Privacy Policy

LAST UPDATED: 15/05/2025

1. Introduction and Scope

This Privacy Policy outlines how CLYPTIS PTY LTD ("Clyptis," "we," "us," or "our") collects, uses, discloses, and protects Personal Information in connection with our websites, applications (including location-based applications), software, and other digital services (collectively, the "Services"). "Personal Information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not, as defined under the Privacy Act 1988 (Cth) (the "Privacy Act").

We are committed to protecting your privacy and handling your Personal Information in an open and transparent manner, in accordance with the Australian Privacy Principles (APPs) contained within the Privacy Act. By accessing or using any of our Services, you acknowledge that you have read, understood, and agree to our collection, use, disclosure, and protection of your Personal Information as described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use our Services.

2. Personal Information We Collect

We collect Personal Information that is reasonably necessary for, or directly related to, one or more of our functions or activities in providing the Services. The types of Personal Information we may collect include:

2.1. Information You Provide Directly

  • Account Information: When you create an account or sign in using third-party authentication providers (e.g., Apple, Google), we may receive Personal Information from these providers, such as your name or display name, email address, a unique identifier associated with your account, phone number (if provided to the third-party), and information about the provider used. We also collect account creation and last login timestamps.
  • Profile Information: Information you voluntarily provide for your user profile, such as a unique profile identifier, preferences, and any other details you choose to include.
  • User-Generated Content: Information, including any Personal Information, contained within content you create, share, or post through the Services.
  • Communications: Information you provide when you contact us for support or other inquiries.
  • Payment Information: If you make purchases through the Services, your payment details (such as credit card information) are typically collected and processed directly by our third-party payment processors (e.g., RevenueCat, which interfaces with Apple App Store and Google Play Store). We generally do not store your full payment card details but may receive transaction identifiers and summary information.

2.2. Information Collected Automatically

  • Device Information: Information about the device you use to access our Services, including device type, operating system and version, unique device identifiers (e.g., IDFA, Android Advertising ID), IP address, mobile network information, browser type, and language settings.
  • Location Data: If you use location-based features within our Services and grant us permission, we may collect precise geolocation data from your device (e.g., GPS, Wi-Fi, cellular triangulation). You can typically control or disable the collection of location data through your device or application settings. We collect location data to provide location-specific functionalities, personalize your experience, and for analytics.
  • Usage Data: Information about your interactions with our Services, such as features used, pages viewed, content accessed, search queries, frequency and duration of activities, error logs, and other engagement metrics.
  • Cookies and Similar Technologies: We and our third-party partners (e.g., for analytics and advertising) may use cookies, pixel tags, web beacons, and other tracking technologies to collect information about your browsing activity, preferences, and device. This helps us analyze trends, administer the Services, track users' movements around the Services, and gather demographic information. You can control the use of cookies at the browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Services.
  • Advertising Information: If our Services incorporate advertising, we or our third-party advertising partners (e.g., Google AdMob) may collect information related to your interaction with advertisements, such as device identifiers, IP address, ads viewed, and ad interactions, to deliver relevant advertising and measure its effectiveness.

3. How We Use Your Personal Information

We use the Personal Information we collect for the following primary purposes, which are reasonably necessary for our business functions and activities:

  • To Provide and Manage the Services: To operate, maintain, deliver, and improve our Services, including enabling features, processing transactions, authenticating users, and providing customer support.
  • To Personalise Your Experience: To tailor content, recommendations, and features within the Services based on your preferences, usage patterns, location (where permitted), and profile information.
  • For Communication: To communicate with you about your account, service-related matters (e.g., updates, security alerts, support messages), and to respond to your inquiries. Subject to your consent where required and your right to opt-out, we may also send you promotional communications about our Services or those of our partners.
  • For Security and Integrity: To monitor, detect, prevent, and respond to fraud, abuse, security risks, technical issues, and potentially illegal activities; to protect the rights, property, or safety of Clyptis, our users, or the public; and to enforce our Terms of Service and other agreements.
  • For Advertising: To display advertisements within our Services (where applicable) and to measure and improve the effectiveness of advertising campaigns, potentially in conjunction with our advertising partners.
  • For Analytics and Service Improvement: To conduct research, analyse trends and usage patterns, gather demographic information, and improve the functionality, performance, and user experience of our Services, and to develop new products and features.
  • For Legal Compliance: To comply with applicable laws, regulations, court orders, legal processes, or governmental requests; and to establish, exercise, or defend our legal rights.

