Privacy Policy

01 · What we collect

What we collect

The personal information we collect depends on how you use Qwoll. The categories below are exhaustive; we do not collect personal information beyond what is listed here.

Account information

When you sign up for Qwoll, we collect the information needed to create and operate your account: your name, email address, mobile phone number, suburb and postcode, password (held as a hash, not in plain text), and the role you signed up for (clinic / veterinary professional / sitter / pet owner). We collect this under the contract you enter with us when you accept the Terms of Service.

Identity and verification information

If you sign up as a veterinary professional, sitter, or other paid provider, we collect the documents and details required to verify your eligibility to participate on the platform: copies of your state veterinary board registration (where applicable), your veterinary nursing or technician qualifications, your professional indemnity and public liability insurance certificates, your National Police Certificate (under 24 months old), and your Australian Business Number. The full verification standard is in our Trust & Safety + Compliance Verification policy.

Service and booking information

When you use the platform, we collect information about the work being booked or performed: the services offered or requested, location and timing, the parties involved, the agreed fee, and the status of the booking. For clinical services delivered by a veterinary professional, we also store the visit notes (where the visit took place, what was done, the clinical observations). Visit notes are private to you and the providing professional; they are never shown to other users without your consent.

Pet information

If you are a pet owner, we collect information about your pet: name, species, breed, age, sex, weight, behaviour notes, medications, and any clinical history you record on the platform. This information is used to make bookings and to give the providing professional what they need to deliver care.

Payment information

Card details are held by our payment processor, Stripe, under their own security standards (PCI-DSS). We do not store your card number or CVV. We hold a payment-method reference that points to your card record at Stripe. For providers receiving payouts, your bank account is held by Stripe Connect and we hold only a Connect account reference.

Communication information

We collect the messages you send through the platform's chat feature, the support tickets you raise, and the customer-service conversations you have with us. We also retain records of administrative actions taken on your account.

Device and analytics information

If you use the Qwoll mobile apps, we receive a device identifier and a push-notification token so that we can deliver notifications. If you opt in to analytics through our cookie banner on the website, we receive anonymous information about your use of the site (pages visited, events triggered, broad device class). Analytics are not loaded if you decline.

What we do not collect

We do not collect government identifiers (Medicare number, driver's licence number, passport number, Tax File Number, or equivalent) except where strictly required by a regulator and disclosed at the point of collection. We do not collect biometric information. We do not collect health information about you (only about your pet). We do not collect information about your sexual orientation, religious beliefs, political opinions, or other sensitive information as defined in the Privacy Act 1988 (Cth).

02 · Why we collect it · Lawful basis

Why we collect it

Under the Australian Privacy Principles, we are required to be transparent about why we collect personal information. We collect personal information for the following purposes.

To run the platform

• To create and operate your account.
• To match you with bookings, providers, or pet owners.
• To take payment from you and pay providers.
• To deliver in-app, email, and push notifications.
• To provide customer support.

To verify eligibility

• To confirm that veterinary professionals are appropriately registered with the relevant state veterinary board.
• To confirm that veterinary nurses and technicians hold appropriate qualifications.
• To confirm that providers carry the required insurance and are not excluded by the police-check standard.

To meet legal obligations

• To keep records required by Australian taxation law (financial transactions are retained for 7 years).
• To respond to lawful requests from regulators (the Office of the Australian Information Commissioner, Australian state veterinary boards, the Australian Taxation Office).
• To meet our obligations under the Notifiable Data Breaches scheme.

To improve the platform (with consent)

• To analyse aggregated usage so we can make the platform better.
• To run analytics on the website where you have consented to analytics cookies.

To protect users

• To investigate suspected misconduct, animal-welfare concerns, or abuse of the platform.
• To enforce our Terms of Service and Acceptable Use Policy.

03 · Storage · Australia, with limited overseas processors

Where it is stored

Qwoll's primary platform runs on Amazon Web Services in the Sydney region (ap-southeast-2). All primary databases — your account, profile, bookings, messages, and visit notes — sit in Sydney.

Service providers we use

Operating a software platform requires us to use a small number of specialised service providers. Each one is named below, with the data they receive and the country they operate from.

• Amazon Web Services (Sydney). Hosts the platform and stores your account, bookings, messages, visit notes, and uploaded documents.
• Stripe (AU and US group entity). Processes card payments. Holds your card details under PCI-DSS scope. Operates Stripe Connect for provider payouts. AU customers are typically processed via Stripe's Australian entity; some Stripe Connect operations involve the broader US-based group.
• Airwallex (Australia). Holds Qwoll's operating bank account and treasury. Receives platform-fee balances; does not hold user PII.
• Xero (Australia / New Zealand). Accounting integration. Receives aggregated financial information; does not receive marketplace user PII.
• Apple Push Notification service (United States). Delivers push notifications to iOS devices. Receives a push token and notification message body; the body does not contain user PII.
• Firebase Cloud Messaging — Google (United States). Delivers push notifications to Android devices. Same data scope as APNs.
• Sentry (United States). Error monitoring. Receives technical error traces and a hashed user-id for context. Personal information is scrubbed from error messages before sending.
• PostHog (European Union). Product and website analytics, hosted in the EU. Loaded only if you consent to analytics cookies. Receives anonymous event data; does not receive the personal information above.
• Meta Platforms (United States). The Meta Pixel, for advertising measurement on Facebook and Instagram. Loaded only if you consent to marketing cookies. Receives page-view and conversion events tied to your browser; we never send your name, contact details, pet records, or visit notes.

