Privacy Policy
Effective Date: 15 January 2025
At xypheralora, we take your privacy seriously. We know planning your event budget involves sharing financial details and personal information — and that requires trust.
This policy explains how we collect, use, and protect your data when you use our services. We're based in Melbourne and operate under Australian privacy laws, including the Privacy Act 1988 and the Australian Privacy Principles (APPs).
We've written this in plain language because legal jargon helps no one. If something's unclear, reach out and we'll explain it properly.
Information We Collect
We collect different types of information depending on how you interact with xypheralora. Here's what we gather and why.
Information You Give Us Directly
- Your name, email address, and phone number when you create an account
- Event details you input — dates, locations, budget estimates, vendor preferences
- Payment information when you upgrade to premium features (processed securely through our payment partners)
- Messages you send through our contact form or support channels
- Feedback and survey responses when you choose to share them
Information We Collect Automatically
When you use our platform, we collect technical data to keep things running smoothly:
- Device information — browser type, operating system, screen resolution
- Usage patterns — which features you use, how long you spend on different pages
- IP address and general location data (city and state level, not your exact address)
- Cookies and similar tracking technologies (more on this below)
How We Use Your Information
We're not in the business of selling data. We use your information to run our service properly and make it better over time.
| Purpose | Why We Need It |
|---|---|
| Provide event planning tools | To save your budgets, track expenses, and generate reports you've requested |
| Process payments | To handle subscriptions and premium feature purchases securely |
| Send service updates | To notify you about changes to your account, new features, or issues that need attention |
| Improve our platform | To understand which features work well and what needs fixing |
| Provide customer support | To help you when something goes wrong or you have questions |
We may occasionally send marketing emails about new features or tips for better budget planning. You can opt out anytime by clicking unsubscribe at the bottom of any email.
Cookies and Tracking Technologies
We use cookies — small text files stored on your device — to remember your preferences and keep you logged in. Some are essential for the site to work; others help us understand how people use xypheralora.
Essential cookies: These keep you logged in and remember your settings. You can't disable these without breaking the service.
Analytics cookies: These help us see which features get used most and where people struggle. We use aggregated data, not individual tracking.
Marketing cookies: If you've agreed to them, these track whether you came from an ad or partner link. You can disable these in your browser settings.
How We Share Your Information
We don't sell your data to third parties. Full stop. But we do work with service providers who help us run xypheralora, and they may process your information on our behalf.
- Payment processors: Stripe and PayPal handle transactions securely. They only receive information needed to process payments.
- Cloud hosting providers: AWS stores our data in Australian servers. They maintain strict security standards but don't access your content.
- Email service providers: We use Mailgun to send account notifications and updates. They process email addresses but don't use them for other purposes.
- Analytics platforms: Google Analytics helps us understand site usage through aggregated data.
All these partners are bound by confidentiality agreements and can only use your data for the specific services they provide to us.
When Law Requires It
We may disclose information if legally required — for example, responding to valid court orders, protecting against fraud, or complying with Australian regulatory requirements. We'll notify you about such requests unless prohibited by law.
Your Rights Under Australian Law
The Privacy Act gives you specific rights over your personal information. Here's what you can do and how to do it.
Access Your Data
You can request a copy of all personal information we hold about you. We'll provide this within 30 days, free of charge. Just email support@xypheralora.com with "Data Access Request" in the subject line.
Correct Inaccurate Information
If something's wrong in your profile or saved data, you can update it directly through your account settings. For information you can't edit yourself, contact our support team.
Delete Your Account
You can delete your account anytime through Settings > Account > Delete Account. This removes your personal information within 30 days. We may retain some data for up to 7 years to comply with Australian tax and accounting requirements, but it's anonymised and not linked to you.
Opt Out of Marketing
Click unsubscribe in any marketing email, or adjust preferences in your account settings. You'll still receive important service notifications like security alerts or billing issues.
Data Security Measures
We take reasonable steps to protect your information from unauthorised access, loss, or misuse. Here's what we do:
- All data transmitted to and from xypheralora is encrypted using TLS 1.3
- Passwords are hashed using industry-standard bcrypt algorithms
- Our servers are hosted in Australian data centres with physical security controls
- We conduct regular security audits and vulnerability assessments
- Access to personal data is restricted to employees who need it for their job
- We maintain backups in case of system failure, stored securely and encrypted
No system is completely secure, though. If we experience a data breach that affects you, we'll notify you and the Office of the Australian Information Commissioner as required by law.
Data Retention and Deletion
We keep your information only as long as needed for the purposes described in this policy.
Active accounts: Your data stays with us as long as you're using xypheralora.
Closed accounts: Personal information is deleted within 30 days after account closure, except where we're required by law to retain it.
Financial records: Australian tax law requires us to keep transaction records for 7 years. These are stored securely and separately from your active user data.
Analytics data: Aggregated usage statistics (with no personal identifiers) may be retained indefinitely for product improvement.
International Data Transfers
Your data is primarily stored on servers in Australia. We occasionally use service providers based overseas (like payment processors with global infrastructure), but we ensure they meet Australian privacy standards.
Where data is transferred internationally, we use standard contractual clauses or ensure the recipient country has adequate privacy protections recognised under Australian law.
Children's Privacy
xypheralora is designed for adults planning events. We don't knowingly collect information from anyone under 18. If you're a parent and believe your child has created an account, contact us at support@xypheralora.com and we'll delete it promptly.
Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our website at least 30 days before the changes take effect.
The "Effective Date" at the top of this page shows when the current version was published. Continued use of xypheralora after changes become effective means you accept the updated policy.
Making a Complaint
If you're concerned about how we've handled your personal information, please contact us first at support@xypheralora.com. We'll investigate and respond within 30 days.
If you're not satisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
Online: www.oaic.gov.au
Phone: 1300 363 992
Mail: GPO Box 5218, Sydney NSW 2001
Questions About This Policy?
We're here to help if something's unclear or you want to exercise your privacy rights.
Email: support@xypheralora.com
Phone: +61 2 4966 4798
Mail: xypheralora Privacy Officer, 4 Union St, Melbourne VIC 3205, Australia