Consumer App Privacy Policy

Introduction & Summary

Nyburbs is committed to protecting your privacy. This Privacy Policy explains how ANSOW PENDURTHI PTY LTD (ABN 64 690 470 805) trading as Nyburbs ("Nyburbs", "we", "us", or "our") collects, uses, holds, and discloses personal information when you use the Nyburbs Consumer App ("App") and the related services we provide through it ("Platform").

This Privacy Policy is issued in compliance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Spam Act 2003 (Cth), the Notifiable Data Breaches (NDB) scheme, and all other applicable Australian privacy laws.

By using the App, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please stop using the App and contact us to request deletion of any information already provided.

This table is a plain-language summary only. The full policy below governs your rights and our obligations.

1. Scope of this Privacy Policy

1.1 This Privacy Policy applies to personal information collected through the Nyburbs Consumer App, related waitlist or onboarding flows, customer support interactions, and any other service operated by Nyburbs that links to this Privacy Policy.

1.2 This Privacy Policy does not apply to third-party websites or services that may be linked from the App. Those services have their own privacy policies, and you should review them before providing personal information.

1.3 Nyburbs is a technology intermediary platform. We connect consumers with local independent service providers. Where Providers independently collect personal information from you, those Providers are separately responsible for compliance with applicable privacy laws.

2. Personal Information We Collect

We keep the information we collect to the minimum necessary to operate the App safely and effectively. For Consumer App users, this means:

• Email address: used to create and identify your account, and to send you transactional and permitted marketing communications.
• Mobile phone number: used as an alternative login credential and for account verification (e.g. one-time passcodes).
• Service addresses: suburb, postcode, or street address you choose to save in the App to help us match you with nearby service providers. You control when these are added, updated, or removed.
• Account credentials: your login session tokens (we never store your password in plain text; it is hashed and salted).
• Communication and notification preferences: your opt-in and opt-out choices for marketing and notifications.
• Booking and transaction history: records of bookings and completed transactions facilitated through the Platform (when the marketplace is active).
• Customer support content: any information you provide when contacting our support team.

3. Account Creation and the One-to-One Linking Rule

3.1 To create a Nyburbs Consumer account, you must provide both a valid email address and a valid mobile phone number. These are linked together to form a single account identity.

3.2 One email address may only be linked to one mobile phone number, and one mobile phone number may only be linked to one email address. You cannot create multiple accounts using different combinations of the same email or phone number.

3.3 Once your account is created, you may log in using either your email address or your mobile phone number. A one-time verification code may be sent to the method you choose.

3.4 If you need to update your email address or phone number, please do so through your account settings or by contacting support@nyburbs.com.au. Linking a new email or phone to your account will unlink the previous one.

4. Service Addresses

4.1 The App allows you to save one or more service addresses, which are the locations where you want services to be delivered (for example, your home address or a rental property).

4.2 Addresses are used solely to match you with service providers who operate in your area, to display relevant providers and pricing, and to facilitate bookings once the marketplace is active.

4.3 You are in full control of your saved addresses. You can add, edit, or delete them at any time through your account settings. If you delete an address, it will be removed from your active profile immediately, subject to any retention obligations in Section 9.

4.4 Your precise address is not disclosed to a Provider until a booking is confirmed. Prior to confirmation, only your suburb or general service area is shared for matching purposes.

5. Why We Collect Personal Information

We collect and use personal information only for purposes that are reasonably necessary for our functions and activities (APP 3.3). Those purposes include:

• creating and managing your account on the Platform;
• verifying your identity and preventing duplicate or fraudulent accounts;
• matching you with local service providers based on your location and service needs;
• facilitating bookings, communications, and transactions between you and Providers;
• processing payments and maintaining transaction records;
• providing customer support and responding to enquiries;
• improving, personalising, and developing the App and its features;
• detecting, preventing, and responding to fraud, abuse, or unlawful activity;
• complying with our legal, regulatory, and contractual obligations; and
• sending transactional and operational communications, and marketing communications where you have provided consent or where the Spam Act 2003 (Cth) otherwise permits.

We will not use personal information for a purpose other than the primary purpose of collection unless: (a) you have consented; (b) you would reasonably expect the secondary use; or (c) an exception under the Privacy Act applies (APP 6).

6. Payments and Financial Information

6.1 All payments made through the Platform are processed by Stripe Inc. (“Stripe”), a PCI-DSS Level 1 certified payment processor. By making a payment through the App, you agree to Stripe’s terms of service (stripe.com/au/legal) and privacy policy (stripe.com/au/privacy).

6.2 Nyburbs does not store, transmit, or have access to your payment card numbers, CVV codes, or full banking credentials. Payment card details are collected and held by Stripe directly.

6.3 Where toll or linked payment credentials are stored as part of a booking or service (for example, via Linkt), those credentials are held by the relevant third-party operator, not by Nyburbs. Nyburbs retains only the transaction reference, amount, status, and timestamp needed for reconciliation and dispute resolution.

6.4 If you have questions about how Stripe handles your payment information, please review Stripe's Privacy Policy at stripe.com/au/privacy.

7. Disclosure of Personal Information

7.1 We do not sell, rent, or trade your personal information to third parties for their own commercial purposes.

7.2 We share personal information only with people and organisations who need it to help us operate the Platform. This includes providers who support our technology infrastructure, process payments, handle customer enquiries, or help us reach users through permitted marketing. It also includes professional advisers such as lawyers and accountants, government agencies or courts where required by law, and Providers on the Platform where necessary to facilitate a confirmed booking. In every case, we share only what is necessary for the specific purpose, and we require recipients to handle it appropriately under written data processing agreements.

