Features Pricing Login Sign Up Free

Privacy Policy

Last updated: 28 February 2026

1. Introduction

AutoFlexx ("we", "us", "our") respects your privacy and is committed to protecting personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, store, disclose, and protect your personal information when you use AutoFlexx ("the Service").

2. Information We Collect

Business Information

  • Company name and ABN
  • Business address and contact details
  • Company logo and branding
  • Bank account details for invoicing (entered by you, stored within your account)

User Information

  • Full name and email address
  • Phone number (optional)
  • Username and encrypted password
  • Role and permissions within the Service
  • Login timestamps and IP addresses
  • Two-factor authentication preferences

Customer Information (entered by users)

  • Customer name or company name
  • Email address and phone number
  • Physical address
  • Vehicle information (make, model, year, registration, VIN)
  • Service history and payment history
  • SMS opt-in/opt-out preferences

Job and Operational Data

  • Job descriptions, parts, and labour records
  • Vehicle inspection and defect notes
  • Uploaded photos
  • Time tracking and timesheet data
  • Quotes, invoices, and payment records
  • Audit logs

Financial Data

  • Invoice amounts and payment status
  • Stripe payment references

AutoFlexx does not store credit card or debit card numbers. All payment card processing is handled by Stripe in accordance with PCI DSS standards.

Usage Data

  • Feature usage patterns and session duration
  • Device and browser information
  • Activity logs for security and audit purposes

3. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Process subscriptions, payments, and billing
  • Send system notifications, invoices, quotes, and reminders on your behalf
  • Maintain security, detect fraud, and prevent misuse
  • Improve features, performance, and user experience
  • Comply with legal obligations
  • Communicate important updates about the Service

4. SMS and Messaging

If you enable SMS features within the Service:

  • Phone numbers are stored securely and used solely for the purpose of message delivery
  • Message content is processed for delivery and logged for your records
  • Delivery receipts and opt-out events are recorded
  • Customers may opt out at any time by replying "STOP"
  • You are responsible for obtaining lawful consent from your customers before sending messages

5. Data Sharing and Third Parties

We share data only with essential service providers required to operate the Service:

  • Stripe — payment processing
  • Twilio — SMS delivery
  • Google Workspace / Email providers — email delivery
  • Cloud infrastructure providers — hosting, backups, and content delivery

We do not sell, rent, or trade personal information to any third party. We may disclose information if required by law, court order, or government authority.

6. Data Storage and Security

  • All data is transmitted using HTTPS/TLS encryption
  • Database access is restricted, monitored, and logged
  • Passwords are hashed using industry-standard cryptographic algorithms
  • Two-factor authentication is available for all user accounts
  • Regular automated backups are performed
  • Data is stored on secure servers hosted in Australia where possible

While we implement reasonable security safeguards, no system is completely secure. We cannot guarantee absolute security of your data, and you acknowledge this inherent risk.

7. Data Retention

  • Data is retained while your account is active and for a reasonable period thereafter
  • Deleted accounts and associated data are removed within 30 days where possible
  • Financial records (invoices, payments) may be retained for up to 7 years for tax and legal compliance as required by Australian law
  • Audit logs may be retained for security and compliance purposes

8. Your Rights

Under the Australian Privacy Principles, you have the right to:

  • Access your personal information held by us
  • Correct inaccurate or out-of-date information
  • Request deletion of your personal information, subject to legal obligations
  • Lodge a complaint if you believe your privacy has been breached

To exercise any of these rights, contact us at support@autoflexx.net.au. We will respond to all requests within 30 days.

9. Cookies and Tracking

AutoFlexx uses only essential cookies and local storage items required for the Service to function:

  • Session cookies — maintain login sessions and authentication
  • Local storage — store authentication tokens and display preferences

We do not use:

  • Advertising cookies or tracking pixels
  • Analytics cookies that track individual users
  • Cross-site tracking technologies

Disabling cookies may prevent the Service from functioning correctly.

10. Children's Privacy

The Service is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that personal information has been collected from a child, we will take steps to delete it.

11. International Data Transfers

Some of our third-party service providers may store or process data outside of Australia. Where this occurs, we take reasonable steps to ensure that the recipient handles your personal information in a manner consistent with the Australian Privacy Principles.

12. Data Breach Notification

In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or email. Continued use of the Service after changes are published constitutes acceptance of the updated policy. The "Last updated" date at the top of this page indicates when the policy was last revised.

14. Complaints

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us at support@autoflexx.net.au. We will investigate and respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

15. Contact

For privacy, data, or legal enquiries:

support@autoflexx.net.au
AutoFlexx — Australia