STANDARDS
Compliance is our first feature, not our last.
We work in regulated industries. So we built our product around the rules, not around them.
Most agency websites have a 'compliance' section that's a paragraph of buzzwords. This isn't that. This page is long because the rules are real, and because most of our competitors don't take them seriously. If you're a clinic owner deciding whether to trust us with your patient interactions, this is the page you should actually read.
The rules, in plain English
AHPRA Section 133: healthcare clients
The rule
Healthcare professionals can't use testimonials that refer to clinical aspects of regulated health services in advertising. Penalties reach $60k for an individual and $120k for a corporation.
What we do differently
- We disable all testimonial widgets on clinical pages
- Our review workflow is non-gated: we ask all patients, not just happy ones
- We never embed clinical reviews on a clinic's own website
- Our agents never repeat clinical testimonials back to callers
- We audit copy for prohibited claims before any site goes live
What this means for you: Lower risk of an AHPRA complaint, and a site you can show a colleague without explaining it away.
ACMA Industry Code C540: telephony
The rule
Number-portability standards, customer-authorisation requirements, and anti-slamming protections for telephone services.
What we do differently
- We use Twilio's compliant porting workflow
- We never initiate a port without written authorisation
- We provide a rollback path
- We document the cutover sequence
What this means for you: If you ever port your number to our platform, you're covered by the regulated process, and we know how to navigate it.
Privacy Act 1988 + Australian Privacy Principles
The rule
Thirteen Australian Privacy Principles govern how businesses collect, use, store, and disclose personal information.
What we do differently
- Customer data is encrypted at rest
- Hosted in Australian regions where the provider supports it
- Documented retention policy (typically 12 months for call transcripts, then anonymised)
- We never use your customers' data to train our models
- Every project gets a written data-handling scope at kickoff
What this means for you: If you ever face a Privacy Act query about us, we have answers. Most agencies don't.
Spam Act 2003
The rule
Consent, identification, and a working unsubscribe are required for every commercial electronic message: SMS and email.
What we do differently
- Every SMS includes sender identification (“This is [your business]”)
- Every SMS includes a working “Reply STOP” opt-out
- We never send to numbers obtained without consent
- Opt-outs are honoured immediately and permanently
What this means for you: Your marketing automations won't accidentally make you a defendant.
Australian Consumer Law
The rule
No misleading or deceptive conduct, and substantiation is required for advertising claims.
What we do differently
- Every statistic on our website traces to a named source
- We don't use AI-generated faces or fake testimonials
- We don't claim specific ROI numbers without disclosed assumptions
- We disclose when content is illustrative
What this means for you: We won't put you on the hook for a misleading-claim complaint.
Sources & references
- AHPRA: Advertising hub & guidelines (s.133) ↗
- ACMA: Telecommunications numbering & portability ↗
- OAIC: Australian Privacy Principles ↗
- ACMA: Avoid sending spam (Spam Act 2003) ↗
- ACCC: Advertising & selling (misleading conduct, ACL) ↗
- AIHW: After-hours care data ↗
- HotDoc: Public booking data ↗
Every statistic on this site is sourced. If you ever want to see our working (the studies, the citations, the methodology behind a number), email us and we'll send it. That's our standard.
Trust is the product.
Most agencies treat compliance as a checkbox. We treat it as the design constraint. If that matches how you think about your business, let's talk.