Privacy Policy (Last updated 22 September 2025)

What Information Do We Collect? 

We may collect your name, email address, the asset details you submit (e.g. VIN/HIN), and transaction data. We also collect limited technical data (IP address, device/browser information and server logs) for security and performance. Operational customer data is kept for up to 60 days; minimal transaction records may be kept longer where required by law (e.g., tax) or for dispute resolution and fraud prevention.  

How Do We Use Your Information? 

We use your data to: – Process your asset check- Deliver reports via SendGrid- Temporarily store the report on our server to enable branded email delivery- Process payments securely via Stripe. We also use limited technical data to operate, secure and improve the site and to provide support. We do not use your email marketing purposes. 

Third Parties We Work With 

We securely share data only with: – PPSR & NEVDIS (government data sources) – Stripe (payment processing) – SendGrid (email delivery) – Amazon Web Services (AWS) for hosting and storage – Professional advisers/IT providers under confidentiality.

Some providers may process data overseas. We take reasonable steps so overseas recipients handle personal information in accordance with the Australian Privacy Principles and we remain accountable for its protection.

Stripe stores card and personal data securely and in compliance with PCI DSS. We do not store card details. 

Cookies & Tracking 

Google Analytics 4 (GA4) and Google Tag Manager are enabled to help us measure and improve the website. GA4 may collect pages viewed, events (such as clicks), device/browser, approximate location and referrers. Where configured, IP addresses are truncated/anonymised by Google. You can control Google data collection via your Ads Settings and the Google Analytics Opt‑out Browser Add‑on. Our website uses standard WordPress cookies for performance, and our search application uses server‑side sessions. A cookie notice is displayed to customers for transparency. We also use Google Search Console and similar SEO tools to monitor site health and search performance.

Data Storage and Retention 

We store your name, email address, and the asset identifier (e.g., VIN or HIN) in our secure database for 60 days, after which both the database record and the associated PPSR report PDF are permanently deleted. Report PDFs are held in an encrypted AWS environment solely to allow redownload during this period. No backups of these records are maintained, and no audit log is kept after deletion.

You may request deletion of your data before the 60-day period. We will action such requests manually, removing all related records and PDFs.

Security 

We use trusted third-party platforms and follow appropriate security practices. Sensitive payment data is never stored on our servers. We take reasonable steps to protect personal information from misuse, interference, loss and unauthorised access. 

Data Breaches (Notifiable Data Breaches scheme)

If a data breach occurs that is likely to cause serious harm, we will notify affected individuals and lodge a notification with the OAIC in line with Australia’s Notifiable Data Breaches scheme.

International Access 

Our website is globally accessible, but our asset check services are limited to Australian assets. Overseas access does not change your rights under Australian privacy law where it applies. 

Policy Updates 

This Privacy Policy may be updated as our platform evolves. Continued use of the site after updates implies your acceptance. We will post the effective date at the top of this page. 

Complaints

If you have a privacy concern, contact us at [email protected]. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) — see: www.oaic.gov.au/privacy/privacy-complaints.

Contact Us 

Email: [email protected]