Cross-border disclosures (APP 8)

Where personal information is sent to a service provider outside Australia, the disclosure is governed by Australian Privacy Principle 8. The overseas processors listed above (APNs, FCM, Sentry, PostHog, Meta) are contracted under data-processing terms reasonable in the circumstances. The legal basis for disclosure to each is recorded in our Data Inventory and is reviewed annually.

04 · Retention

How long we keep it

We keep personal information for the shortest period consistent with operating the platform and meeting our legal obligations. The full retention schedule is in our Risk & Compliance Pack; the highlights are below.

• Account profile information. For as long as your account is active. Within 14 days of you closing your account, we anonymise your personal information and delete the underlying records, except where law requires us to retain a financial record.
• Verification documents (registration, insurance, police check). 7 years from the end of your relationship with Qwoll, in line with Australian record-keeping requirements.
• Clinical visit notes. 7 years from the date of the last entry, in line with veterinary record-keeping practice.
• Visit photos and summaries. Account lifetime + 1 year, then deleted.
• Payment records. 7 years, in line with Australian tax law.
• Messages between users. 2 years rolling, then deleted.
• Support tickets and admin moderation log. 5 years.
• Analytics events (where you consented). Up to 12 months at PostHog. Stops on opt-out.
• Marketing / advertising events (where you consented). Processed by Meta under its own data-use and retention terms. Withdrawing marketing consent stops further collection.
• Error monitoring. 30 days at Sentry. Personal information scrubbed before send.

05 · Your rights · Access, correct, delete

Your rights

Under the Australian Privacy Principles, you have rights over the personal information Qwoll holds about you.

Right of access

You can ask us for a copy of the personal information we hold about you. We will respond within 30 days. Where the request is complex or we hold a large volume of information, we may extend the period; we will let you know if we do. There is no fee for a reasonable access request.

Right of correction

If you believe any of the personal information we hold about you is inaccurate, out of date, or incomplete, you can ask us to correct it. We will respond within a reasonable time. Where we agree, we correct the record. Where we disagree, we record your objection and store it with the original record.

Right of deletion

You can ask us to delete the personal information we hold about you. We will delete the information that we are not legally required to keep. Information we are required to keep — financial records, clinical records, regulatory verification records — is retained for the legal retention period and then deleted. The technical mechanics of deletion (anonymisation, account closure, retention of placeholder identifiers for financial records) are in our Risk & Compliance Pack.

How to exercise your rights

Write to privacy@qwoll.com.au. Tell us what you want — access, correction, or deletion — and provide enough information for us to identify your account. If we cannot identify your account, we may ask for additional information; we will not ask for more information than we need to find your record.

06 · Cookies

Cookies

This section is the Cookie Policy for qwoll.com.au and the Qwoll mobile applications. It is part of this Privacy Policy.

What we use cookies for

• Strictly necessary cookies. Required to make the website work — for example, holding your sign-in session. These cookies are set without your consent because the site cannot function without them.
• Preference cookies. Remember your preferences — for example, whether you have dismissed a banner. Set with your implied consent for the duration of your visit.
• Analytics cookies. Set only if you opt in via the cookie banner. Used to understand which pages people visit and how long they stay. Anonymous; not used to track you across other websites.
• Marketing cookies. Set only if you opt in via the cookie banner. We use the Meta Pixel (Facebook / Instagram) to measure the effectiveness of our advertising and to reach relevant audiences. Not loaded if you decline.

How to change your cookie preferences

Open the cookie preferences from the link in our website footer. You can change your preferences at any time. Changes take effect on your next page load.

07 · Security · Notifiable Data Breaches

Security and breaches

Security

We protect your information through a combination of technical and organisational controls described in our Information Security Policy. Highlights: encryption at rest (AWS KMS) and in transit (TLS 1.2+); least-privilege access controls; audit logging of administrative actions; quarterly access reviews; multi-factor authentication required for administrative accounts; security advisories triaged within seven days, critical CVEs within 24 hours.

Notifiable Data Breaches scheme

If a breach of our systems is likely to result in serious harm to one or more individuals, we are required by Australian law to notify the affected individuals and the Office of the Australian Information Commissioner. We assess every breach against the scheme's criteria. We aim to notify within 72 hours of awareness; the law gives us up to 30 days, but we want you to know quickly so you can protect yourself.

How we communicate a breach

If we need to notify you of a breach, we contact you by email at the address on your account, with a clear description of what happened, what information was involved, what we are doing, and what you can do to protect yourself. We do not use a breach as an occasion to upsell or to bury the incident in marketing language.

08 · Contact

How to contact us

Privacy questions, requests, complaints

Write to privacy@qwoll.com.au. We will acknowledge within 5 business days and respond substantively within 30 days. Where the matter is complex, we may extend the period and let you know we are doing so.

Complaint pathways

If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner. The OAIC handles complaints under the Privacy Act 1988 (Cth). Details are at oaic.gov.au or by phone on 1300 363 992.

Postal address

Qwoll Pty Ltd, registered office address as recorded with ASIC. Our registered office details are public via the ASIC register.

Changes

How this policy changes

We update this Privacy Policy when our practices change, when our service providers change, or when the law changes. The effective date at the top of this document is the date the current version came into force. Where a change is material — a new category of personal information, a new third-party processor, a change in your rights — we will tell you by email or in-app notification before the change takes effect. Material changes do not take effect retrospectively against information we already hold under earlier terms unless we obtain your renewed consent.