knowledge.
Our AI systems are designed to treat all patients equitably regardless of age, language, background, or ability. Our multilingual capability ensures patients from diverse communities receive the same quality and accuracy of response. We do not use data in ways that could result in discrimination.
All personal and health-related data is handled in strict accordance with the Australian Privacy Act 1988. Data is encrypted in transit and at rest, never sold or shared with unauthorised third parties, and retained only for as long as necessary. You retain full ownership of your data at all times.
AI systems are tested before deployment and monitored continuously. All AI responses are based exclusively on content approved by you — the client. We maintain incident response protocols and will notify you promptly of any issue affecting patient communications or data security.
All Proactive AI systems are required to identify themselves as AI at the start of every patient interaction. Patients are never misled into believing they are speaking with a human. Clients receive full documentation of how their AI system operates and how responses are generated.
Patients and clients have the right to question or challenge any AI-generated response or data-related decision. A human contact — Paul Dorotich CPA — is always available to review concerns. Clients may request access to any AI interaction log at any time by contacting [email protected] (see section 13).
Proactive AI — and specifically Paul Dorotich CPA — accepts full accountability for the responsible handling of all data processed through our AI systems. Clients are accountable for ensuring the accuracy of content they provide. Our data handling responsibilities are clearly documented and auditable.
These commitments are consistent with the Australian Government's AI Ethics Principles published by the Department of Industry, Science and Resources. Read the full principles →