Shopping cart

Dr ROADWORTHY Black white2
Make A Booking

Privacy Policy

RWC BREADCRUMB1

PRIVACY POLICY

 

Effective Date: 21 April 2025   |   Last Updated: 21 April 2025   |   Version: 1.0

 

 AUSTRALIAN LEGAL COMPLIANCE NOTICE

This Privacy Policy is prepared in compliance with:

  • Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs)
  • Privacy and Other Legislation Amendment Act 2024 (commenced December 2024)
  • Australian Consumer Law (Schedule 2, Competition and Consumer Act 2010)
  • Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth)

 

1. About Us & This Policy

DrRoadWorthy.com.au (‘we’, ‘us’, ‘our’, or ‘the Platform’) is an Australian online review platform dedicated to helping Australians find, compare, and review roadworthy inspection stations, mechanics, and automotive service providers.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By using our website at www.drroadworthy.com.au, you acknowledge and agree to the practices described in this policy.

 

Operator: DrRoadWorthy.com.au

Website: www.drroadworthy.com.au

Country of Operation: Australia

Applicable Law: Privacy Act 1988 (Cth) — 13 Australian Privacy Principles

Regulator: Office of the Australian Information Commissioner (OAIC)

Privacy Enquiries: privacy@drroadworthy.com.au

 

2. What Personal Information We Collect

We collect personal information only where it is reasonably necessary for our functions or activities (APP 3). The types of information we may collect include:

 

2.1 Information You Provide Directly

  • Name and username (for account creation and review submission)
  • Email address (for account verification and communications)
  • Suburb or postcode (to show relevant local service providers)
  • Vehicle registration or make/model (if provided when writing a review)
  • Review content, ratings, and comments you post on the Platform
  • Photos or images you voluntarily upload with reviews
  • Contact form messages or enquiries submitted to us

 

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical data through cookies, pixels, and similar technologies:

  • IP address and approximate geographic location (city/region level)
  • Browser type, version, and device type
  • Pages visited, time on page, and referring URLs
  • Search queries made within the Platform
  • Date and time of access

 

2.3 Information From Third Parties

We may receive limited information if you choose to log in via Google or Facebook (social sign-on), including your name and email address as provided by those services. We do not request access to your friends list, posts, or other social data.

 

2.4 Sensitive Information

We do not intentionally collect sensitive information as defined under the Privacy Act (including health information, racial or ethnic origin, biometric data, or financial details). Please do not include such information in your reviews or messages. If sensitive information is inadvertently received, we will take steps to destroy or de-identify it as required by APP 3.3.

 

3. How We Use Your Personal Information

We use personal information only for the primary purpose for which it was collected, or a directly related secondary purpose (APP 6). Specifically, we use your information to:

 

3.1 Core Platform Functions

  • Enable you to create an account and submit reviews
  • Display your public reviews, ratings, and usernames on the Platform
  • Verify the authenticity of reviews to maintain platform integrity
  • Respond to your enquiries and customer support requests
  • Send account-related notifications (e.g. password resets)

 

3.2 Platform Improvement

  • Analyse website usage and traffic patterns to improve user experience
  • Conduct internal research and analytics (using aggregated, de-identified data)
  • Test and develop new features and services

 

3.3 Communications (with your consent)

Where you have opted in, we may send you:

  • Newsletters or updates about new reviews in your area
  • Notifications about responses to your reviews
  • Service-related announcements

You may unsubscribe from marketing communications at any time via the unsubscribe link in any email or by contacting privacy@drroadworthy.com.au. We comply with the Spam Act 2003 (Cth) for all electronic communications.

 

3.4 Legal and Safety Obligations

  • Comply with applicable Australian laws and regulations
  • Enforce our Terms of Service and prevent fraudulent or abusive activity
  • Respond to lawful requests from government authorities or law enforcement

 

4. Cookies & Tracking Technologies

We use cookies and similar technologies on our website. There is no specific cookie law in Australia, however the use of tracking technologies that collect personal information is governed by the Privacy Act 1988 (Cth) and the November 2024 OAIC Guidance on Tracking Pixels and Privacy Obligations.

 

4.1 Types of Cookies We Use

  • Essential Cookies: Necessary for the website to function (login sessions, security). Cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with the site (e.g. Google Analytics with IP anonymisation enabled).
  • Preference Cookies: Remember your settings and preferences for a better experience.
  • Marketing Cookies: Only used where you have provided explicit consent.

 

4.2 Your Cookie Choices

You may manage or disable non-essential cookies through your browser settings or our cookie consent banner displayed on first visit. Disabling analytics cookies will not prevent you from using the core features of the Platform.

 

4.3 Tracking Pixels

We may use tracking pixels for analytics purposes. In accordance with the OAIC’s November 2024 guidance, we ensure any personal information collected via pixels is handled in compliance with the APPs, including notification and purpose limitation requirements.

 

5. Disclosure of Personal Information

We do not sell your personal information. We may disclose your information to third parties only in the following circumstances (APP 6):

 

5.1 Service Providers

We engage trusted third-party service providers to help operate the Platform, including:

  • Cloud hosting and data storage providers (servers located in Australia or jurisdictions with comparable privacy protections)
  • Email delivery services (for transactional and marketing emails)
  • Website analytics platforms (with data processing agreements in place)
  • Content moderation services

All service providers are contractually bound to handle your data only as instructed and in accordance with Australian privacy standards.

