Privacy Policy

1. Information We Collect

Personal Information You Provide

When you sign up for flevatisar or use our services, we collect information that you voluntarily share with us. This helps us create your account and provide personalised finance management tools.

• Contact details: Your name, email address, phone number, and mailing address
• Account credentials: Username, password (encrypted), and security questions
• Financial information: Bank account details, transaction data, income sources, and expense categories you create
• Profile information: Date of birth, employment status, and financial goals you set within the platform
• Communication records: Messages you send through our contact forms or support channels

Information We Collect Automatically

Some information gets collected automatically when you use our platform. This technical data helps us keep things running smoothly and spot any security issues.

• Device information: IP address, browser type, operating system, device identifiers
• Usage data: Pages visited, features used, time spent on platform, click patterns
• Location data: General geographic location based on IP address (not precise GPS tracking)
• Cookies and tracking: Small files stored on your device to remember preferences and session information

Information from Third Parties

With your permission, we receive data from financial institutions and other services you connect to flevatisar. This integration helps you see all your finances in one place.

• Bank transaction history and account balances through secure API connections
• Credit score information from credit reporting agencies (with your consent)
• Identity verification data from trusted verification services

2. How We Use Your Information

We use the information we collect for specific purposes that directly benefit your experience with flevatisar. Here's what we do with your data:

3. Information Sharing and Disclosure

We share your information only when necessary to provide our services or when legally required. Here's who might see your data and why:

Service Providers

We work with trusted third-party companies that help us operate flevatisar. These partners have access to limited information needed to perform their specific functions:

• Payment processors: Handle secure transaction processing and bank connections
• Cloud hosting providers: Store and manage your encrypted data on secure servers
• Email service providers: Send account notifications and support communications
• Analytics providers: Help us understand platform performance (with anonymised data)

All service providers are contractually required to protect your data and can't use it for their own purposes.

Legal Requirements

We may disclose your information when required by Australian law, including:

• Responding to valid court orders, subpoenas, or legal processes
• Cooperating with law enforcement investigations of suspected criminal activity
• Complying with Australian Prudential Regulation Authority (APRA) requirements
• Reporting suspicious transactions under anti-money laundering regulations
• Protecting flevatisar's legal rights or defending against legal claims

Business Transfers

If flevatisar is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We'll notify you before your data becomes subject to a different privacy policy.

With Your Consent

We'll share your information with other parties when you explicitly give us permission to do so—for example, if you choose to connect third-party apps or share your financial reports with an accountant.

4. Your Privacy Rights Under Australian Law

Under the Australian Privacy Act 1988 and Australian Privacy Principles (APPs), you have specific rights regarding your personal information. We respect these rights and make it easy for you to exercise them.

Access Your Information

You can request a copy of all personal information we hold about you. We'll provide this in a commonly used electronic format within 30 days. To request access, email us at contact@flevatisar.com with "Data Access Request" in the subject line.

Correct Your Information

If you notice any inaccuracies in your personal data, you can update most information directly through your account settings. For changes to sensitive financial data, contact our support team for verification purposes.

Delete Your Information

You can request deletion of your account and associated personal data at any time. Some information may need to be retained for legal or regulatory purposes (typically 7 years for financial records under Australian tax law). Everything else gets permanently deleted within 90 days of your request.

Restrict Processing

You can ask us to limit how we use your information in certain circumstances—for example, if you're disputing the accuracy of your data or questioning whether we have a legitimate need to process it.

Object to Processing

You have the right to object to certain types of data processing, particularly for marketing purposes. You can opt out of non-essential communications through your account preferences or by clicking unsubscribe in any email we send.

Data Portability

You can request your financial data in a machine-readable format (CSV or JSON) to transfer to another service. We'll provide this within 30 days at no charge.

Lodge a Complaint

If you believe we've mishandled your personal information, you can lodge a complaint with us first. We'll investigate and respond within 30 days. If you're not satisfied with our response, you can escalate your complaint to the Office of the Australian Information Commissioner (OAIC).

5. Data Security Measures

Protecting your financial information is our top priority. We've implemented multiple layers of security to keep your data safe from unauthorised access, theft, or misuse.

