Legal

Privacy Policy

Last updated: 17 June 2026

Keptly is a service of DYZR (ABN: 48 825 788 140). We take privacy seriously, particularly because the work we do involves patient contact information on behalf of healthcare clinics. This policy explains what we collect, why, and what we do with it.

By engaging our services or using this website, you agree to this policy. If you are a clinic engaging us on behalf of your patients, you represent that you have a lawful basis to share that contact information with us for the purposes described below.

Who this policy covers

This policy covers two groups of people:

  • Clinic clients — the healthcare practice owners and managers who engage Keptly directly.
  • Patients — individuals whose contact details are shared with us by a clinic for the purpose of running a reactivation campaign on that clinic's behalf.

What we collect and why

From clinic clients: your name, business name, email address, phone number, and any information you share during onboarding or communications. We use this to deliver our service and communicate with you.

From patients (via the clinic): name, phone number, and email address, as provided in the clinic's patient list export. We use this solely to send the reactivation campaign messages on the clinic's behalf. We do not use patient data for any other purpose.

From website visitors: standard server logs (IP address, browser type, pages visited). We use this to keep the site running and to understand how it is used.

How we handle patient data

Patient contact information is sensitive health-adjacent data and is treated accordingly. Our commitments:

  • Patient data is used only to send the agreed reactivation campaign for the specific clinic that provided it.
  • Patient data is not shared with any third party except the messaging platform required to deliver the campaign (for example, an Australian SMS provider).
  • Patient data is never sold, rented, or used for marketing unrelated to the clinic's own campaign.
  • Patient contact information is not used to train any public artificial intelligence model. The AI tools we use to write campaign copy are governed by API terms that prohibit training on submitted data.
  • Patient data is deleted upon completion of the campaign, or on request, whichever comes first.
  • We sign a data-handling agreement with each clinic before any patient data is transferred.

Data storage and security

Patient data provided to us is handled within Australia and is not transferred offshore. We take reasonable steps to protect information from misuse, loss, and unauthorised access, including secure file transfer and prompt deletion after use.

No data security system is completely secure. If we become aware of a data breach affecting your information, we will notify you in accordance with our obligations under the Privacy Act 1988 (Cth).

Third-party services

We use a small number of third-party tools to deliver our service:

  • SMS and email delivery: an Australian messaging provider (such as ClickSend) to send campaign messages.
  • AI writing tools: the Anthropic API (Claude) to draft campaign copy. Anthropic's API terms state that inputs and outputs are not used to train their models.
  • Booking and scheduling: Calendly, for booking discovery calls via this website.
  • Website hosting: Vercel, for serving this website.

Each of these providers has their own privacy policies. We select providers whose data practices are consistent with our commitments.

Your rights

Under the Australian Privacy Principles, you have the right to:

  • Access personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your information (subject to any legal obligation to retain it).
  • Opt out of any marketing communications from us.

To exercise any of these rights, contact us at dylan@keptly.com.au. We will respond within 30 days.

Patients: how to opt out

If you have received a message from a clinic's reactivation campaign that we ran and you do not wish to receive further messages, reply STOP to any SMS or use the unsubscribe link in any email. We will honour that request immediately and remove you from the campaign list.

If you have concerns about how a clinic obtained or used your contact information, please contact that clinic directly, as they are the data controller for their patient relationships.

Complaints

If you believe we have handled your personal information in a way that breaches the Australian Privacy Principles, please contact us first at dylan@keptly.com.au. If we cannot resolve your concern, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Changes to this policy

We may update this policy from time to time. The date at the top of this page shows when it was last revised. Material changes will be communicated to active clients by email.

Contact

DYZR (trading as Keptly)
ABN: 48 825 788 140
Sydney, NSW, Australia
dylan@keptly.com.au