You can find more detailed information about how we handle, store, and secure your data at our Safety Centre here, our Privacy Policy here, and our Trust Centre here.
​

Yes, we are compliant with Australian and New Zealand regulations! Our commitment to protecting personal information and respecting our users' privacy is paramount. In Australia, we adhere to the principles of the Privacy Act 1988, including the Australian Privacy Principles (APPs), which govern the handling of personal information by organisations throughout Australia. In New Zealand, we comply with the Privacy Act 2020, which sets the framework for protecting personal information in the course of commercial business across New Zealand as well as the NZ Information Privacy Principles (IPPs).

Please check out our compliance and safety pages for more information on how we maintain compliance for our users in Australia and New Zealand here.

Yes, we are compliant with Canadian regulations! Our commitment to protecting personal information and respecting our users' privacy is paramount. We adhere to the principles of the Personal Information Protection and Electronic Documents Act (PIPEDA), which sets the standard for how private sector organisations collect, use, and disclose personal information in the course of commercial business in Canada. We are also compliant with PIPA (Alberta), PHIPA (Ontario), PHIA (Manitoba) and PIPA (British Columbia).

Please check out our compliance and safety pages for more information on how we maintain compliance for our users in Canada here.

Yes, we are compliant with U.S. regulations and HIPAA! Our commitment to protecting personal health information and respecting our users' privacy is paramount. We adhere to the standards of HIPAA, which sets the guidelines for how covered entities and business associates handle protected health information in the course of healthcare and related activities in the United States.

Please check out our compliance and safety pages for more information on how we maintain compliance for our users in the US here.

Yes, we are compliant with UK regulations! Our commitment to protecting personal information and respecting our users' privacy is paramount. We adhere to the principles of the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR), which set the standard for how organisations collect, use, and disclose personal information in the course of commercial business in the UK. We are also NHS compliant ensuring the secure and responsible management of data for clinicians working within the NHS.

Please check out our compliance and safety pages for more information on how we maintain compliance for our users in the UK here.

Yes, we are compliant with the General Data Protection Regulation (GDPR)! Our dedication to safeguarding personal data and upholding our users' privacy rights is fundamental. We adhere to the stringent standards of the GDPR, which governs how organisations process and handle personal data within the European Union.

Please visit our compliance and safety pages for more detailed information on how we ensure compliance and protect our users' data under GDPR here.

At Heidi, we prioritize the security of your data above all else. We are proud to be ISO 27001 certified, underscoring our adherence to the highest standards for information security management. Our systems undergo rigorous external audits and regular penetration testing conducted by industry-leading experts. This comprehensive approach ensures that we not only meet but exceed industry standards, providing you with peace of mind that your information is safe and secure with us.