Encryption

• In transit: All data transmitted between your device and our servers uses TLS 1.3 encryption
• At rest: Your financial data is encrypted using AES-256 encryption while stored on our servers
• Banking connections: We use bank-level encryption for all third-party financial integrations

Access Controls

• Multi-factor authentication required for all accounts accessing sensitive financial features
• Role-based access controls limit employee access to only what's necessary for their job function
• Regular access audits to ensure no unauthorised personnel can view customer data
• Automatic session timeouts after periods of inactivity

Infrastructure Security

• Data stored in Australian-based secure data centres with 24/7 monitoring
• Regular security audits and penetration testing by independent third parties
• Firewalls and intrusion detection systems to prevent unauthorised access
• Daily encrypted backups stored in geographically separate locations

Monitoring and Response

We continuously monitor for suspicious activity and have incident response procedures ready. If we detect a data breach that might affect you, we'll notify you within 72 hours and report it to the OAIC as required by the Notifiable Data Breaches scheme.

6. Data Retention

We keep your information only as long as needed to provide our services and meet legal requirements. Different types of data have different retention periods.

After these retention periods, we permanently delete your information using secure deletion methods that make recovery impossible. Some aggregated, anonymised data may be retained indefinitely for statistical purposes, but this data can't be linked back to you.

7. Cookies and Tracking Technologies

flevatisar uses cookies and similar technologies to remember your preferences and understand how you use our platform. You have control over how these technologies are used.

Types of Cookies We Use

• Essential cookies: Required for the platform to function properly (login sessions, security features)
  • Cannot be disabled without affecting platform functionality
• Preference cookies: Remember your settings like dashboard layout and notification preferences
  • You can disable these, but you'll need to reset preferences each visit
• Analytics cookies: Help us understand which features are most useful and where improvements are needed
  • Data is anonymised and aggregated
  • Can be disabled in your privacy settings

Managing Cookies

You can control cookies through your browser settings or our cookie preference centre (accessible from your account dashboard). Most browsers allow you to block third-party cookies while keeping essential first-party cookies active.

Note that disabling certain cookies may affect your ability to use some features of flevatisar. We don't use cookies for advertising or share cookie data with third-party advertisers.

8. Third-Party Links and Services

flevatisar may contain links to third-party websites or integrate with external financial services. We're not responsible for the privacy practices of these external sites and services.

When you connect external bank accounts or financial institutions, their privacy policies apply to how they handle your data. We recommend reviewing the privacy policies of any third-party services you connect to flevatisar.

We carefully vet our integration partners for security and reliability, but we can't control how they manage your information once you've authorised them to access your data.

9. Children's Privacy

flevatisar is not intended for use by individuals under 18 years of age. We don't knowingly collect personal information from children. If you're a parent or guardian and believe your child has provided us with personal information, please contact us immediately at contact@flevatisar.com.

If we discover we've inadvertently collected data from someone under 18, we'll delete that information as quickly as possible.

10. International Data Transfers

Your data is primarily stored on servers located within Australia. In some limited circumstances, your information may be transferred to or accessed from countries outside Australia for specific purposes:

• Customer support services (limited access to anonymised data only)
• Cloud infrastructure backup systems with encryption in transit and at rest
• Payment processing through international financial networks

When we transfer data internationally, we ensure adequate protections are in place through contractual agreements, encryption, and compliance with APP 8 (cross-border disclosure of personal information). We only work with service providers who meet Australian privacy standards or equivalent protections.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we'll notify you by:

• Sending an email to the address associated with your account
• Displaying a prominent notice on your dashboard
• Updating the "Effective Date" at the top of this policy

We encourage you to review this policy periodically to stay informed about how we protect your information. Continued use of flevatisar after changes to this policy means you accept the updated terms.

Previous versions of this privacy policy are available upon request for your reference.

12. Australian Privacy Principle Compliance

flevatisar is committed to full compliance with the 13 Australian Privacy Principles (APPs) outlined in the Privacy Act 1988. Here's a quick summary of how we meet each principle:

• APP 1 - Open and transparent management: This privacy policy provides clear information about our practices
• APP 2 - Anonymity and pseudonymity: You can browse our public website anonymously; account creation requires identification for financial services
• APP 3 - Collection of solicited information: We only collect information necessary for our finance control services
• APP 5 - Notification of collection: This policy explains what we collect and why
• APP 6 - Use or disclosure: We use your information only for purposes related to our services
• APP 8 - Cross-border disclosure: We ensure adequate protections for any international transfers
• APP 11 - Security: We implement comprehensive security measures as detailed above
• APP 12 - Access to information: You can request access to your personal information at any time
• APP 13 - Correction: You can update or correct your information through your account settings