Privacy Policy

1. Introduction

AnywhereTradie Pty Ltd, trading as AnywherePT ("we", "us", or "our"), is committed to protecting the privacy of individuals who use our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using the AnywherePT platform, including our website at anywherept.com.au, you consent to the collection and use of your information as described in this policy.

2. Information We Collect

We collect the following categories of personal information:

Account Information: Name, email address, phone number, date of birth, and account type (Client, Trainer, Gym Partner, or Enterprise).

Trainer Profile Information: Qualifications, certifications, credential documents, experience, specialisations, photos, biography, location, availability, insurance details, Working With Children Check, and police check information.

Client Profile Information: Fitness goals, health information you choose to share, weight, measurements, and location preferences.

Payment Information: Payment details are collected and processed by our payment processor, Stripe. We do not store your full credit card number. We may store the last four digits and card type for your reference.

Booking Information: Session dates, times, locations, session types, booking history, and related communications.

Usage Information: Pages visited, features used, search queries, IP address, browser type, device information, and referring URLs.

Communications: Messages sent through our platform, support requests, contact form submissions, and feedback.

3. Health and Sensitive Information

We recognise that certain information collected through the Platform may constitute "health information" or "sensitive information" under the Privacy Act 1988. This includes fitness goals, weight data, medical notes, injury history, and any health-related information shared between Clients and Trainers.

We collect health information only with your explicit consent. This information is:

• Used solely for the purpose of facilitating personal training services
• Shared only with Trainers you have booked or are actively engaging with
• Stored securely with access controls limiting who can view it
• Never sold or shared with third parties for marketing purposes
• Deleted upon your request, subject to legal record-keeping obligations

You may withdraw consent for the collection of health information at any time by contacting privacy@anywherept.com.au. Withdrawal of consent may limit the functionality of certain Platform features.

4. How We Use Your Information

We use your personal information for the following purposes:

• To provide, operate, and maintain the Platform
• To facilitate bookings between Clients and Trainers
• To process payments and send transaction confirmations
• To verify Trainer credentials using AI-assisted document analysis
• To conduct background checks on Trainers
• To personalise your experience and provide relevant trainer recommendations
• To communicate with you about your account, bookings, and platform updates
• To send marketing communications (with your consent)
• To analyse usage patterns and improve our services
• To detect, prevent, and address fraud, security issues, and technical problems
• To comply with legal obligations

5. Information Sharing and Disclosure

We may share your personal information in the following circumstances:

Between Users: When you book a session, relevant information (such as your name, contact details, and session preferences) is shared with the Trainer. Trainer profiles are visible to Clients browsing the Platform.

Service Providers: We share information with third-party service providers who perform services on our behalf:

• Stripe - Payment processing and trainer payouts
• Neon - Database hosting and data storage
• Vercel - Website hosting and deployment
• Resend - Transactional email delivery
• OpenAI - AI-assisted credential verification (document images only)

These providers are contractually obligated to protect your information and process it only on our instructions.

Legal Requirements: We may disclose your information if required by law, court order, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

We do not sell your personal information to third parties.

6. Cookies and Analytics

We use cookies and similar tracking technologies to collect usage information and improve your experience.

Essential Cookies: Required for Platform functionality, including authentication and session management.

Analytics Cookies: Help us understand how users interact with the Platform. These collect anonymised usage data.

Marketing Cookies: Used to deliver relevant advertisements (only set with your consent).

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect Platform functionality.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and role-based permissions
• Regular security assessments and monitoring
• HTTP-only session cookies to prevent cross-site scripting
• Rate limiting to prevent abuse
• Stripe PCI-DSS compliant payment processing

No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. After account closure:

• Account data is retained for 30 days before deletion (to allow account recovery)
• Booking and transaction records are retained for 7 years (Australian tax requirements)
• Trainer credential documents are retained for 2 years after account closure
• Anonymised usage data may be retained indefinitely for analytics

9. Your Rights

Under Australian privacy law, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or incomplete information
• Request deletion of your personal information (subject to legal obligations)
• Opt out of marketing communications at any time
• Request a copy of your data in a portable format
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

To exercise any of these rights, please contact us at privacy@anywherept.com.au. We will respond to your request within 30 days.

10. International Data Transfers

Your information may be stored and processed in countries outside of Australia where our service providers maintain facilities (including the United States for Stripe, Vercel, and OpenAI). When we transfer data internationally, we take steps to ensure your information receives adequate protection in accordance with Australian privacy law.

11. Children's Privacy

The Platform is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and, where appropriate, by sending you an email notification.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact our Privacy Officer:

AnywhereTradie Pty Ltd (trading as AnywherePT)
Privacy Officer
Email: privacy@anywherept.com.au
Sydney, NSW, Australia

You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.