Privacy Policy

1. Introduction

YourBusinessPal (ABN: 69 859 401 080) ("Company", "we", "us", or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our YourBusinessPal service ("Service").

This Privacy Policy complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and the General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

2.1 Information You Provide

We collect information you directly provide to us, including:

• Account Information: Name, email address, phone number, business name
• Business Data: Client information, job details, asset records, staff data, timesheets, expense records
• Payment Information: Processed securely by Stripe (we do not store credit card details)
• Communications: Support requests, feedback, and other communications with us
• Documents: Files and documents you upload to the Service

2.2 Information We Automatically Collect

• Usage Data: How you interact with the Service, features used, time spent
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Server logs, error reports, performance data
• Location Data: General geographic location based on IP address (with consent)

2.3 Cookies and Similar Technologies

We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage patterns, and improve the Service. You can control cookie preferences through your browser settings.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process your account registration and manage your subscription
• Store and organize your business data as per your instructions
• Send service-related communications and notifications
• Provide customer support and respond to your inquiries
• Analyze usage patterns to improve the Service
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations and enforce our Terms of Service
• Send marketing communications (with your consent, where required)

4. Legal Bases for Processing (GDPR)

For users in the European Union, we process personal data under the following legal bases:

• Contract Performance: To fulfill our contractual obligations to provide the Service
• Legitimate Interests: To improve the Service, ensure security, and conduct business operations
• Legal Compliance: To comply with applicable laws and regulations
• Consent: For marketing communications and certain data processing activities

5. How We Share Your Information

We may share your information in the following circumstances:

5.1 Service Providers

We work with third-party service providers who assist us in operating the Service:

• Cloud Hosting: Amazon Web Services (AWS) for data storage and hosting
• Payment Processing: Stripe for secure payment processing
• Email Services: For sending service notifications and communications
• Analytics: For understanding Service usage and performance

5.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

5.3 Legal Requirements

We may disclose your information if required by law or to:

• Comply with legal processes or government requests
• Protect our rights, property, or safety, or that of others
• Investigate and prevent fraud or security issues
• Enforce our Terms of Service

5.4 With Your Consent

We may share your information for other purposes with your explicit consent.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption: Data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Limited access to personal data on a need-to-know basis
• Regular Audits: Security practices and systems are regularly reviewed and updated
• Employee Training: Staff are trained on data protection and privacy requirements
• Incident Response: Procedures in place to respond to security breaches

7. Data Retention

We retain your information for as long as necessary to:

• Provide the Service and fulfill our contractual obligations
• Comply with legal retention requirements
• Resolve disputes and enforce our agreements

When you terminate your account, we will retain your data for 30 days to allow for account restoration, after which it will be permanently deleted unless we are required to retain it for legal purposes.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

8.1 Australian Privacy Rights

• Access: Request access to your personal information
• Correction: Request correction of inaccurate or incomplete information
• Complaints: Lodge complaints about privacy breaches

8.2 GDPR Rights (EU Users)

• Access: Obtain a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Limit the processing of your data
• Objection: Object to certain types of processing
• Withdraw Consent: Withdraw consent where processing is based on consent

8.3 Exercising Your Rights

To exercise these rights, contact us at admin@yourbusinesspal.com.au. We will respond to your request within the timeframes required by applicable law.

9. International Data Transfers

Your data may be processed in Australia and other countries where we or our service providers operate. When transferring data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with applicable privacy laws.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.

11. Marketing Communications

We may send you marketing communications about our services if you have consented or where permitted by law. You can opt out of marketing communications at any time by:

• Clicking the unsubscribe link in emails
• Updating your preferences in your account settings
• Contacting us at admin@yourbusinesspal.com.au

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of the Service after such changes constitutes your acceptance of the updated Privacy Policy.

13. Complaints and Disputes

13.1 Internal Complaints

If you have concerns about how we handle your personal information, please contact us at admin@yourbusinesspal.com.au. We will investigate and respond to your complaint within a reasonable timeframe.

13.2 External Complaints

If you are not satisfied with our response, you may lodge a complaint with:

• Australia: Office of the Australian Information Commissioner (OAIC) - www.oaic.gov.au
• EU: Your local data protection authority

14. Contact Information