Privacy Policy
This is the Privacy Policy of CostApple, (“CostApple”, “we”, “us”, “our”). This Privacy Policy sets out how we collect, use, and protect your personal information when you interact with our website which can be found at https://costapple.com (“Website”), social media platforms (“Social Media Platforms”) and when you interact with our platform (“Platform”). Please read this policy carefully to understand how we handle your information.
Overview
We respect your right to privacy and are committed to safeguarding the privacy and data security of our customers and website visitors. We adhere to the Australian Privacy Principles (APPs) contained in the Privacy Act1988 (Cth), and where required by law, the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act. By accessing or using our Site or our Services, you agree to our use of your information in accordance with this Privacy Policy. We encourage you to read through and contact us if you have any questions.
What kind of information do we collect?
Personal Information
Where necessary, we collect information from you that enables you to be identified as an individual, such as your name, email address, phone number or payment details, or identifiable as a household, such as your address. This kind of information is defined in the GDPR as personal data and in the CCPA and in the APPs as personal information. The terms “personal data” and “personal information” are used interchangeably throughout this privacy policy. Generally, the type of personal data we collect is the information that we need to enable you to use our Site, Platforms and access our Services. To minimise the impact on your privacy, we will never knowingly collect more personal data than is strictly necessary to perform the activities described in this privacy policy.
User Account Information
When you sign up for an account on our platform, we collect certain personal information to create and manage your accounts. This may include:
· Name
· Email address
· Phone number
· Password for account access
Users are required to provide a valid email address to create an account on our Platform. We use email addresses to send important account-related notifications, such as account verification emails, password reset instructions, and service updates.
We may request users’ phone numbers to enhance account security and facilitate communication between users. Phone numbers may be used for account verification purposes and to enable features such as two-factor authentication for enhanced account protection.
To ensure account security, users are required to create a password when signing up for an account. Passwords are encrypted and stored securely to prevent unauthorised access to user accounts.
Users have the option to upload a profile picture to personalise their accounts and make them more recognisable to other users. Profile pictures are displayed alongside user profiles and may be visible to other users depending on their privacy settings.
Users may provide additional biographical details to customise their profiles and provide more information about themselves. This may include a bio section where users can write a brief description about themselves, their interests, hobbies, or other relevant information.
We may collect information about users’ preferences related to the services offered on our Platform, such as ride-sharing preferences, tool-sharing preferences, or other service-specific preferences. This information helps us personalise the user experience and tailor our services to meet users’ needs and preferences.
When users create an account on our Platform, they have the option to sign up using their Google or Facebook accounts. This sign-up process may involve accessing certain information from their Google or Facebook profiles to streamline the account creation process and enhance the user experience.
If users choose to sign up using their Google or Facebook accounts, certain profile information from their respective profiles may be imported into their platform profiles. This may include their profile picture, name, email address, and other publicly available information, depending on the permissions granted by the user and the respective platform’s privacy settings.
Communication Data
We collect data related to users’ communications within the app to facilitate interactions between users.
This may include:
Messages exchanged between users and notifications.
Usage Data
We collect data about users’ interactions with the app to improve the user experience and optimise our services. This includes:
- Features used within the app
- Frequency of app usage
- Usage patterns and preferences
Feedback and Reviews
We collect feedback and reviews submitted by users about their experiences with other users, shared resources, or our Platform. This helps us improve our services and maintain a positive user experience.
Analytics Data
We collect anonymised and aggregated data for analytics purposes to understand user demographics, engagement metrics, and trends in app usage. This data helps us make informed decisions about product enhancements and service offerings.
Location
Our platform may collect location data in several ways:
With users’ consent, we may access GPS data from their devices to determine their precise geographic location. This allows us to provide location-specific features and services, such as finding nearby rides or shared resources.
Users may have the option to manually enter their location information, such as their home address or preferred pickup/drop-off locations.
We may collect users’ IP addresses to approximate their location for general purposes, such as determining regional preferences or improving service delivery.
User Control and Consent
We prioritise user privacy and transparency when collecting and using location data. Users have full control over their location settings and can choose whether to share their precise location with the Platform. They can adjust their location preferences in their account settings or device settings at any time. We obtain explicit consent from users before accessing their location data and provide clear explanations of how their location information will be used. Users can review and modify their consent settings at any time through the platform’s privacy settings.
Reviews and Ratings
Users’ profiles may also display reviews and ratings from other users based on their interactions and experiences on the Platform. Positive reviews and high ratings can help establish credibility and trustworthiness, while constructive feedback can provide valuable insights for improving the user experience.
Protection of Personal Information
We take the security of your personal information seriously and employ industry-standard security measures to safeguard it against unauthorised access, disclosure, or misuse. Your password is encrypted and cannot be viewed by anyone, including our staff.
Accessing and Updating Your Information
You have the right to access, update, or delete the personal information stored in your account at any time. You can do so by logging in to your account and accessing the “Account Settings” or “Profile” section. If you encounter any difficulties or require assistance with managing your account information, please contact our customer service team for support.