4. How We Disclose Your Personal Information

We may disclose your Personal Information in the following circumstances:

  • With Service Providers: We engage trusted third-party companies and individuals to perform services on our behalf (e.g., cloud hosting, data storage, payment processing, analytics, customer support, technical infrastructure, advertising delivery). These service providers are contractually bound to handle your Personal Information in accordance with our instructions and applicable privacy laws, and only for the purposes for which it is disclosed to them.
  • With Advertising Partners: If our Services include advertising, we may share certain information (such as device identifiers, IP addresses, and ad interaction data) with advertising networks and partners to facilitate the delivery of targeted advertisements and to measure their performance. Their use of such information is governed by their own privacy policies.
  • With Account Authentication Providers: If you choose to sign in or link your account with third-party authentication services (e.g., Apple, Google), we may share necessary information with these providers to facilitate authentication and account management.
  • For Legal Reasons and Protection: We may disclose Personal Information if we believe in good faith that disclosure is necessary to: (a) comply with any applicable law, regulation, legal process, or enforceable governmental request; (b) enforce our Terms of Service or other agreements, including investigation of potential violations; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect against harm to the rights, property, or safety of Clyptis, our users, or the public as required or permitted by law.
  • In Connection with a Business Transfer: If Clyptis is involved in a merger, acquisition, asset sale, financing, reorganisation, bankruptcy, or other similar business transaction, your Personal Information may be transferred as part of that transaction. We will take reasonable steps to notify you (e.g., via a notice on our website or by email) before your Personal Information is transferred and becomes subject to a different privacy policy, and provide you with choices regarding your information where feasible.
  • With Your Consent: We may share your Personal Information with other third parties when we have your explicit consent to do so for a specified purpose.
  • Aggregated or De-identified Information: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, with third parties for various purposes, including research, analytics, industry reporting, and to improve our Services.

5. Data Security

We are committed to protecting the security of your Personal Information. We implement and maintain reasonable administrative, technical, and physical safeguards designed to protect your Personal Information from unauthorised access, use, modification, disclosure, loss, or destruction. These measures include, but are not limited to:

  • Encryption of data in transit (e.g., using HTTPS, TLS/SSL).
  • Access controls to limit access to Personal Information to authorised personnel with a legitimate need.
  • Secure data storage solutions with reputable service providers.
  • Regular review of our information collection, storage, and processing practices, including physical security measures.
  • Data minimisation practices to collect and retain only necessary Personal Information.

However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. You are also responsible for helping to protect the security of your Personal Information, such as by using strong passwords, keeping your account credentials confidential, and being cautious about the information you share. In the event of a data breach that is likely to result in serious harm, we will comply with our obligations under the Notifiable Data Breaches (NDB) scheme in Australia.

6. Data Retention

We retain your Personal Information for as long as is necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, or for as long as required or permitted by applicable law (including for the purpose of satisfying any legal, accounting, or reporting requirements). The criteria used to determine our retention periods include:

  • The length of time you have an active account with us.
  • The nature and sensitivity of the Personal Information.
  • The purposes for which we process your Personal Information.
  • Whether we can achieve those purposes through other means.
  • Applicable legal, regulatory, tax, accounting, or other requirements.

