Privacy Policy

PropDecider ("we", "us", "our") is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains what information we collect, how we use it, and your rights as a user.

1. Information We Collect

We collect the following categories of personal information when you use PropDecider:

• Personal: name, email address, year of birth
• Household: marital status, number of children, caring responsibilities
• Financial: income, savings, debts, offset balances, credit card limits
• Migration and residency: visa status, years in Australia, days resident in Australia
• Property: existing and target property details, purchase price, loan information, suburb and state
• Usage: page interactions, scenario generations, report downloads
• Technical: device type, browser, IP address (via hosting provider logs)

2. Why We Collect It and How It Is Used

We collect your information to:

• Calculate personalised property purchase scenarios and recommendations
• Display relevant government grants, duty concessions and eligibility rules
• Generate AI-supported explanations, translations and property reports
• Maintain your profile and save your scenarios and reports across sessions
• Improve the accuracy and relevance of the PropDecider platform
• Comply with applicable Australian laws

We do not use your personal information for direct marketing without your explicit consent.

3. Data Storage and Protection

Your data is stored in Supabase with row-level security (RLS) policies that restrict each user to their own records only. We implement the following protections:

• Encrypted HTTPS connections for all data transmission
• Secure authentication session tokens with cookie handling
• Row-level security preventing any user from accessing another user's data
• Input validation and payload-size limits on all API routes
• Append-only audit logs that cannot be deleted by users

We take reasonable technical and organisational steps to protect your information from misuse, interference, loss, unauthorised access, modification or disclosure.

4. Cookies and Tracking

• Session cookies: Used to maintain your login session. These are essential for the app to function.
• Local storage: Used to save your onboarding progress before you create an account.
• PropDecider does not use third-party advertising or tracking cookies.

5. Data Retention and Deletion

We retain your personal information for as long as your account is active and for a reasonable period thereafter for compliance and dispute resolution purposes. You may request deletion of your account and all associated data by contacting us. We will respond to deletion requests within 30 days unless retention is required by law.

6. Your Privacy Rights

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or outdated information
• Request deletion of your information (subject to legal retention obligations)
• Lodge a complaint if you believe your privacy rights have been breached

To exercise any of these rights, contact us at contact@propdecider.com.

7. Privacy Complaints

If you have a concern or complaint about how we have handled your personal information, please contact us at contact@propdecider.com. We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Contact Details

This policy was last updated on 14 June 2026.