Privacy Policy

Last updated: June 1, 2025

Introduction

Users.au ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our authentication services.

Information We Collect

Personal Information

  • Account information (email address, password, name)
  • Profile information you choose to provide
  • Authentication data (login credentials, MFA tokens)
  • Communication preferences

Technical Information

  • IP address and device identifiers
  • Browser type and version
  • Operating system information
  • Authentication logs and security events
  • API usage data and performance metrics

How We Use Your Information

  • Provide and maintain our authentication services
  • Authenticate and authorize users
  • Detect and prevent security threats
  • Improve our services and develop new features
  • Communicate with you about service updates
  • Comply with legal obligations

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • With your explicit consent
  • To comply with legal obligations
  • To protect our rights and prevent fraud
  • With trusted service providers under strict confidentiality agreements
  • In connection with a business transaction (merger, acquisition)

Data Security

We implement industry-standard security measures to protect your information:

  • End-to-end encryption for data in transit and at rest
  • Regular security audits and penetration testing
  • Multi-factor authentication for all admin access
  • GDPR and CCPA compliance

Your Rights

Depending on your location, you may have the following rights:

  • Access your personal information
  • Correct inaccurate information
  • Delete your personal information
  • Port your data to another service
  • Opt-out of certain data processing
  • Object to automated decision-making

Data Retention

We retain your information only as long as necessary to provide our services and comply with legal obligations. Authentication logs are typically retained for 90 days, while account information is retained until account deletion.

International Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@users.au
Address: Users.au Privacy Team
Level 15, 1 Bligh Street
Sydney NSW 2000, Australia