Privacy Policy

Effective date: 1 January 2026

Newframe Group Pty Ltd ("we", "us", "our") operates ApprovalPath. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service.

We are committed to complying with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

1. Information We Collect

Information you provide

• Account details: name, email address, business name, ABN, phone number
• Payment information: processed securely via Stripe — we do not store card numbers
• Assessment data: property addresses, project descriptions, and answers to assessment questions
• Communications: emails, support requests, and feedback

Information collected automatically

• Usage data: pages visited, features used, session duration
• Device information: browser type, operating system, IP address
• Cookies: we use essential cookies for authentication and optional analytics cookies

2. How We Use Your Information

We use your information to:

• Provide and improve the Service
• Process subscriptions and payments
• Generate council approval assessment reports
• Send transactional emails (receipts, account updates)
• Respond to support requests
• Analyse usage patterns to improve the product
• Comply with legal obligations

3. AI and Data Processing

Assessment reports are generated using artificial intelligence. When you run an assessment:

• Your inputs (address, project details) are processed by our AI models
• We may use anonymised and aggregated data to improve model accuracy
• We do not sell your personal data or assessment inputs to third parties
• See our Responsible Use of AI policy for more detail

4. Sharing Your Information

We only share your information with:

• Payment processors (Stripe) to handle billing
• Cloud infrastructure providers (Vercel, Neon) to host and operate the Service
• AI model providers for assessment generation, under strict data processing agreements
• Legal authorities if required by law or to protect our rights

We do not sell your personal information.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you close your account, we will delete your personal data within 90 days, except where retention is required by law.

6. Data Security

We implement industry-standard security measures including:

• Encryption in transit (TLS) and at rest
• Secure authentication via OAuth 2.0
• Regular security audits and vulnerability assessments
• Access controls limiting employee access to personal data

7. Your Rights

Under Australian privacy law, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your personal information
• Withdraw consent for optional data processing
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise these rights, email us at privacy@approvalpath.com.au.

8. Cookies

We use:

• Essential cookies for authentication and session management
• Analytics cookies (optional) to understand how the Service is used

You can manage cookie preferences in your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice.

10. Contact

For privacy-related enquiries, contact our Privacy Officer at privacy@approvalpath.com.au.