 

5.2 Cross-Border Disclosure (APP 8)

Some of our third-party service providers may be located or store data outside of Australia. Before disclosing personal information overseas, we take reasonable steps to ensure the recipient is subject to privacy obligations substantially similar to the APPs. Where required, we will obtain your consent or rely on applicable exceptions under APP 8. Potential overseas disclosure destinations include: United States, European Union, United Kingdom, and Singapore — all of which have recognised comparable privacy frameworks.

 

5.3 Legal Disclosure

We may disclose personal information where required or authorised by Australian law, court order, or legitimate request from a government agency or law enforcement authority.

 

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal information may be transferred to the acquiring entity, subject to the same privacy protections.

 

5.5 Public Review Content

Please note: Reviews, ratings, and usernames you post are publicly visible on the Platform. Do not include personal information in review content that you do not wish to be publicly accessible.

 

6. Data Security (APP 11)

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our security measures include:

 

  • HTTPS/TLS encryption for all data transmitted to and from the website
  • Passwords stored using industry-standard hashing (bcrypt or equivalent)
  • Access controls ensuring only authorised personnel access personal data
  • Regular security assessments and vulnerability testing
  • Secure cloud infrastructure with reputable Australian or international providers
  • Mandatory data breach response procedures (see Section 9)

 

No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we continually review and update our security practices to reflect current best practice and the requirements of the Cyber Security Act 2024 (Cth).

 

7. Data Retention

We retain personal information only for as long as necessary for the purposes described in this policy, or as required by law (APP 11.2). Our general retention periods are:

 

  • Account information: Retained while your account is active, plus 2 years after account closure
  • Public reviews: Retained as long as the review is published. You may request removal at any time.
  • Server logs and analytics data: De-identified after 13 months
  • Email correspondence: Retained for up to 3 years for dispute resolution purposes
  • Legal hold data: Retained as required by applicable law or regulatory obligation

 

When personal information is no longer required, we take reasonable steps to destroy or permanently de-identify it.

 

8. Your Rights Under Australian Privacy Law

The Privacy Act 1988 (Cth) provides you with the following rights with respect to your personal information:

 

8.1 Right to Access (APP 12)

You have the right to request access to the personal information we hold about you. We will respond to access requests within 30 days. We may charge a reasonable administrative fee for processing your request. Access may be declined in limited circumstances permitted by the Privacy Act (e.g. where it would be unlawful).

 

8.2 Right to Correction (APP 13)

If you believe personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request correction. We will take reasonable steps to correct the information or, if we disagree, note your request alongside the data.

 

8.3 Right to Anonymity (APP 2)

Where practicable, you may interact with the Platform using a pseudonym or anonymously (e.g. browsing reviews without creating an account). However, creating an account and submitting reviews requires identification for platform integrity purposes.

 

8.4 Right to Opt-Out of Marketing

You may unsubscribe from marketing emails at any time. We will action opt-out requests within 5 business days in compliance with the Spam Act 2003 (Cth).

 

8.5 Privacy Complaints (APP 1)

If you believe we have interfered with your privacy, you may lodge a complaint with us at privacy@drroadworthy.com.au. We will:

  • Acknowledge your complaint within 5 business days
  • Investigate and respond within 30 days
  • If you are not satisfied with our response, you may escalate to the OAIC at www.oaic.gov.au or call 1300 363 992

 

9. Notifiable Data Breaches

The Privacy Act 1988 (Cth) includes the Notifiable Data Breaches (NDB) scheme under Part IIIC. In the event of an eligible data breach that is likely to result in serious harm to individuals:

 

  • We will assess the breach as quickly as possible and no later than 30 days from becoming aware
  • We will notify the Office of the Australian Information Commissioner (OAIC)
  • We will notify affected individuals as soon as practicable
  • Notifications will include: description of the breach, types of information involved, recommended steps individuals should take, and our contact details

 

We maintain an internal data breach response plan and conduct staff training to ensure rapid and appropriate responses.

 

10. Children’s Privacy

DrRoadWorthy.com.au is not directed at children under the age of 15. We do not knowingly collect personal information from children. A Children’s Online Privacy Code is being developed by the OAIC under the Privacy and Other Legislation Amendment Act 2024, and we will update our practices when this Code takes effect.

If you believe a child under 15 has submitted personal information to our Platform, please contact us at privacy@drroadworthy.com.au, and we will take steps to delete that information.

 

11. Automated Decision-Making

We may use automated systems to moderate reviews for spam or policy violations. No fully automated decisions are made that produce significant legal or similarly significant effects on individuals without human oversight.

Note: From 10 December 2026, APP 1 will require privacy policies to disclose the use of ‘substantially automated decision-making’ tools. We will update this policy accordingly when those obligations commence.

 

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make material changes, we will:

  • Update the ‘Last Updated’ date at the top of this policy
  • Display a notice on our website homepage for 30 days after significant changes
  • Send registered users an email notification for material changes

 

We encourage you to review this policy periodically.

 

13. Contact Us — Privacy Enquiries

For all privacy-related requests, complaints, or enquiries, please contact:

 

Privacy Contact: DrRoadWorthy.com.au Privacy Officer – Liz Thomann

Email: liz@drroadworthy.com.au

Website: www.drroadworthy.com.au/contact

Response Time: Within 10 business day (acknowledgment); 30 days (full response)

 

If you are dissatisfied with our handling of your request, you may contact the OAIC:

Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au

Phone: 1800 037 792

 

This document does not constitute legal advice. DrRoadWorthy.com.au recommends seeking independent legal counsel for matters specific to your circumstances.