Privacy Policy

1. About This Policy

BuildChecker Pty Ltd (ABN 64 687 442 226) ("BuildChecker", "we", "us", or "our") operates the BuildChecker platform, including the website at buildchecker.com.au and the BuildChecker web application (collectively, the "Platform").

We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use the Platform. By using the Platform, you consent to the practices described in this policy.

2. Information We Collect

2.1 Information You Provide

• Account information: Name and email address when you create an account.
• Payment information: Payment details are processed securely by our third-party payment provider, Stripe. We do not store your full credit card number or CVV on our systems.
• Communications: Any information you provide when you contact us for support or feedback.

2.2 Information Collected Automatically

• Usage data: Property searches performed, reports viewed, features used, and pages visited within the Platform.
• Technical data: IP address, browser type and version, device information, operating system, access timestamps, and referring URLs.
• Property search data: Addresses searched, properties analysed, and saved favourites.
• AI interaction data: Questions submitted to the AI property advisor and analysis requests.

2.3 Information from Third Parties

We may receive technical information from our service providers, such as analytics data and error reports, to help us maintain and improve the Platform.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Providing the Platform: To operate, maintain, and deliver the features and services of the Platform, including property analysis and AI-powered recommendations.
• Processing payments: To manage subscriptions and process payments through Stripe.
• Improving the Platform: To analyse usage patterns, diagnose technical issues, and develop new features and improvements.
• Personalisation: To tailor your experience, such as displaying relevant property insights and search history.
• Communications: To send you service-related notifications, updates, and responses to your enquiries. We will only send marketing communications with your consent.
• Security: To detect, prevent, and address fraud, abuse, and security issues.
• Legal compliance: To comply with applicable laws, regulations, and legal processes.

4. How We Share Your Information

We do not sell your personal information. We may share your information with the following categories of recipients:

• Service providers: Third-party providers who assist us in operating the Platform, including:
  • Amazon Web Services (AWS) for cloud hosting, authentication, and AI processing. Your AI advisor queries are processed by third-party AI models hosted on AWS Bedrock infrastructure. AI interaction data may be used to improve the Platform but is not shared with third-party AI model providers for their own training purposes.
  • Stripe for payment processing
  • Mapbox for mapping and geospatial services
• Legal requirements: When required by law, regulation, legal process, or enforceable government request.
• Protection of rights: To protect the rights, property, or safety of BuildChecker, our users, or the public.
• Business transfers: In connection with any merger, acquisition, restructuring, or sale of assets, where your information may be transferred as part of the transaction.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Platform:

• Essential cookies: Required for authentication, session management, and core Platform functionality. These cannot be disabled.
• Analytics cookies: Used to understand how the Platform is used, identify trends, and improve performance.
• Third-party cookies: Our service providers (such as Mapbox) may set cookies for their services to function correctly.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Platform.

6. Data Storage and Security

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it:

• Your data is primarily stored on Amazon Web Services (AWS) infrastructure in the Asia Pacific (Sydney) region (ap-southeast-2).
• Data is encrypted in transit using TLS/SSL and at rest using industry-standard encryption.
• Authentication is managed through AWS Cognito with secure password hashing and session management.
• We regularly review and update our security practices.

While we take reasonable steps to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes for which it was collected:

• Account data: Retained for the duration of your account and a reasonable period after account deletion to comply with legal obligations.
• Usage and analytics data: De-identified and aggregated for analytical purposes. Identifiable usage data is retained for up to 24 months.
• Payment records: Retained as required by applicable tax, accounting, and financial reporting laws.
• Communications: Retained for as long as necessary to resolve enquiries and for record-keeping purposes.

When personal information is no longer required, we will take reasonable steps to securely destroy or de-identify it.

8. Data Breach Notification

In the event of an eligible data breach (as defined under Part IIIC of the Privacy Act 1988), we will notify affected individuals and the Office of the Australian Information Commissioner as required by the Notifiable Data Breaches scheme. We will take all reasonable steps to contain the breach, assess its impact, and notify affected parties as soon as practicable.

9. Your Rights

Under the Australian Privacy Act and the APPs, you have the following rights regarding your personal information:

• Access: You may request access to the personal information we hold about you.
• Correction: You may request that we correct any inaccurate, incomplete, or out-of-date personal information.
• Deletion: You may request that we delete your personal information, subject to any legal obligations that require us to retain it.
• Opt out of marketing: You may opt out of receiving marketing communications at any time by using the unsubscribe link in our emails or contacting us directly. Opting out of marketing will not affect service-related communications.
• Complaint: If you believe we have breached the APPs, you have the right to lodge a complaint (see Section 13 below).

To exercise any of these rights, please contact us using the details in Section 13. We will respond to your request within a reasonable timeframe, and in any event within 30 days. We may need to verify your identity before processing your request.

10. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

11. International Data Transfers

While your data is primarily stored in Australia, some of our service providers may process data in other jurisdictions:

• Stripe (payment processing) may process data in the United States.
• Mapbox (mapping services) may process data in the United States.
• AWS services may occasionally process data in other regions for redundancy and service delivery.

Where personal information is transferred overseas, we take reasonable steps to ensure that recipients comply with obligations similar to the APPs. However, you acknowledge that overseas recipients may not be subject to the Privacy Act 1988 (Cth), and you may not be able to seek redress under that Act in respect of any breach by those recipients.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes to our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, by sending you an email notification. We encourage you to review this policy periodically.

13. Contact Us and Complaints

If you have any questions about this Privacy Policy, wish to exercise your rights, or want to make a complaint about how we have handled your personal information, please contact us:

We will acknowledge your complaint within 5 business days and aim to investigate and respond within 10 business days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):