Privacy Policy

Effective: 08 September 2025

Summary: We collect the minimum data needed to operate Tai Ora and its features. We do not sell personal data. This version is tailored for Australian compliance (WA launch).

1. Compliance
2. Data breaches
3. Information we collect
4. How we use information
5. Sharing & disclosure
6. Retention & security
7. Your rights
8. Governing law

1. Compliance

We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where applicable, we also follow equivalent requirements in other regions (e.g., NZ Privacy Act 2020, EU GDPR).

2. Data breaches

If a data breach is likely to cause serious harm, we will notify affected individuals and the regulator in line with the Notifiable Data Breaches scheme (Australia).

3. Information we collect

Account & profile data (name, email, hashed password, preferences).
Wellness & app inputs (notes, routines, wellbeing reflections — only what you choose to share).
Media uploads (photos, videos, audio, timestamps, device type).
Usage & device data (logs, IP, cookies, app version).
Communications (messages, survey responses, support requests).

4. How we use information

We use data to operate and improve the Services, enable creator tools, communicate with you, conduct analytics, detect fraud/security issues, and comply with legal obligations.

5. Sharing & disclosure

We share data with service providers under contract, with brands only if you explicitly opt in, and as required by law. We may share aggregated/de-identified insights. We do not sell personal data.

6. Retention & security

We retain account data while active, and content until deleted or licence expiry. We use encryption and safeguards, but no system is 100% secure.

7. Your rights

You may access, correct, or delete your information, withdraw consent, or opt out of marketing. Complaints can be made to the OAIC in Australia.

8. Governing law

This Policy is governed by the Privacy Act 1988 (Cth) and Australian law.