Privacy Policy

Pushlap Pty Ltd

Effective: 10 September 2025

This Privacy Policy explains how Pushlap Pty Ltd (“Pushlap”, “we”, “our”, “us”) collects, uses, discloses and protects information relating to identified or identifiable individuals (“Personal Information”) when you use our websites, apps, and services (together, the “Services”).

We aim to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Because users may be located globally (including the EU/UK, US, Canada, and Japan), we have adopted a policy that is broadly GDPR-aligned (e.g. rights of access/erasure/portability where applicable).

If you do not agree with this Policy, please do not use the Services.

1. Who we are & contact

Controller: Pushlap Pty Ltd
Email (privacy contact): [email protected]
Registered office / principal place of business: As notified in our ASIC records.

2. What we collect

We collect the following categories of information:

  • Account & profile: email, display name (chosen by you), optional profile details (e.g. car model, club, photo).
  • Activities & content: uploaded or recorded activities (laps, GPS, telemetry, timing, sensor data), videos/images, metadata (timestamps, device identifiers), comments and likes.
  • Usage & device data: app and site logs, IP address, device/browser type, language, referral URLs, crash/error reports, cookies and similar technologies.
  • Payments & subscriptions (if enabled): contact and transaction details from our payment processors (we do not store full card numbers).
  • Support & communications: enquiries, feedback, and any information you send us.

We may combine information collected from you with information from our partners where lawful (e.g. to prevent fraud or improve quality).

3. Public by default

Important: Until we ship privacy controls, activities and profile information are public by default. That means laps, GPS/telemetry, basic profile fields, display name and other activity metadata may be visible to anyone, whether or not they have a Pushlap account, and may be indexed by search engines or shared via links/embeds.

  • Your display name is public; your email and account identifiers are not public.
  • When privacy controls are introduced, you will be able to change visibility settings for future activities (and we will communicate how existing data is handled).

If you do not want your activities to be public, please do not upload or record them until privacy controls are available.

4. Why we use your information (purposes & legal bases)

We use information for:

  • Service delivery: operate, maintain, and provide the Services; publish activities; social features; customer support.
  • Safety & integrity: detect/prevent abuse, fraud, security incidents, and violations of our Terms.
  • Improvement & research: develop new features; train models (e.g. performance prediction, cornering/tyre insights); analytics and statistics.
  • Communications: service messages, policy updates, and (with consent or as permitted) product updates and marketing.
  • Legal & compliance: enforce agreements, comply with law, respond to lawful requests.

Legal bases (GDPR where applicable): contract necessity; legitimate interests (e.g. to provide a safe, useful service); consent (where required, such as certain marketing or cookies); legal obligations.

5. Models, aggregation, and deletion

We build analytics and predictive models using uploaded activities and telemetry. If you request deletion of your data:

  • We will remove or de-identify your personal data from your account and from public views.
  • Aggregated/anonymised data and trained models created from historical datasets may be retained (they generally cannot be “un-trained” to remove one person’s prior contribution). We will not attempt to re-identify you in those aggregates or models.

6. Sharing and disclosure

We may share information as follows:

  • Service providers / processors: cloud hosting, databases, analytics, crash reporting, email delivery, content moderation, and payments. They may access data only to perform services for us under contract.
  • Aggregated/anonymised insights: We may share de-identified statistics and insights (e.g. tyre performance, track trends) with trusted partners such as tyre/equipment companies or track operators.
  • Legal reasons: to comply with applicable law, lawful requests, enforce our Terms, or protect rights, safety, and security.
  • Business transfers: in a merger, acquisition or asset sale, information may transfer subject to this Policy.

We do not sell personal information.

7. International storage and transfers

We use reputable cloud providers. Data is currently hosted primarily in Australia and may be processed in other jurisdictions by us or our service providers. Where required, we use appropriate safeguards (e.g. contractual protections such as EU Standard Contractual Clauses).

8. Data retention

We keep personal information for as long as needed to provide the Services, for legitimate business purposes (audit, security, fraud-prevention), and to comply with legal obligations. You can request deletion of your account (see Your rights). Aggregated/anonymised data and trained models may be retained.

9. Your rights

Your rights depend on your location, but generally include:

  • Access: request a copy of your personal information.
  • Correction: request we fix inaccurate information.
  • Deletion: request we delete personal information (subject to lawful exceptions and Section 5 regarding aggregates/models).
  • Other rights: where legally required, additional rights may apply (e.g., data portability, objection to processing).

How to exercise: email [email protected]. We may need to verify your identity and we will respond within a reasonable time.
Complaints (Australia): You may contact the Office of the Australian Information Commissioner (OAIC) at https://www.oaic.gov.au if you are not satisfied with our response.

10. Children and minors

During beta, the Services are for users aged 18+. We do not knowingly collect personal information from children. If you believe we have collected information from a minor, contact [email protected] and we will take appropriate steps.

11. Security

We use reasonable administrative, technical, and organisational measures to protect information (e.g. access controls, encryption in transit, least-privilege practices). No system is perfectly secure; you are responsible for maintaining the confidentiality of your account credentials.

12. Cookies and similar technologies

We use cookies and similar technologies for authentication, preferences, analytics, performance, and security. Where required by law, we will obtain consent. You can manage cookies through your browser settings; some features may not function without them.

13. Third-party links and content

The Services may link to third-party sites or allow you to share content externally. We are not responsible for the privacy practices of third parties. Please review their policies.

14. Changes to this Policy

We may update this Policy from time to time. We will post the updated version with an effective date and, if changes are material, we will provide additional notice (e.g. in-app banner or email).

15. Contact us

Pushlap Pty Ltd
Email: [email protected]

If you contact us, we may ask for information to verify your identity and to help us respond to your request.