Privacy Policy
Effective Date: 22 April 2026 | Version 3.0
A note before we start
We know privacy policies are not exactly a page-turner. But yours matters to us.
This policy is written in plain English because you deserve to know exactly what we collect, why we collect it, and who we share it with. The short version: we collect the minimum we need, we store it in Australia, we never sell it, and we never use it for marketing or advertising. No trackers, no ad pixels, no nonsense.
Every section has an "In plain English" summary box so you can get the gist without reading every word. If you have questions, contact us at privacy@jobmate247.com. We are real people and we will respond.
1. Who we are
Jobmate247 ("we", "us", or "our") is an Australian business that provides a cloud-based job management platform for Australian Tradies.
The Service is designed exclusively for Australian trade businesses. A valid Australian Business Number (ABN) is required before subscribing to a paid plan. If you are outside Australia, this Service is not designed for you.
Privacy contact: privacy@jobmate247.com
General support: support@jobmate247.com
Website: https://jobmate247.com
2. How this policy applies
This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with the Jobmate247 platform, website, and related services (the "Service").
We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Although we may currently qualify for the small-business exemption under sections 6C and 6D of the Privacy Act, we choose to operate to the full standard of the Australian Privacy Principles because we believe your privacy deserves it.
This policy forms part of our Terms and Conditions.
3. What do we collect?
3.1 Information you give us
- Account information: your name, business name, ABN, email address, phone number, and business address when you sign up
- Business settings: bank details for invoices (account name, BSB, account number), logo, licence details, payment terms preferences
- Customer data you enter: your customers' names, business names, email addresses, phone numbers, and addresses
- Job and financial data: job details, estimates, invoices, line items, payment records, schedules, and notes
- Job photos: images and PDF files you upload to job records
- Feedback: ratings, comments, and suggestions you choose to submit through the feedback system
3.2 Information collected automatically
- Device and usage data: IP address, browser type, device type, operating system, pages visited, and session duration
- Authentication data: login timestamps, session tokens (stored in cookies, not localStorage)
- Error data: error messages, stack traces, and diagnostic information (PII scrubbed before storage)
We do not use tracking cookies, marketing pixels, or behavioural advertising tools. See Section 12 for our full cookie disclosure.
3.3 Information we do not collect
- We do not collect tax file numbers (TFNs)
- We do not store your full credit card or debit card numbers (Stripe handles all payment processing)
- We do not collect health information, criminal records, or other sensitive information (though you may incidentally upload photos containing such information)
- We do not use tracking or marketing cookies
4. Why do we collect it?
- To provide the Service: creating and managing your account, generating estimates, invoices, and job records, sending transactional emails (invoice delivery, estimate sharing), exporting data to accounting packages
- To process payments: managing your subscription billing through Stripe
- To improve the Service: using aggregated, de-identified usage data to understand how features are used and where we can improve
- To provide support: responding to support requests you initiate
- To comply with the law: meeting our obligations under Australian tax law, the Privacy Act, and other applicable legislation
- To protect security: detecting and preventing fraud, unauthorised access, and other security incidents
5. Who do we share it with?
We disclose personal information to the following third-party service providers. Each provider is contractually required to handle your information consistently with the Australian Privacy Principles and to use it only for the purpose of providing their service to us.
| Provider | Purpose | Data location | Country |
|---|---|---|---|
| Supabase | Database, authentication | Sydney, Australia | United States (parent entity) |
| Stripe | Payment processing | United States / Australia | United States |
| Resend | Transactional email | United States / Asia-Pacific | United States |
| Vercel | Application hosting, CDN | Global edge network | United States |
| Sentry | Error monitoring (PII scrubbed) | European Union | United States |
| Cloudflare | DNS, email forwarding | United States / Australia | United States |
| GoDaddy | Domain registration, DNS | United States / Australia | United States |
If we introduce AI-powered features in the future, we will add the relevant AI provider to this table and update this policy with at least 30 days' notice before any data is sent to that provider.
We will update this table if we add or change providers, and will notify you of material changes.
We may also disclose personal information if required by Australian law, a court order, or a regulatory body such as the Australian Taxation Office or the OAIC.
We do not and will never sell your personal information to anyone.
6. Cross-border disclosure
Your primary data is stored in Sydney, Australia on Supabase infrastructure (ap-southeast-2 region).
Some of our service providers are located in the United States (see the table in Section 5). When your personal information is disclosed to an overseas recipient, we ensure the following under Australian Privacy Principle 8:
- We have contractual arrangements requiring each overseas provider to handle personal information consistently with the Australian Privacy Principles
- We remain accountable under section 16C of the Privacy Act for any breach of the APPs by an overseas recipient
- We take reasonable steps to ensure overseas providers do not breach the APPs
The countries to which personal information may be disclosed are: Australia (primary storage) and the United States (sub-processors listed in Section 5).
7. How long do we keep your data?
| Data type | Retention period | Notes |
|---|---|---|
| Account and business data | Duration of subscription + 90 days | Permanently deleted after 90-day grace period |
| Financial records (invoices, estimates, payments) | 7 years from creation | ATO tax record-keeping requirements |
| Job photos and uploaded files | Duration of subscription + 90 days | Permanently deleted after 90-day grace period |
| Error logs and diagnostic data | 30 days | Automatically purged; PII scrubbed before storage |
| Payment card details | Not stored by us | Handled entirely by Stripe |
| Deleted account backups | 60 days from deletion request | Permanently deleted after 60 days |
You can request deletion of your data at any time by contacting privacy@jobmate247.com. We will delete your data within 60 days, except where we are legally required to retain it. We will confirm deletion in writing.
