Privacy Policy | Aussie Car Check

This Privacy Policy explains how Aussie Car Check Pty Ltd (ABN 12 345 678 901) (“Aussie Car Check”, “we”, “our”, “us”) collects, uses, stores, and discloses your personal information when you use the website at aussiecarcheck.com.au and the related vehicle history report service (the “Service”). We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Contents

Information we collect
How we use information
When we share information
Payments and card data
Cookies and analytics
How long we keep data
Security
Your rights
Children
Changes to this policy
How to contact us

1. Information we collect

To deliver a vehicle history report and run the Service we collect the minimum information needed:

Search inputs — vehicle registration number (rego), state of registration, and (where applicable) Vehicle Identification Number (VIN).
Contact details — the email address you provide so we can deliver your report and receipt.
Billing information — name, billing address, and country, collected by Stripe on our behalf for tax/receipt purposes. We do not see or store your card number.
Communications — if you email us or use a contact form, the message and any attachments you send.
Technical information — IP address, browser type, device type, referring URL, and pages visited, used to operate, secure, and improve the Service.

2. How we use information

We use your information to:

Generate and deliver the vehicle history report you ordered;
Process payments and provide a tax invoice;
Reply to support enquiries and resolve issues;
Detect, prevent, and respond to fraud, abuse, and security incidents;
Comply with legal obligations (e.g. tax, anti-fraud, lawful requests);
Improve the Service and develop new features in aggregate, de-identified form.

We do not sell your personal information. We do not use your data for unrelated marketing without your consent.

We share information only with parties necessary to operate the Service, and only the minimum amount needed:

Government databases — we transmit your rego/VIN and state to the Personal Property Securities Register (PPSR, administered by AFSA) and the National Exchange of Vehicle and Driver Information System (NEVDIS, administered by Austroads) to retrieve your report.
Stripe — for payment processing (PCI-DSS Level 1).
Supabase — our database provider, which stores generated reports so you can re-download them via your unique secure link.
Email provider — to deliver your report email and receipt.
Law enforcement and regulators — only when required by Australian law or in response to a valid legal process.

Where any of these providers store data outside Australia, we take reasonable steps to ensure they meet equivalent privacy and security standards.

4. Payments and card data

We do not collect, transmit, or store credit card details. All card information is collected directly by Stripe, our payment processor, in their secure environment. Stripe is certified to PCI-DSS Level 1 — the highest payment-security standard. Refer to Stripe’s privacy policy for further detail.

5. Cookies and analytics

We use a small number of cookies and similar technologies:

Strictly necessary cookies — for security, fraud prevention, and to remember your session during checkout.
Analytics — aggregate page-view statistics (e.g. which pages are most popular). We use privacy-respecting analytics that do not build cross-site profiles.

You can disable cookies in your browser settings. Doing so may affect parts of the Service (e.g. the checkout flow).

6. How long we keep data

Reports — retained for 12 months from generation so you can re-download them, then deleted.
Email correspondence — retained for up to 24 months for support quality and dispute resolution.
Billing records — retained for 7 years to meet Australian taxation requirements.
Server logs — retained for up to 90 days for security and abuse-monitoring purposes.

7. Security

We protect your information using industry-standard measures: TLS encryption in transit, encryption at rest in our database, access controls and audit logs, principle-of-least-privilege for staff, and continuous security monitoring. No system is perfectly secure; if a data breach occurs we will notify affected users and the Office of the Australian Information Commissioner in accordance with the Notifiable Data Breaches scheme.

8. Your rights

Under the Australian Privacy Principles you have the right to:

Request access to the personal information we hold about you;
Request correction of any information that is inaccurate, out of date, or incomplete;
Request deletion of your information (subject to legal record-keeping requirements);
Withdraw consent for any optional uses (e.g. unsubscribe from our newsletter);
Lodge a complaint with us, or with the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your information.

Email privacy@aussiecarcheck.com.au to exercise any of these rights. We aim to respond within 30 days.

9. Children

The Service is not intended for use by children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently done so, contact us and we will delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date at the top of the page and, for material changes, notify you via email or a prominent notice on the website at least 14 days before the change takes effect.

11. How to contact us

Aussie Car Check Pty Ltd
Privacy Officer — privacy@aussiecarcheck.com.au
Level 1, 350 Queen Street, Brisbane CBD, QLD 4000, Australia
ABN 12 345 678 901