Privacy Policy

1. Commitment to Privacy

BillMate ("we", "us", or "our") is committed to protecting the privacy and security of your personal and business information. This Privacy Policy outlines how we collect, use, and handle your data in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Information We Collect

To provide our invoicing and accounting services, we collect:

• Personal Information: Name, email address, and contact details.
• Business Information: Business name, ABN, address, and logo.
• Financial Data: Transaction details, expense receipts, and customer information.
• Usage Data: IP addresses, browser types, and interaction logs with our platform.

3. Purpose of Collection

We collect and use your information primarily to:

• Provide and maintain the BillMate platform.
• Verify ABNs and ensure your invoices comply with ATO standards.
• Facilitate customer support and technical assistance.
• Process payments and manage your subscription.
• Improve our services through anonymized data analysis.

4. Data Ownership & Sharing

You own your data. We do not sell your personal or business information to third parties. We only share information with third-party providers necessary for service delivery, such as:

• Stripe: For secure payment processing.
• Supabase: For data storage and authentication.
• Resend: For sending invoices and system notifications.

We may disclose information if required by law or to protect our legal rights, in accordance with the APPs.

5. Data Security & Storage

We utilize industry-leading security practices to safeguard your data. This includes:

• SSL encryption for all data in transit.
• AES-256 encryption for data at rest.
• Data storage on secure servers (infrastructure provided by Supabase/AWS). Note that data may be stored on servers located outside of Australia, such as Singapore or the United States, following standard global practice for SaaS providers.

6. Account Activity Data and Automated Processing

Activity Monitoring: We automatically monitor account activity to maintain platform quality and manage system resources. This includes tracking the creation of invoices, customers, and other business records.

Automated Decision-Making: We use automated processes to identify inactive Free plan accounts (no activity for 30 days) and initiate the deactivation workflow. This includes automated email notifications and account status changes.

Notification Emails: When your account is identified as inactive, we will send automated emails to your registered email address regarding:

• Inactivity warnings (30 days of no activity)
• Account deactivation notices (37 days of no activity)

Data Retention for Inactive Accounts: Data associated with deactivated accounts is retained for a reasonable period before permanent deletion. During this period, account reactivation may be possible.

New Signup Notifications: When you create a new account, our system administrators receive a notification containing your business name, email address, and registration details for account management and support purposes.

7. Retention & Deletion

We retain your information as long as your account is active. If your account is cancelled or falls into arrears (beyond 28 days), your data may be permanently deleted.

You may request deletion of your personal data at any time by contacting us, subject to any legal or regulatory record-keeping requirements (e.g., for tax compliance).

8. Your Rights (APPs)

Under the APPs, you have the right to access and correct the personal information we hold about you. You may also lodge a complaint if you believe we have breached your privacy rights.

9. Contact Us

For any privacy-related inquiries, please contact our Privacy Officer at support@jinstechstudio.com.au.