Device Information
When you visit our Site, we automatically collect certain information about your device, that may include information about your IP address, time zone, location, device type and model and/or some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or services that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site.
Social Media Platforms and Testimonials
We may collect and use personal information shared on social media platforms for the purpose of client testimonials. Your testimonial or review may include personal information such as your first name, initials, or general geographic location. However, we are committed to protecting your privacy, and we will take reasonable steps to ensure that any personal information shared in testimonials or reviews is anonymised or used with your explicit consent.
Do not track
Please note that we do not alter our data collection and usage practices when we detect a ‘do not track’ signal.
How do we collect your information?
You directly provide us with almost all the information that will collect except for device information and cookies. We collect information from you in many ways including when you:
- Enquire about our Services;
- Interact with our Social Media Platforms;
- Create an account;
- Use our Platform;
- Provide testimonials or feedback;
- Use or view our Site.
How do we use your information?
Account Creation
User account information, including names, email addresses, phone numbers, and passwords, is collected during the account creation process. This information is essential for creating and managing user accounts on our Platform, allowing users to access our services and features. We use user account information to personalise the user experience and tailor our services to individual preferences. This may include addressing users by their names in communications, recommending relevant content or services based on user preferences, and customising user interfaces to align with user preferences. User account information is used to communicate with users about their accounts, activities on the Platform, and important updates or announcements. We may use email addresses or phone numbers provided during account creation to send account verification emails, password reset instructions, or notifications about account-related activities.
Account Management
We use user account information to manage user accounts on our Platform, including updating account details, processing account-related requests or inquiries, and providing support to users as needed. This may involve verifying user identities, resolving account-related issues, or assisting users with account-related tasks. User account information may be used to comply with legal and regulatory requirements, such as verifying user identities, investigating fraudulent activities or security incidents, or responding to lawful requests from law enforcement or government authorities.
Location Data
Matching Users with Nearby Services
We use location data to match users with nearby rides, shared resources, or other services available on our Platform. By analysing users’ current geographic locations, we can efficiently connect them with relevant opportunities and facilitate seamless interactions within their vicinity.
Providing Accurate Directions and Route Suggestions
Location data enables us to provide accurate directions and route suggestions for transportation services, such as ridesharing or carpooling. By leveraging GPS technology, we can offer real-time navigation assistance to help users reach their destinations efficiently and safely.
Customising Content and Recommendations
We utilise location data to customise content and recommendations based on users’ geographic preferences.
Improving Service Efficiency and Accessibility
Analysis of location-based trends and patterns helps us improve the efficiency and accessibility of our services. By understanding users’ geographical behaviour, we can optimise service delivery, allocate resources effectively, and identify areas for service expansion or improvement.
Enhancing Safety and Security Measures
Location data may be used to enhance safety and security measures for users. For instance, in the event of an emergency or safety concern, users’ location information can be utilised to provide timely assistance or support services.
Personalising User Experience
By incorporating location data into our platform, we aim to personalise the user experience and tailor services to users’ specific geographic contexts. This ensures that users receive relevant and timely information that enhances their overall satisfaction and engagement with our platform.
Device Information
We use device information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our Site. For example, by generating analytics about how our customers browse and interact with the Site and emails, to better understand our customers’ interests and site usage patterns and what type of content may help to encourage those visits. We will only use your personal information for the purposes for which it was collected, unless we reasonably consider that we need to use it for another purpose that is compatible with the original purpose. If we need to use your information for an unrelated purpose, we will seek your consent.
Data Security
We take appropriate measures to protect your personal information from unauthorised access, alteration, disclosure, or destruction. We implement industry-standard security practices and regularly review our systems to ensure your data is securely stored. Please note that the transmission of information via the internet is not completely secure. While we do our best to protect your personal information, we cannot guarantee the security of data transmitted to our website or through electronic communication channels. Any transmission is at your own risk.
Disclosure of your information
We may disclose your personal information to third-party service providers who assist us in operating our business and providing our services, such as payment processors and IT support providers. These service providers are authorised to use your personal information only as necessary to provide their respective services to us.
We may also disclose your information if required to do so by law.
Our Social Media Platforms
If you have voluntarily provided a testimonial or review on our Social Media Platforms, you understand and agree that your testimonial or review may be used for promotional or marketing purposes on our Website, Social Media Platforms, advertisements, or any other promotional materials. We may use your testimonial or review in its entirety or in part, and we reserve the right to edit or modify it for clarity, length, or any other necessary purpose.
You retain the right to withdraw your consent for the use of your testimonial or review at any time. To do so, please contact us at support@costapple.com. We will promptly remove or anonymise your testimonial or review from our promotional materials, as applicable.
How do we store your data?
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online. To keep your personal data secure, we have chosen a secure web hosting service, HOSTINGER which is SSL certificate encrypted. We also store personal information (except credit card information which is encrypted) on our local secure networks, all of which are password protected.
Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. The specific retention periods may vary depending on the type of information and the purposes for which it was collected, as described below:
User Account Information
User account information, including names, email addresses, and other account details, is retained for as long as the user maintains an active account with our platform. Upon closure of the account, we may retain certain account information for a reasonable period to comply with legal obligations, resolve disputes, or enforce our terms of service.
