Fsterbook

Last updated: 18 June 2026. Fsterbook collects, uses, stores, and discloses personal information to provide booking, scheduling, reminders, client management, payments, support, and AI-assisted clinical documentation services.

Information we may process includes clinic account details, practitioner and staff details, patient or client contact details, appointment history, clinical notes entered by authorised users, uploaded files, messages, invoices, payment status, device and log data, and support communications. Health information is treated as sensitive information.

We use this information to operate the service, secure accounts, send transactional appointment messages, support clinics, improve reliability, meet legal obligations, and process AI-assisted drafts when enabled by an authorised clinic user.

Clinics are responsible for ensuring they have authority to enter patient information into Fsterbook and to configure their own privacy notices, consent flows, retention settings, and exports. Fsterbook does not sell patient information.

Individuals may request access, correction, export, or deletion through their clinic or by contacting Fsterbook support where Fsterbook is the relevant account holder. Some records may need to be retained where required by law, professional obligations, billing, security, or dispute handling.

Fsterbook provides software for online booking, calendar management, client records, reminders, billing workflows, and optional AI-assisted note drafting. It is not a medical provider and does not provide clinical advice, diagnosis, treatment, emergency support, or professional supervision.

Clinics must maintain their own professional registrations, insurance, patient consent processes, clinical record obligations, billing terms, refund terms, and compliance with applicable Australian laws and professional standards.

Users must keep login credentials secure, only access information they are authorised to access, maintain accurate account details, and avoid using Fsterbook for unlawful, harmful, misleading, or unsafe purposes.

Fsterbook may update, suspend, or restrict parts of the service to protect security, reliability, legal compliance, or other users. Paid subscriptions, failed payment handling, trials, promotions, upgrades, downgrades, and cancellations are managed through the billing settings and payment provider terms.

AI features generate draft content only. AI outputs can be incomplete, inaccurate, outdated, biased, or unsuitable for a particular patient or clinical context.

Practitioners must review, edit, verify, and approve all AI-generated content before it is saved, sent, copied into a patient record, or relied on. AI must not be used as the sole basis for diagnosis, treatment, triage, urgent care, referral decisions, or professional judgement.

Fsterbook does not diagnose patients, recommend treatment, or replace practitioner review. Clinics remain responsible for clinical decisions, record accuracy, patient communication, consent, and compliance with their professional obligations.

When AI is enabled, relevant prompts, source notes, generated drafts, user edits, timestamps, and audit events may be processed to provide the feature, investigate support issues, and improve safety and reliability where permitted by law and account settings.

For clinic customer data, the clinic is generally the controller or accountable health service provider for the information it enters, and Fsterbook acts as a service provider processing data on the clinic's instructions.

Fsterbook processes customer data to provide the subscribed services, support the account, maintain security, troubleshoot issues, create backups, meet legal requirements, and use approved subprocessors. Fsterbook will not use clinic customer data for unrelated advertising or sale.

Fsterbook applies administrative, technical, and organisational measures designed to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Clinics must configure user access, exports, retention, and patient-facing notices appropriately.

On termination, clinics may request export of available records. After the account closes, Fsterbook may retain backup, audit, billing, legal, or security records for limited periods before deletion or de-identification.

Fsterbook may use essential cookies or local storage for login sessions, security, preferences, and service operation. Optional analytics or marketing technologies should only be enabled with appropriate notice and consent where required.

Users can control many cookies through browser settings. Disabling essential cookies may prevent login, booking, account security, or preference features from working properly.

Fsterbook uses role-based access controls, authentication safeguards, audit records, monitoring, error logging, least-privilege access practices, and secure operational procedures.

Operational targets include daily database backups, periodic restore testing, local backup tooling for operators, incident review, and disaster recovery procedures designed to restore service after infrastructure, data, or deployment incidents.

No internet service can guarantee uninterrupted availability or perfect security. Fsterbook will investigate security incidents, take reasonable containment steps, and notify affected customers where required by law.

Clinic data belongs to the clinic or the relevant patient/client as determined by applicable law, professional obligations, and the clinic's own patient terms. Fsterbook does not claim ownership of clinic clinical records.

Clinics can export supported patient, appointment, billing, and record data from available export tools or by support request. Export format and completeness may depend on the account plan, feature area, and technical availability.

Retention periods can vary by data type, account setting, legal requirement, backup cycle, billing history, audit need, and dispute risk. Deleted records may remain in backups for a limited period before cycling out.

If a clinic terminates its account, the clinic should export records before closure. Fsterbook may remove or de-identify inactive account data after required retention and recovery periods.

Fsterbook may use subprocessors for hosting, database, file storage, authentication, payments, email, SMS, AI processing, monitoring, analytics, support, and backup operations.

Current or planned categories include Supabase or equivalent database infrastructure, Cloudflare or equivalent hosting and edge services, Stripe for payments, Resend or equivalent email delivery, Twilio or ClickSend for SMS, OpenAI or equivalent AI services, and operational logging or support providers.

Subprocessor locations, services, and vendors may change as the product develops. Customers may contact support for the current list before entering regulated or sensitive production data.

Support is provided through the in-app support tools or contact channels listed on the website. Response times may vary by plan, severity, timezone, and early-access status.

Subscriptions renew until cancelled. Cancellations usually take effect at the end of the current billing period unless stated otherwise. Refunds are assessed case by case, including duplicate billing, technical faults, or legal requirements.

Users must not upload unlawful material, misuse patient information, attempt unauthorised access, interfere with service operations, send spam, scrape the service, bypass usage limits, or use Fsterbook to create unsafe clinical, discriminatory, deceptive, or abusive workflows.

Transactional appointment messages may be sent where configured by the clinic and permitted by law. Marketing SMS or email requires appropriate consent and must include a functional unsubscribe process where required.

Clinics are responsible for message templates, recipient consent, opt-out handling, sender identification, and ensuring appointment reminders do not disclose unnecessary sensitive information.

Trials, discounts, and promo codes may be limited by account, plan, region, time, and eligibility. Failed payments may result in retry attempts, service restrictions, downgrade, suspension, or cancellation after notice where practical.