Privacy Policy
Last updated: 1 February 2026
Airpinner (ABN 49 725 755 315) ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (the "Service").
For the purposes of applicable data protection laws, Airpinner acts as the data controller of your personal information.
We comply with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth).
Where applicable, this Privacy Policy is intended to comply with the General Data Protection Regulation (EU) 2016/679 (GDPR), including its extraterritorial application under Article 3.
By using our Service, you acknowledge that we collect and use personal information as described in this Privacy Policy, subject to applicable legal bases under Australian Privacy Law and, where applicable, the GDPR.
Quick Summary
| Your photos | Processed in browser, never stored on our servers |
| Your data | Stored securely, not sold to third parties |
| Marketing | Only with your consent, easy unsubscribe |
| Your rights | Access, correct, delete your data anytime |
| Security | Industry-standard encryption and protection |
1. Information We Collect
We collect and process personal information based on one or more of the following legal grounds: contractual necessity, legal obligation, legitimate interests, or your consent, depending on the nature of the data and the purpose of processing.
1.1 Information You Provide
Account Information:
- Email address
- Password (encrypted)
- Name (optional)
Payment Information:
- Billing details (processed securely by Stripe)
- Transaction history
User Input:
- Property addresses you enter
- Custom labels and settings
1.2 Information Collected Automatically
Image Metadata: When you upload photographs, we may extract:
- GPS coordinates (location where photo was taken)
- Camera model and settings
- Date and time of capture
Usage Data:
- Features you use
- Actions performed (searches, exports)
- Credit consumption
- Error logs
Device Information:
- Browser type and version
- Operating system
- Screen resolution
- IP address (anonymised)
Where IP addresses are collected, they are truncated or anonymised using technical measures designed to prevent direct identification of individuals.
1.3 Information from Third Parties
Google Places API: When you search for POIs, we query Google's services using your photo's location data.
2. How We Use Your Information
Where applicable, we also align our data handling practices with international privacy standards such as GDPR, although our primary compliance framework is the Australian Privacy Act 1988.
Where processing is based on legitimate interests, we have balanced those interests against your rights and freedoms and determined that such processing is necessary and proportionate.
We use your information to:
- Provide and maintain the Service
- Process transactions and manage subscriptions
- Send transactional emails (receipts, account updates)
- Detect and label Points of Interest
- Improve and optimise the Service
- Respond to customer support requests
- Send marketing communications (with your consent)
- Comply with legal obligations
- Prevent fraud and abuse
3. How We Handle Your Images
Important: Your photographs are processed in your browser (client-side). This means:
✓ We DO:
- Extract GPS coordinates to find nearby POIs
- Read camera metadata for processing
- Generate thumbnail previews (cached temporarily in your browser)
✗ We DO NOT:
- Upload your full-resolution images to our servers
- Store copies of your photographs
- Access your images after you close the browser
- Share your images with third parties
- Claim any rights over your images
While we implement robust security measures, no technical system can be guaranteed to be completely secure or free from risk.
Your images and related metadata are not used for machine learning or artificial intelligence training purposes.
You retain full ownership of all photographs and exported images.
4. Data Storage and Security
4.1 Where We Store Data
Your data is stored on:
- Supabase (database and authentication) - servers in Australia/Singapore
- Vercel (application hosting) - global CDN with Australian edge locations
We may change or replace our infrastructure and service providers from time to time, provided that equivalent data protection and security standards are maintained.
4.2 Security Measures
We implement industry-standard security measures including:
- Encryption in transit (HTTPS/TLS)
- Encryption at rest for sensitive data
- Secure password hashing
- Regular security updates
- Access controls and authentication
4.3 Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 30 days |
| Transaction records | 7 years (legal requirement) |
| Usage logs | 12 months |
| Support communications | 24 months |
4.4 Data Breach Notification
In the event of a data breach likely to result in serious harm, we will notify affected users and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme under the Privacy Act 1988.
Where applicable, we will also comply with data breach notification obligations under Articles 33 and 34 of the GDPR.
