Privacy Policy | SupportFinder.io

1. Introduction

This Privacy Policy applies to information we collect when you use SupportFinder.io ("the Service"). By using the Service, you consent to the data practices described in this policy.

We are committed to compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

2. Information We Collect

2.1 Information You Provide

We may collect information you voluntarily provide:

Problem Reports: When you report an issue with provider information, you may provide your email address (optional), description of the problem, and reference to the provider affected.
Contact Inquiries: If you contact us via email, we collect your email address and message content.

2.2 Automatically Collected Information

When you use the Service, we automatically collect:

Location Data: When you perform a search, we collect geographic coordinates (latitude/longitude) to provide relevant local results. Location data is used only for the duration of your search session and is not stored long-term.
Usage Data: We collect information about how you interact with the Service, including:
- Search queries and filters applied
- Pages visited and links clicked
- Time spent on pages
- Device type and browser information
- IP address (anonymized)
Log Data: Our servers automatically log standard information including IP addresses, timestamps, and request details for security and performance monitoring.

2.3 Information We Do NOT Collect

We do not collect or store:

Personal health information or disability details
NDIS participant numbers or plan information
Payment information (unless you sign up for premium provider features)
Social media profiles or login credentials
Persistent location tracking (location is session-only)

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Providing the Service

Deliver search results based on your location and query
Display provider information and contact details
Process problem reports and improve data accuracy
Respond to your inquiries and support requests

3.2 Service Improvement

Analyze usage patterns to improve search relevance
Identify and fix technical issues
Develop new features based on user behavior
Optimize performance and user experience

3.3 Security and Fraud Prevention

Monitor for suspicious activity and abuse
Enforce rate limits and prevent automated scraping
Protect against spam and malicious submissions
Maintain system security and integrity

3.4 Legal Compliance

Comply with applicable laws and regulations
Respond to legal requests and court orders
Enforce our Terms of Service

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties.

4.1 Service Providers

We may share information with trusted third-party service providers who assist in operating the Service:

Hosting providers: Our infrastructure and database hosting
Analytics services: Anonymous usage statistics and performance monitoring
Email services: Transactional email delivery
CDN and caching: Content delivery for performance

These providers are contractually obligated to protect your information and use it only for specified purposes.

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

Court orders or subpoenas
Government investigations or requests
Protection of our legal rights or safety
Prevention of fraud or illegal activity

4.3 Business Transfers

If SupportFinder.io is acquired or merged with another company, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Provider Data

Public Provider Information: Provider details displayed on SupportFinder.io are sourced from:

NDIS Commission public provider register
Publicly available business directories
Provider-submitted information (if claimed profiles)

Provider data is considered public information and is displayed to help NDIS participants find services. Providers who wish to update or remove their information should contact us or claim their profile.

Provider Responsibilities: Providers are responsible for ensuring the accuracy of their own information. We facilitate updates but do not guarantee accuracy.

6. Data Security

We implement industry-standard security measures to protect your information:

Encryption: HTTPS/TLS encryption for data in transit
Access Controls: Restricted access to personal data
Secure Infrastructure: Hosted on reputable cloud platforms
Regular Audits: Security monitoring and vulnerability scanning
Data Minimization: We collect only necessary information

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Privacy Rights

Under Australian privacy law, you have the right to:

7.1 Access and Correction

Request access to personal information we hold about you
Request correction of inaccurate or incomplete information

7.2 Deletion

Request deletion of your personal information (subject to legal obligations)
Problem reports may be anonymized rather than deleted to maintain data integrity

7.3 Opt-Out

Opt out of non-essential communications
Disable location services in your browser (this will limit search functionality)

7.4 Complaints

If you believe we have breached your privacy rights, you may:

Contact us at [email protected]
Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

8.1 Essential Cookies

Session Cookies: Maintain your search state across pages
CSRF Token: Security cookie to prevent cross-site attacks

These cookies are necessary for the Service to function and cannot be disabled.

8.2 Analytics Cookies

Anonymous usage tracking to improve the Service
No personally identifiable information is collected

8.3 Cookie Management

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

9. Third-Party Services

The Service uses third-party services that may collect information:

OpenStreetMap: Map tiles for location display (privacy policy)
Cloudflare: CDN and DDoS protection (privacy policy)

We are not responsible for third-party privacy practices. Please review their policies independently.

10. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children.

If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete it.

11. International Data Transfers

Your information may be stored and processed in Australia or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

12. Data Retention

We retain information only as long as necessary for the purposes described in this policy:

Search queries: Stored temporarily in cache (10-15 minutes)
Problem reports: Retained indefinitely for data quality tracking
Log data: Retained for 90 days for security monitoring
Analytics: Aggregated data retained indefinitely (no personal identifiers)

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

Material changes will be communicated via email (if you have an account) or by posting a prominent notice on the Service.

Your continued use of the Service after changes are posted constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Privacy Complaints: For formal privacy complaints, please include "Privacy Complaint" in the subject line. We will respond within 30 days.