Privacy Policy

1. Introduction

Ratey Pty Ltd (ABN to be registered) ("Ratey", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property wealth tracking application and website at ratey.com.au (collectively, the "Service").

We are bound by the Australian Privacy Principles ("APPs") contained in the Privacy Act 1988 (Cth) ("Privacy Act"). This policy describes how we handle personal information in accordance with these obligations.

By using the Service, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address: Used for account identification, authentication, and communications
• Name: Used to personalise your experience (optional)
• Phone number: Used for account verification via SMS (optional)
• Authentication provider data: If you sign in with Google or Apple, we receive your name and email from those services

2.2 Profile and Demographic Information

To provide personalised insights and borrowing capacity estimates, we collect:

• Date of birth / Age: Used for demographic comparisons and age-based insights
• Employment status and occupation: Used for income verification context and borrowing capacity estimates
• Individual income: Used for borrowing capacity and financial health calculations
• Household income: Used for borrowing capacity and household financial analysis
• Number of dependents: Used for borrowing capacity calculations
• Residential status: (Owner-occupier, renter, etc.) Used for financial context

2.3 Property Information

To track your property portfolio, we collect:

• Property addresses: Used to identify properties and obtain valuations
• Property type: (Owner-occupied, investment) Used for portfolio categorisation
• Estimated property values: Either user-provided or from third-party valuation services
• Purchase price and date: Used for capital growth tracking (optional)
• Rental income: For investment properties, used for yield calculations
• Property expenses: Council rates, insurance, strata fees, etc. for cash flow analysis

2.4 Mortgage and Loan Information

To track your mortgages and calculate equity, we collect:

• Lender name: Used for rate comparisons and identifying your loan provider
• Loan balance: Used for equity and net worth calculations
• Interest rate: Used for repayment calculations and rate comparisons
• Loan type: (Variable, fixed, split) Used for rate analysis
• Repayment type: (Principal & interest, interest-only) Used for repayment projections
• Fixed rate expiry date: Used to alert you about upcoming rate changes
• Offset account balance: Used for accurate interest calculations (optional)

2.5 Other Liabilities

To calculate your complete financial position, we may collect:

• Credit card limits and balances: Used for net worth and borrowing capacity
• Car loans: Used for net worth and borrowing capacity
• Personal loans: Used for net worth and borrowing capacity
• HECS/HELP debt: Used for borrowing capacity calculations
• Other debts: Used for comprehensive financial tracking

2.6 Technical and Usage Information

We automatically collect certain technical information:

• Device information: Device type, operating system, unique device identifiers
• IP address: Used for security, fraud prevention, and approximate location
• Browser information: Browser type and version (for web users)
• App version: The version of the Ratey app you are using
• Usage data: Features used, screens viewed, actions taken within the app
• Session information: Login times, session duration, interaction patterns
• Crash reports: Technical information when the app encounters errors
• Network information: Connection type (WiFi, mobile data) for performance optimisation

2.7 Session Replay Data

3. How We Use Your Information

We use your information for the following purposes:

3.1 Provide and Operate the Service

• Create and manage your account
• Calculate and display your net worth, equity, and borrowing capacity
• Track your property portfolio and mortgage details
• Provide property valuation estimates
• Generate insights about your financial position
• Compare your position with demographic benchmarks

3.2 Communications

• Send account verification codes (email and SMS)
• Send service-related notifications (e.g., fixed rate expiry reminders)
• Respond to your enquiries and support requests
• Send product updates and new feature announcements (you can opt out)

3.3 Improve and Develop the Service

• Analyse usage patterns to improve features and user experience
• Identify and fix bugs and technical issues
• Develop new features based on user behaviour and feedback
• Conduct research and analysis (using aggregated, anonymised data)

3.4 Security and Legal

• Protect against fraud, unauthorised access, and other security threats
• Verify your identity and prevent account abuse
• Comply with legal obligations and respond to lawful requests
• Enforce our Terms of Service

4. How We Share Your Information

We may share your information in the following limited circumstances:

4.1 Service Providers

We use trusted third-party service providers to operate our Service. These providers only have access to the information necessary to perform their functions and are contractually obligated to protect your data:

• Cloud hosting: Vercel (web hosting), Neon (database hosting)
• Authentication: Google, Apple (for Sign-In services)
• Communications: Resend (email), Twilio (SMS verification), Expo (push notifications)
• Analytics: PostHog (product analytics and session replay)
• Property data: Third-party property valuation and data providers

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Court orders, subpoenas, or legal process
• Requests from law enforcement or government authorities
• To protect our rights, property, or safety, or that of our users or others
• To investigate potential violations of our Terms of Service

4.3 Business Transfers

If Ratey is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

4.5 Referral Partners

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS/SSL
• Encryption at rest: Sensitive data is encrypted when stored in our databases
• Secure authentication: We support secure authentication methods including Sign in with Apple and Google
• Access controls: Strict access controls limit who can access your data
• Regular security reviews: We regularly assess and update our security practices
• Secure infrastructure: We use reputable cloud providers with strong security certifications

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials.

6. Data Retention

We retain your personal information for as long as:

• Your account is active
• Necessary to provide you with the Service
• Required to comply with legal obligations (e.g., tax records, legal disputes)
• Necessary to resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymise your personal information within 30 days, except where we are required by law to retain it for longer.

Anonymised and aggregated data that cannot identify you may be retained indefinitely for analytics and research purposes.

7. Your Rights and Choices

Under Australian privacy law and the Privacy Act 1988, you have the following rights:

7.1 Access Your Information

You can access most of your personal information directly through the app. You may also request a copy of all personal information we hold about you by contacting us.

7.2 Correct Your Information

You can update most of your information directly in the app settings. If you believe any information we hold is inaccurate, you can request correction by contacting us.

7.3 Delete Your Account

You can request deletion of your account and associated data at any time by:

• Using the account deletion feature in the app (Profile → Delete Account)
• Contacting us at privacy@ratey.com.au

7.4 Opt-Out of Communications

You can opt out of promotional communications by:

• Using the unsubscribe link in any promotional email
• Adjusting notification settings in the app
• Contacting us directly

Note: You cannot opt out of service-related communications (e.g., security alerts, account verification) while maintaining an active account.

7.5 Opt-Out of Analytics

You can limit analytics collection by:

• Enabling "Limit Ad Tracking" or equivalent settings on your device
• Contacting us to opt out of analytics tracking

7.6 Lodge a Complaint

If you believe we have breached the Australian Privacy Principles, you can lodge a complaint with us first at privacy@ratey.com.au. If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Third-Party Services

Our Service integrates with the following third-party services. Each has their own privacy practices, and we encourage you to review their policies:

8.1 Authentication Providers

• Google Sign-In: Google Privacy Policy
• Apple Sign-In: Apple Privacy Policy

8.2 Analytics & Session Replay

• PostHog: We use PostHog for product analytics and session replay. PostHog helps us understand how users interact with our app so we can improve the experience. Session replays have text inputs masked by default. PostHog Privacy Policy

8.3 Communication Services

• Resend: For sending transactional emails. Resend Privacy Policy
• Twilio: For SMS verification. Twilio Privacy Policy
• Expo Push Notifications: For sending push notifications. Expo Privacy Policy

8.4 Infrastructure Providers

• Vercel: For web application hosting. Vercel Privacy Policy
• Neon: For PostgreSQL database hosting. Neon Privacy Policy

8.5 Location & Property Services

• Google Places API: For address autocomplete. Google Privacy Policy

9. International Data Transfers

Some of our service providers may store or process your data outside of Australia, including in the United States and other countries. When we transfer your data internationally, we take steps to ensure it remains protected:

• We only use providers with strong privacy and security practices
• We ensure contractual protections are in place
• We comply with Australian Privacy Principle 8 regarding cross-border disclosure

10. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@ratey.com.au, and we will delete such information.

11. Cookies and Tracking Technologies

Our web application may use cookies and similar technologies to:

• Essential cookies: Required for authentication and basic functionality
• Analytics cookies: Help us understand how visitors use our website
• Preference cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make changes:

• We will update the "Last updated" date at the top of this page
• For material changes, we will notify you through the app or by email
• Your continued use of the Service after changes indicates acceptance of the updated policy

We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Ratey Pty Ltd
Privacy Officer
Email: privacy@ratey.com.au
Website: ratey.com.au

We will respond to your enquiry within 30 days.