5. Third-Party Services
We use the following third-party services that may collect and process your data:
| Service | Purpose |
|---|---|
| Supabase | Database, authentication |
| Google Places API | POI data |
| Stripe | Payment processing |
| Vercel | Hosting |
| Resend | Email delivery |
We carefully select third-party providers that maintain appropriate privacy and security standards.
6. Sharing Your Information
We do NOT sell your personal information.
We may share your information only in these circumstances:
- Service Providers: Third parties that help us operate the Service (listed above)
- Legal Requirements: When required by law, court order, or government request
- Safety: To protect the rights, safety, or property of Airpinner or others
- Business Transfer: In connection with a merger, acquisition, or sale of assets (you will be notified)
- With Your Consent: When you explicitly agree to share information
We may disclose personal information as part of a corporate transaction, such as a merger, acquisition, or asset sale, subject to appropriate confidentiality and data protection safeguards.
We may disclose personal information to regulatory or law enforcement authorities in foreign jurisdictions where required by applicable law.
We do not sell personal data, do not share personal data for advertising purposes, and do not use personal data for cross-app or cross-site tracking.
7. Your Rights
Under Australian Privacy Law and GDPR (if applicable), you have the right to:
7.1 Access
Request a copy of the personal information we hold about you.
7.2 Correction
Request correction of inaccurate or incomplete information.
7.3 Deletion
Request deletion of your personal information (subject to legal retention requirements).
7.4 Data Portability
Receive your data in a structured, machine-readable format.
7.5 Withdraw Consent
Withdraw consent for marketing communications at any time.
7.6 Right to Object
Where applicable under the GDPR, you have the right to object to the processing of your personal information in accordance with Article 21.
7.7 Complaint
Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached your privacy.
To exercise these rights, contact us at: hello@airpinner.com
We will respond to requests within 30 days.
8. Cookies and Tracking
8.1 Essential Cookies
We use essential cookies to:
- Maintain your login session
- Remember your preferences
- Ensure security
These cookies are necessary for the Service to function and cannot be disabled.
Where required by law, we implement consent mechanisms for non-essential cookies, including analytics cookies, for users located in the European Union and the United Kingdom.
8.2 Analytics
We may use privacy-focused analytics to understand how users interact with the Service. This data is aggregated and does not identify individuals.
We do not use cross-site behavioural advertising or third-party tracking cookies.
8.3 Managing Cookies
You can control cookies through your browser settings. Disabling cookies may affect Service functionality.
9. Marketing Communications
9.1 What We Send
With your consent, we may send:
- Product updates and new features
- Tips and tutorials
- Special offers and promotions
9.2 Opting Out
You can unsubscribe from marketing emails at any time by:
- Clicking the "unsubscribe" link in any email
- Updating your preferences in account settings
- Contacting us at hello@airpinner.com
Note: You will still receive transactional emails (receipts, account notifications) as these are necessary for the Service.
10. Children's Privacy
Our Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16.
If we discover that we have collected information from a child under 16, we will delete it immediately. If you believe we have information about a child under 16, please contact us.
Where applicable, we comply with equivalent international laws governing children's data and age-of-consent requirements.
11. International Data Transfers
Your information may be transferred to and processed in countries other than Australia, including:
- United States (Vercel, Stripe)
- Singapore (Supabase)
We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
International data transfers are safeguarded through appropriate mechanisms, including standard contractual clauses, adequacy decisions, or equivalent legal protections.
You may request further information or copies of applicable transfer safeguards by contacting us.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of changes by:
- Updating the "Last updated" date at the top
- Posting the new Privacy Policy on our website
- Sending an email notification for significant changes
Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.
Where required by applicable law, material changes to this Privacy Policy may require your explicit consent.
13. Contact Us
If required under applicable data protection laws, Airpinner will appoint a representative in the European Union. Requests relating to GDPR matters may be directed to hello@airpinner.com.
If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:
Airpinner
ABN: 49 725 755 315
Email: hello@airpinner.com
Website: https://airpinner.com
Office of the Australian Information Commissioner (OAIC)
For privacy complaints: oaic.gov.au
Phone: 1300 363 992
By using Airpinner, you acknowledge that you have read and understood this Privacy Policy.