Communication Data
Communication data, such as messages exchanged between users and notifications sent by the Platform, may be retained for a limited period to facilitate ongoing interactions and provide support to users. We may retain communication data for a reasonable period to address user inquiries, resolve disputes, or investigate security incidents.
Usage Data
Usage data, including information about user interactions, preferences, and engagement with our Platform, may be retained for analytical purposes and to improve our services. We retain usage data in aggregate or anonymised form for as long as necessary to derive insights into Platform usage trends and performance metrics.
Device Information
We retain device information, such as IP addresses and technical identifiers, for a limited period to analyse Website performance, improve our services, and ensure the security of our Website against unauthorised access or fraudulent activities.
Maintaining data quality and accuracy
It is important to us to maintain the quality of the personal information that we hold. We take reasonable steps to make sure that your personal information is accurate, complete and up-to-date.
If you find that your personal information held by us is not up to date or is inaccurate, please advise us and we will amend it, where appropriate.
Third Party Links
The parties acknowledge and agree that nothing in these Terms shall be construed as creating or establishing any agency, partnership, joint venture, employment, or franchise relationship between the Company and its users.
Data Breach
We take the security of your personal information seriously and have implemented reasonable measures to protect it from unauthorised access, loss, or disclosure. However, in the event of a data breach that compromises the security of your personal information, we will take immediate action to mitigate the impact and comply with applicable laws and regulations. In the unfortunate event of a data breach, we will:
Promptly assess the extent of the breach: We will conduct a thorough investigation to determine the scope and nature of the breach, identifying the affected systems, data types, and the potential risk to individuals.
Notify affected individuals: If we determine that the data breach poses a significant risk of harm to your rights and freedoms, we will notify you promptly, providing clear and transparent information about the breach, the potential consequences, and the actions you can take to mitigate any potential risks.
Engage relevant authorities: If required by applicable laws and regulations, we will report the data breach to the appropriate supervisory authorities and cooperate fully in their investigations.
Take necessary steps to secure and remedy the breach: We will take immediate action to contain the breach, prevent further unauthorised access, and restore the security and integrity of our systems. This may include, but is not limited to, implementing additional security measures, conducting forensic analysis, and cooperating with law enforcement agencies.
Provide support and assistance: In the event of a data breach, we are committed to providing support and assistance to affected individuals. This may include guidance on steps to protect your personal information, information about available resources for identity theft protection, and any other relevant support measures to help mitigate the impact of the breach.
If you suspect or become aware of any unauthorised access, loss, or disclosure of your personal information, please contact us immediately using the provided contact details.
Please note that while we implement reasonable security measures, no method of data transmission or storage is completely secure. We cannot guarantee the absolute security of your personal information.
By using our website and providing your personal information, you acknowledge and understand the inherent risks associated with data transmission over the internet and agree that we are not liable for any unauthorised access, loss, or disclosure of your personal information beyond our reasonable control.
Your Rights
You have the right to access personal information we hold about you and ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
We note that we are processing your information to provide our Services to you, or otherwise to pursue our legitimate business interests listed above.
We would like to make sure you are fully aware of all your data protection rights.
You have:
Right to be Forgotten: You have the right to request the deletion or removal of your personal information when certain conditions are met, such as when the information is no longer necessary, consent is withdrawn, or processing is not based on legitimate interests.
Right to Rectification: If you believe that the personal information, we hold about you is inaccurate or incomplete, you have the right to request its correction. You can do so by contacting us using the information provided at the end of this policy.
The right to data portability: You have the right to request us to transfer the information that we have collected to another organisation, or directly to you, under certain conditions.
Right to Information and Access: You have the right to be informed about the collection, use, and processing of your personal information. You also have the right to request access to the personal information we hold about you. We may charge you a small fee for this service.
Right to Restriction of Processing: Under certain circumstances, you have the right to request the restriction of the processing of your personal information. If you would like to exercise this right, please contact us using the information provided at the end of this policy.
Right not to be Subject to Automated Decision-making: You have the right not to be subject to decisions based solely on automated processing, including profiling, if these decisions significantly affect you. Some exceptions apply, such as when the decision is necessary for a contract or authorised by law.
Right to Object: You have the right to object to the processing of your personal information based on legitimate interests or for direct marketing purposes. If you wish to object to the processing of your information, please contact us using the information provided at the end of this policy.
Right to Lodge a Complaint: If you believe that your privacy rights have been violated, you have the right to lodge a complaint with the relevant supervisory authority, such as the data protection authority in your country.
If you make a request, we have 30 days to respond to you. If you would like to exercise these rights, please contact us, using the details below.
Changes to our privacy policy
Please be aware that we may change this privacy policy in the future. We may modify this policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check from time to time to review our privacy policy.
How to contact us
If you have any questions relating to our handling of your personal information or our use of cookies, or if you would like to invoke any of your rights under the APPs, the GDPR or the CCPA, please email support@costapple.com.
Last Updated 12/04/24