Privacy Policy
Last updated: [Date]
1. Introduction
[Your Entity Name] (ABN [ABN]) (“we”, “us”, “our”) operates the Parent Room Finder mobile application and website (collectively, the “Service”). We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
This Privacy Policy explains what personal information we collect, how we use and disclose it, and your rights regarding that information. By using the Service, you consent to the practices described in this policy.
2. Information We Collect
2.1 Information you provide directly
- Account information: Name, email address, and profile details when you register an account
- Authentication data: Credentials when you sign in via email, Google, or Apple
- User-generated content: Photos, reviews, ratings, and room submissions you contribute to the Service
- Communications: Messages you send to us via email or in-app support
2.2 Information collected automatically
- Location data: GPS coordinates when you use the map or search for nearby rooms (only while using the app, with your permission)
- Device information: Device model, operating system, unique device identifiers, and app version
- Usage data: Pages visited, features used, search queries, and interaction patterns
- Log data: IP address, browser type, timestamps, and referring URLs
2.3 Information from third parties
- Social authentication: If you sign in with Google or Apple, we receive your name, email, and profile identifier as authorised by you
- Subscription data: Purchase status and subscription details from RevenueCat (our subscription management provider) and Apple/Google
3. How We Collect Information
We collect personal information:
- Directly from you — when you create an account, submit content, contact us, or adjust your settings
- Automatically — through Firebase Analytics, device sensors (GPS), and server logs when you use the Service
- From third parties — via authentication providers (Google, Apple), RevenueCat, and app stores when you sign in or manage subscriptions
Collection of personal information is necessary to provide the Service. If you choose not to provide certain information, some features may be unavailable to you.
4. Purpose of Collection, Use, and Disclosure
We collect, use, and disclose your personal information for the following purposes:
- Providing the Service: Account management, authentication, location-based room discovery, displaying community content
- Community features: Publishing your reviews, photos, and room contributions; displaying ratings and comments
- AI-powered moderation: User-submitted content (photos, reviews, room details) is processed by AI (Anthropic Claude) to check for accuracy, appropriateness, and safety. AI moderation assists human review; content may be flagged for manual review
- Subscription management: Processing subscriptions, verifying purchase status, managing billing through RevenueCat and app stores
- Analytics and improvement: Understanding how the Service is used, identifying issues, and improving features
- Communication: Responding to enquiries, sending service-related notifications (e.g., submission status updates)
- Legal obligations: Complying with applicable laws, regulations, and legal processes
- Safety and security: Detecting and preventing fraud, abuse, and security threats
We will not use or disclose your personal information for direct marketing without your express consent. You may opt out of marketing communications at any time.
5. Third-Party Disclosure
We share personal information with the following categories of third parties, only to the extent necessary for the purposes described above:
| Third Party | Purpose | Data Shared |
|---|---|---|
| Firebase / Google | Authentication, analytics, crash reporting | Email, name, device info, usage data |
| Microsoft Azure | Hosting, database, photo storage | All Service data (encrypted at rest) |
| Anthropic (Claude AI) | Content moderation | User-submitted text and photos for review |
| RevenueCat | Subscription management | User ID, purchase receipts, subscription status |
| Apple / Google | App distribution, in-app purchases | Purchase data, app usage (per platform policies) |
We do not sell your personal information to any third party. We may disclose information if required by law, court order, or to protect our rights and safety.
6. Overseas Data Transfer (APP 8)
Some of our third-party service providers are located outside Australia. Your personal information may be transferred to and processed in the following countries:
- United States: Firebase/Google (authentication, analytics), Anthropic (AI moderation), RevenueCat (subscriptions)
- Australia: Microsoft Azure (primary hosting and database)
Before disclosing personal information overseas, we take reasonable steps to ensure that overseas recipients handle your information in accordance with the APPs. Our contracts with these providers include data protection obligations consistent with Australian privacy law. We remain accountable for any overseas disclosure under APP 8.
7. Data Storage and Security (APP 11)
We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, and disclosure:
- All data is encrypted in transit using TLS 1.2+
- Data at rest is encrypted using Azure’s built-in encryption
- Authentication is managed by Firebase Auth with industry-standard security
- Photos are stored in Azure Blob Storage with access-controlled presigned URLs
- Access to personal information is restricted to authorised personnel only
- We regularly review and update our security practices
While we take all reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
8. Data Retention and Deletion
We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:
- Account data: Retained while your account is active
- User-generated content: Retained while your account is active; may be anonymised and retained in aggregate form after account deletion
- Usage and analytics data: Retained for up to 24 months, then aggregated or deleted
- Server logs: Retained for up to 90 days
You may request deletion of your account and personal information at any time by:
- Using the account deletion feature within the app (Settings > Delete Account)
- Visiting our account deletion page at [account deletion URL]
- Emailing us at contact@parentroomfinder.com
We will process deletion requests within 30 days. Some information may be retained where required by law or for legitimate purposes (e.g., fraud prevention).
9. Access and Correction (APP 12 & APP 13)
Under the APPs, you have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate, incomplete, or out-of-date information
You can update your profile information directly in the app. For other access or correction requests, contact us using the details in Section 16. We will respond within 30 days of receiving your request. If we refuse a request, we will provide written reasons.
10. Anonymity and Pseudonymity (APP 2)
Where practicable, you may use the Service without identifying yourself. However, account registration (requiring a name and email) is necessary to access core features such as viewing room details, submitting content, and managing favourites. This is because we need to verify users to maintain the quality and safety of community-contributed content.
11. Children’s Privacy
Parent Room Finder is designed for parents and caregivers, not for use by children. We do not knowingly collect personal information from anyone under the age of 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.
If you believe a child under 16 has provided us with personal information, please contact us immediately.
12. Cookies and Tracking Technologies
The Parent Room Finder app and website use minimal tracking:
- Firebase Analytics: Collects anonymised usage data to help us understand how the app is used and identify issues
- No advertising trackers: We do not use any advertising SDKs or tracking pixels
- Essential cookies only: Our website uses only essential cookies for basic functionality (e.g., session management)
You can opt out of analytics collection through your device settings or by contacting us.
13. Direct Marketing (APP 7)
We will not send you direct marketing communications unless you have given express consent. If you do opt in, you can withdraw consent at any time by:
- Using the unsubscribe link in any marketing email
- Adjusting your notification preferences in the app
- Contacting us directly
We will action opt-out requests within 5 business days, in accordance with the Spam Act 2003 (Cth).
14. Notifiable Data Breaches
In the event of an eligible data breach that is likely to result in serious harm to affected individuals, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable, in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act.
15. Complaints
If you believe we have breached the APPs or mishandled your personal information, you may lodge a complaint with us:
- Contact our privacy officer using the details in Section 16
- We will acknowledge your complaint within 7 days and investigate promptly
- We aim to resolve complaints within 30 days
If you are unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner:
- Website: www.oaic.gov.au
- Phone: 1300 363 992
- Email: enquiries@oaic.gov.au
16. Changes to This Policy
We may update this Privacy Policy from time to time. For material changes, we will notify you via in-app notification or email at least 14 days before the changes take effect. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
We encourage you to review this policy periodically.
17. Contact Us
If you have any questions about this Privacy Policy or wish to make an access, correction, or deletion request, please contact us:
- Entity: [Your Entity Name] (ABN [ABN])
- Privacy Officer Email: contact@parentroomfinder.com
- Address: [Your Address], Queensland, Australia