7.3 We may disclose de-identified or aggregated data (which cannot reasonably be used to identify you) for research, analytics, or industry reporting without restriction.

8. Overseas Transfers of Personal Information

8.1 Nyburbs is an Australian business and your personal information is primarily stored and managed in Australia. From time to time, we engage third-party service providers, such as payment processors, analytics tools, and customer communication platforms, that operate in other countries. Where this occurs, your personal information may be stored or processed outside Australia.

8.2 We do not transfer your personal information overseas without first taking reasonable steps to ensure it will be protected. Before engaging any overseas provider, we assess their privacy and security practices and require written contractual protections obliging them to handle your information in a manner consistent with the Australian Privacy Principles.

8.3 Despite these safeguards, privacy laws in other countries may not offer the same level of protection as Australian law. By using the App, you acknowledge that your information may be transferred overseas on this basis.

8.4 If you have concerns about overseas transfers or would like to know more about the protections we have in place, please contact us at support@nyburbs.com.au.

9. How Long We Keep Your Information

9.1 We only keep your personal information for as long as we need it. Account information is held while your account is active and for a short period after closure to allow for disputes or requests. Records related to transactions may need to be kept for longer to meet our obligations under Australian taxation and corporations law.

9.2 Saved service addresses are retained for as long as you keep them in your account. If you delete an address, it is removed from your active profile immediately. Residual copies in backup systems are removed within 90 days as part of our regular backup cycles.

9.3 When we no longer need your information, we take reasonable steps to delete it or permanently de-identify it. We do not hold on to your information simply because it is convenient to do so.

9.4 If you request deletion of your account or information, we will action that request within 30 days. Where we are required by law to retain certain records, we will tell you what we are keeping and why, and we will not use that information for any other purpose.

10. Data Security

10.1 We implement reasonable technical and organisational measures to protect your personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. These measures include TLS/HTTPS encryption for all data in transit, encryption of sensitive data fields at rest, role-based access controls, multi-factor authentication for platform administration, and regular security assessments.

10.2 Despite these measures, no internet transmission or storage system is completely secure. To the maximum extent permitted by law, Nyburbs cannot guarantee absolute security of information transmitted to us. You are responsible for maintaining the security of your own account credentials and devices.

10.3 In the event of an eligible data breach under the Privacy Act, Nyburbs will contain and assess the breach, notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable and no later than 30 days after becoming aware, and notify all affected individuals whose information is at risk of serious harm.

11. Marketing Communications

11.1 We may send you marketing communications about new features, Platform launches, and promotions. We will only send commercial electronic messages with your consent, or where a recognised exemption under the Spam Act 2003 (Cth) applies (such as an existing business relationship).

11.2 You can opt out at any time by clicking the unsubscribe link in any email, adjusting your notification preferences in the App, or contacting us at support@nyburbs.com.au. We will process opt-out requests within 5 business days.

11.3 Opting out of marketing does not affect transactional or operational communications that are necessary for Platform functionality, security alerts, or legal notices.

12. Your Privacy Rights

Under the Privacy Act and APPs, you have the following rights in relation to your personal information:

13. Children's Privacy

The App is not directed at children under 18 years of age, and we do not knowingly collect personal information from children. If a parent or guardian believes a child has provided information through the App, please contact us at support@nyburbs.com.au. Upon verification, we will delete that information promptly unless required to retain it by law.

14. Complaints and Dispute Resolution

14.1 If you believe Nyburbs has handled your personal information in breach of the APPs or this Privacy Policy, please contact us in the first instance:

14.2 We will acknowledge your complaint within 5 business days and endeavour to respond substantively within 30 days.

14.3 If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

15. Changes to this Privacy Policy

15.1 We may update this Privacy Policy from time to time to reflect changes in our practices, the App, or applicable law.

15.2 For material changes, including changes that reduce your privacy rights, expand how we use your data, or add new overseas transfer destinations, we will provide at least 14 days' prior notice by displaying a prominent notice in the App and/or sending an email to the address on your account.

15.3 Non-material or technical updates may take effect upon publication with an updated “Last Updated” date. Continued use of the App after a revised policy takes effect constitutes your acceptance of the changes.

15.4 All prior versions of this Privacy Policy are available upon request from support@nyburbs.com.au.

16. AI-Generated Content Clause

Nyburbs may use artificial intelligence (“AI”) technologies, including third-party AI services, to assist businesses and service providers in generating or improving content such as menus, food descriptions, service listings, promotional text, pricing suggestions, tags, and other business-related information.

AI-generated content is provided as a support tool only. Providers remain fully responsible for reviewing, verifying, editing, and approving all content before publishing it on the platform.

Nyburbs does not guarantee the accuracy, completeness, legality, originality, dietary suitability, allergen information, or regulatory compliance of AI-generated outputs. Providers must ensure all published information complies with applicable Australian laws, food safety regulations, council requirements, and consumer protection obligations.

By using AI-assisted features on Nyburbs, providers acknowledge and agree that:

• AI outputs may contain errors, omissions, or unintended content;
• multiple providers may access similar AI-powered features and shared underlying AI infrastructure;
• generated content should not be considered professional, legal, nutritional, or regulatory advice; and
• Nyburbs may improve and refine AI-assisted features over time.

Nyburbs reserves the right to remove or modify AI-generated content that violates platform policies, applicable laws, or community standards.