Privacy Policy

This Privacy Policy applies to Robinson Technology Solutions Pty Ltd trading as Australian Data Removal (ACN 695 272 836) ("we", "us", "our"). We operate the website at www.ausdataremoval.com.au and provide data removal and privacy protection services to Australian individuals and organisations. We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in that Act.

We collect personal information necessary to provide our services. This may include: • Email addresses — collected when you use our free breach scan tool, unlock the privacy risk quiz results, contact us, or purchase a service • Name — collected when you make a purchase or submit an enquiry • Organisation name — collected when you submit a corporate or organisational enquiry • Payment information — processed directly by Stripe. We do not store card details on our systems • Information you provide about third parties — if you use our removal services, we collect information about your online presence to carry out the removal work We do not collect sensitive information (as defined by the Privacy Act) unless you voluntarily provide it in the course of instructing us on your removal.

We collect personal information: • Directly from you when you use our breach scan tool, complete the privacy risk assessment quiz, complete a purchase, or contact us • Automatically through analytics tools (currently Vercel Analytics) — these collect aggregated, non-identifiable usage data • Via third-party payment processors (Stripe) when you make a purchase

We use your personal information to: • Perform the service you have purchased (data removal, guide delivery, member credential issuance) • Communicate with you about your order, member status, or enquiry • Send transactional emails related to your purchase (via Resend) • Improve our services and understand how the site is used • Comply with our legal obligations Email addresses collected through the privacy risk assessment quiz are used only to unlock the on-screen results and checklist. They are not used for direct marketing. We do not use your personal information for direct marketing without your consent. We do not sell or trade your personal information to third parties.

We disclose personal information to third-party service providers only where necessary to deliver our services: • Stripe — payment processing. Stripe's privacy policy is available at stripe.com/privacy • Resend — transactional email delivery. Resend's privacy policy is available at resend.com/legal/privacy-policy • Vercel — website hosting and analytics • Have I Been Pwned (HIBP) — breach data lookup. Your email is transmitted to HIBP's API to return breach results. HIBP's privacy policy is available at haveibeenpwned.com/Privacy All third-party providers are required to handle your information in accordance with applicable privacy laws.

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access. Our website uses HTTPS, and we implement security headers including HSTS and content-type protection. Payment data is handled exclusively by Stripe, which is PCI-DSS compliant. No method of transmission over the internet is completely secure. We cannot guarantee absolute security but will notify you in accordance with our obligations if a breach occurs that is likely to result in serious harm.

Under the Privacy Act 1988 (Cth), you have the right to: • Access the personal information we hold about you • Request correction of information that is inaccurate, incomplete, or out of date • Opt out of direct marketing at any time • Complain about a breach of the Australian Privacy Principles To exercise any of these rights, contact us at hello@ausdataremoval.com.au. We will respond within 30 days.

If you believe we have handled your personal information in breach of the Privacy Act 1988 (Cth), you may: 1. Contact us directly at hello@ausdataremoval.com.au — we will acknowledge your complaint within 5 business days and aim to resolve it within 30 days 2. If not satisfied with our response, lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au

We retain personal information for as long as necessary to provide our services and meet our legal obligations. Purchase records are retained for a minimum of 7 years for taxation and accounting purposes. You may request deletion of any personal information we hold that is not required to be retained by law by contacting hello@ausdataremoval.com.au.

We may update this Privacy Policy from time to time. The current version will always be available at www.ausdataremoval.com.au/privacy. We will notify existing members of material changes by email.

Robinson Technology Solutions Pty Ltd t/a Australian Data Removal ACN 695 272 836 hello@ausdataremoval.com.au 1300 504 079