For example, account and profile information is generally retained while your account is active. If you request account deletion, we will take reasonable steps to delete or anonymise your Personal Information within a commercially reasonable timeframe (e.g., typically within 60-90 days), unless retention is required for legal or legitimate business purposes (such as resolving disputes, enforcing agreements, or complying with legal obligations). Usage data and advertising information may be retained for varying periods as necessary for analytics, service improvement, and ad measurement, often in an aggregated or de-identified form.

When Personal Information is no longer required, we will take reasonable steps to securely destroy or de-identify it.

7. Your Privacy Rights and Choices (Australia)

Under the Australian Privacy Act, you have certain rights regarding your Personal Information. We are committed to upholding these rights. You may have the right to:

  • Access Your Personal Information: Request access to the Personal Information we hold about you and receive a copy of it, subject to certain exceptions provided by law.
  • Correct Your Personal Information: Request the correction of Personal Information we hold about you if you believe it is inaccurate, out-of-date, incomplete, irrelevant, or misleading.
  • Request Deletion of Your Personal Information: You may request the deletion of your account and associated Personal Information. To do so, please contact us via our Contact Page with the subject line "Data Deletion Request," including details to identify your account. We will process such requests in accordance with applicable law, noting that we may be required to retain certain information for legal or legitimate business purposes.
  • Opt-out of Marketing Communications: You can opt-out of receiving promotional emails from us by following the "unsubscribe" instructions provided in those emails or by contacting us. Even if you opt-out, we may still send you non-promotional, service-related communications.
  • Control Cookies: Manage your cookie preferences through your browser or device settings as described in Section 2.2.
  • Lodge a Complaint: If you believe your privacy has been breached, please contact us first using the details in Section 12 to allow us to investigate and attempt to resolve your concern. If you are unsatisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

To exercise any of these rights (other than lodging a complaint directly with the OAIC), please contact us using the details provided in the "Contact Us" section below. We may need to verify your identity before processing your request. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

Do Not Track Signals: Some web browsers may transmit "Do Not Track" signals. We currently do not take action in response to these signals.

8. Third-Party Services and Links

Our Services may integrate with or contain links to services, websites, or applications operated by third parties (e.g., social media platforms, advertising networks like Google AdMob, payment processors like RevenueCat, and authentication providers like Apple and Google). This Privacy Policy does not apply to, and we are not responsible for, the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services before providing them with your Personal Information.

9. International Data Transfers

Clyptis is based in Queensland, Australia. In providing our Services, your Personal Information may be transferred to, stored, and processed in countries other than your country of residence, including Australia and other jurisdictions where our service providers may be located. These countries may have data protection laws that differ from those in your jurisdiction.

When we transfer your Personal Information internationally, we take steps to ensure that it is treated securely and in accordance with this Privacy Policy and applicable data protection laws, including APP 8 (Cross-border disclosure of personal information). This may include relying on contractual safeguards with third-party service providers or ensuring the recipient is subject to laws or binding schemes that offer comparable protection. By using our Services and providing us with your Personal Information, you consent to such international transfers, storage, and processing.

10. Children's Privacy

Our Services are not directed to or intended for use by individuals under the age of eighteen (18). We do not knowingly collect Personal Information from children under 18. If we become aware that we have inadvertently collected Personal Information from a child under 18 without verifiable parental consent, we will take reasonable steps to delete such information promptly. If you are a parent or guardian and believe that your child under 18 has provided us with Personal Information, please contact us via our Contact Page.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal or regulatory obligations, or the features of our Services. If we make material changes, we will notify you by posting the updated Privacy Policy on our website, updating the "LAST UPDATED" date at the top of this policy, and/or through other appropriate communication channels (such as in-app notification or email if we have your contact details). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your Personal Information. Your continued use of our Services after any changes to this Privacy Policy become effective will constitute your acknowledgment and acceptance of the revised policy.

12. Contact Us

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our handling of your Personal Information, please contact CLYPTIS PTY LTD via our Contact Page.

Our principal place of business is in Queensland, Australia.