8. How do we protect your data?
- Encryption: all data is encrypted in transit (TLS/HTTPS) and at rest in the database
- Authentication: cookie-based authentication via Supabase Auth; we never use localStorage for auth tokens
- Access controls: row-level security (RLS) on every database table ensures you can only access your own data
- PII scrubbing: personal information is scrubbed from error logs before they are sent to our error monitoring provider
- Infrastructure: hosted on Vercel (application) and Supabase (database) with their enterprise-grade security controls
No system is perfectly secure. If you become aware of any security issue, please contact us immediately at security@jobmate247.com.
9. Your rights
9.1 Access (APP 12)
You can access your personal information at any time through the Service. If you need a copy of specific information we hold about you, contact us at privacy@jobmate247.com and we will respond within 30 days.
9.2 Correction (APP 13)
You can correct your personal information at any time through the Service (account settings, customer records, job details). If you believe we hold incorrect information that you cannot correct yourself, contact us and we will correct it within 30 days.
9.3 Data portability
You can export your data at any time in CSV format through the Service. This is available during your subscription, during your trial, and for 30 days after cancellation (read-only access). Your ability to export data is never contingent on payment.
9.4 Deletion
You can request deletion of your account and data at any time by contacting privacy@jobmate247.com. We will delete your data within 60 days, except where we are legally required to retain it (see Section 7). We will confirm deletion in writing.
9.5 Opt-out of AI features
If and when AI features are introduced, you will be able to disable them at any time in your account settings. When disabled, no data will be sent to any AI provider.
10. Complaints
If you believe we have breached the Australian Privacy Principles or mishandled your personal information, please contact us:
Email: privacy@jobmate247.com
We will acknowledge your complaint within 5 business days and respond with a resolution within 30 days.
If you are not satisfied with our response, you can escalate your complaint to the Office of the Australian Information Commissioner (OAIC):
- Online: https://www.oaic.gov.au/privacy/privacy-complaints
- Phone: 1300 363 992
- Post: GPO Box 5218, Sydney NSW 2001
11. Data breaches
We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth).
If we become aware of a data breach that is likely to result in serious harm to you, we will:
- Notify you as soon as practicable, and in any event within 30 days of becoming aware of the breach
- Notify the OAIC as required by law
- Provide you with details of the breach, the types of information involved, and the steps we are taking to address it
- Provide recommendations for steps you can take to protect yourself
12. Cookies and tracking
Jobmate247 uses only the following cookies:
- Authentication cookies: session cookies set by Supabase Auth to keep you securely logged in. These are essential for the Service to work and cannot be disabled.
- Preference cookies: small cookies that remember your display preferences (such as dashboard column order). These are functional and do not track you.
We do not use:
- Google Analytics or any third-party analytics cookies
- Marketing or advertising cookies or pixels
- Social media tracking scripts
- Cross-site tracking of any kind
Because we only use essential and functional cookies, no cookie consent banner is required. If we ever add optional cookies in the future, we will update this policy, give you 30 days' notice, and provide a consent mechanism before any optional cookies are set.
13. Artificial intelligence and privacy
The Service may in future incorporate artificial intelligence features provided by third-party AI services to assist with tasks such as estimate generation and scheduling suggestions.
Before launching any AI features, we will:
- Update this Privacy Policy and our Terms and Conditions with at least 30 days' notice
- Add the AI provider to the sub-processor table in Section 5 with their data location and country
- Ensure the AI provider is contractually prohibited from using your data for training purposes
- Ensure the AI provider is contractually prohibited from retaining your data beyond the processing session
- Provide you with the ability to disable AI features in your account settings
- Redact personally identifiable information where practicable before sending data for AI processing
AI outputs are generated probabilistically and may contain errors. You should always review AI-generated content before relying on it for business decisions.
In accordance with OAIC guidance on privacy and commercially available AI products, we will assess the privacy impacts of any AI features before launch.
14. Customer data you enter
When you enter your customers' personal information into the Service (names, contact details, addresses), you are the entity with the primary relationship with those individuals. You are responsible for:
- Ensuring you have the right to provide their information to us
- Complying with your own privacy obligations when collecting and handling their data
- Responding to any access or correction requests from your customers about their data
We process your customers' data only as necessary to provide the Service to you. We do not contact your customers directly except to deliver documents you have sent through the Service (such as emailed invoices or estimate links).
15. Children's privacy
The Service is designed for use by adults running trade businesses. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will delete it promptly.
16. Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email at least 30 days before they take effect.
If a change materially affects how we handle your information, you may cancel your subscription before the change takes effect.
We will keep previous versions of this policy available on our website for reference.
17. Contact us
For privacy-related enquiries:
Privacy contact: privacy@jobmate247.com
For general support:
Email: support@jobmate247.com
Website: https://jobmate247.com
To escalate a privacy complaint:
OAIC: https://www.oaic.gov.au/privacy/privacy-complaints
Phone: 1300 363 992
A final word
We hope this policy has given you confidence that your information is in safe hands. We built Jobmate247 for Tradies who want to spend less time on paperwork and more time doing what they do best.
Your trust means everything to us. We will always be transparent about how we handle your data, and we will always give you control over it. No surprises, no tricks, just a fair go.
This Privacy Policy was last updated on 22 April 2026.