Privacy policy

weauto (“we”, “us”) builds and hosts websites for Australian small businesses. This policy explains what personal information we collect, how we use it, and the choices you have. We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

What we collect

• Intake information — business name, suburb, services, hours, photos and any details you submit through forms on weauto.org.
• Account information — name, business name, email, phone (when you contact us or sign up).
• Payment information — handled by Stripe. We never see or store full card numbers.
• Site usage data — basic analytics (page views, referrers) to improve the service.
• Email correspondence — anything you send us at hello@weauto.org.

How we use it

• To build, deliver, and maintain the website you ordered.
• To send transactional emails (intake confirmation, preview link, invoices, change requests).
• To respond to support requests.
• To improve the weauto service.

We do not sell your personal information. We do not use your data for unrelated marketing.

Third parties we share data with

• Stripe — payment processing. Stripe's privacy policy: stripe.com/au/privacy
• Brevo (Sendinblue) — transactional email delivery. brevo.com/legal/privacypolicy
• Vercel — site hosting and edge infrastructure. vercel.com/legal/privacy-policy
• Domain registrar — when we register a .com.au or .au domain on your behalf. Registrar disclosed at the time of registration.

These providers are bound by their own privacy obligations. We do not transfer your information to other parties without your consent, except where required by law.

Where data is stored

Site content and intake data are stored on Vercel infrastructure (typically Sydney or Singapore region). Email is processed via Brevo (EU). Payments are processed via Stripe (Australia). Some routine processing may occur outside Australia in the course of using these services.

How long we keep it

• Live website content — for as long as your site is hosted with us.
• Intake data and correspondence — up to 7 years (Australian tax record requirement).
• Payment records — as required by Stripe and Australian law.
• If you cancel and ask us to delete your data, we'll delete everything except records we're legally required to retain.

Your rights

You can ask us to:

• Access the personal information we hold about you.
• Correct anything that's wrong.
• Delete your information (subject to legal retention obligations).
• Stop using your information for any purpose other than delivering the service you bought.

Email hello@weauto.org with the subject “Privacy request” and we'll action it within 30 days.

Cookies

weauto.org uses minimal cookies — essential session cookies and basic analytics only. We do not use advertising or tracking cookies. The websites we build for you may set additional cookies if you ask us to add features that require them (e.g. booking widgets); we'll tell you when that happens.

Security

We use HTTPS everywhere, payment processing via Stripe, and access controls on internal systems. No system is perfectly secure — but we treat your data as if it were our own.

Complaints

If you believe we've mishandled your information, email hello@weauto.org. If we can't resolve it, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Changes to this policy

We'll update the date at the top of this page when this policy changes. Material changes are emailed to active customers.