Home / Privacy Policy

Privacy Policy

Last updated: 4 July 2026

This Privacy Policy explains how NUYU Clinic Pty Ltd (ABN 35 692 027 937), trading as NUYU Health Technologies ("NUYU", "we", "us", "our"), collects, uses, discloses, and protects personal information in connection with this website (nuyuhealthtech.com), our Marketing OS platform (nuyumarketing.ai), our NUYU MCP infrastructure (nuyumcp.com), and our internal software tools and third-party API integrations.

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). This policy is our APP 1 privacy policy for the properties listed above. Our individual consumer-facing products — such as PeptiClinic, CompoundConnect, AestheticOS, and PocketLegal — maintain their own privacy policies specific to those services, available on their respective websites.

1. The Kinds of Personal Information We Collect and Hold

These websites are corporate and marketing properties and are not intended to collect sensitive information (including health information). Where our consumer products collect health or other sensitive information, that collection is governed by the separate privacy policy for the relevant product and is subject to the heightened protections the Privacy Act applies to sensitive information.

2. How We Collect Personal Information

We collect personal information directly from you (for example, when you email us), automatically through your use of our websites (for example, via cookies and server logs), and from the advertising and analytics platforms we use to measure our own campaigns. Where it is lawful and practicable, you may deal with us anonymously or using a pseudonym.

3. Why We Collect, Hold, Use and Disclose Personal Information

We do not sell personal information. We do not provide advertising, API, or data services to third parties — our platform API integrations (including the Google Ads API and Meta Marketing API) are used solely to manage our own business assets.

4. Cookies and Similar Technologies

Our websites may use cookies and similar technologies for essential functionality, analytics, and advertising measurement. You can control or disable cookies through your browser settings. Where required, we honour applicable consent choices before setting non-essential cookies or activating advertising measurement.

5. Disclosure of Personal Information

We may disclose personal information to trusted service providers who help us operate our platforms (such as hosting, content delivery, analytics, email, and advertising platforms), where required or authorised by law, or in connection with a corporate restructure or sale of assets. We require our service providers to protect personal information consistently with this policy and the APPs.

6. Overseas Disclosure

Some of our service providers are located, or store data, outside Australia — most commonly in the United States (for example, Google, Meta, and Cloudflare). Before disclosing personal information overseas, we take reasonable steps to ensure the overseas recipient handles it in a manner consistent with the Australian Privacy Principles.

7. Data Security, Retention and Data Breaches

We take reasonable technical and organisational steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure — including encryption in transit, access controls, and secured infrastructure. We retain personal information only for as long as necessary for the purposes described in this policy or as required by law, and we destroy or de-identify it when it is no longer needed.

Notifiable Data Breaches: We comply with the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act 1988 (Cth). If we experience a data breach that is likely to result in serious harm to an affected individual, we will notify those individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, as required by law.

8. Accessing and Correcting Your Information

You may request access to, or correction of, the personal information we hold about you at any time by emailing [email protected]. We will respond within a reasonable period and will tell you if we are unable to provide access or make a correction, and why. To request deletion of your information, see our Data Deletion page.

9. How to Make a Privacy Complaint

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, please contact our privacy contact at [email protected]. We will acknowledge your complaint promptly and aim to resolve it within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992.

10. Third-Party Platforms

Our advertising and measurement activity involves the following platforms, each governed by its own privacy policy: Google (Ads, Analytics), Meta (Facebook, Instagram), and Cloudflare (security and content delivery). We configure these integrations to process only the data necessary to measure advertising for our own properties.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date above reflects the most recent revision, and material changes will be posted on this page.

12. Contact Us

NUYU Clinic Pty Ltd (ABN 35 692 027 937), trading as NUYU Health Technologies, Australia.
Privacy contact: [email protected]