Privacy Policy

Effective Date: 15 January 2025

At orolivexara, we take your privacy seriously. This policy explains how we collect, use, and protect your personal information when you use our weekly budgeting service. We operate in accordance with the Australian Privacy Principles under the Privacy Act 1988.

We've written this in plain English because legal jargon helps no one. If something's unclear, reach out to us directly.

Information We Collect

Running a budgeting platform means we need certain information to provide our service. Here's what we collect and why it matters:

Account Information

Your name, email address, and password. We need this to create your account and send you important updates about your budget tracking.

Financial Data

Income amounts, expense categories, and budget allocations you enter. This stays with us to help you track spending patterns over time.

Usage Information

How you interact with our platform—which features you use most, when you log in, and what devices you're using. This helps us improve the experience.

Communication Records

When you contact our support team, we keep those conversations. It helps us resolve issues faster and spot common problems.

We don't connect directly to your bank accounts or credit cards. You manually enter transaction information, which gives you complete control over what we see.

How We Use Your Information

Everything we collect serves a purpose. We're not in the business of hoarding data for no reason.

  • Providing and maintaining your weekly budgeting tools and dashboard
  • Sending you notifications about your budget milestones or spending alerts you've set up
  • Responding to your questions and providing customer support
  • Improving our platform based on how people actually use it
  • Protecting against fraudulent activity or unauthorized access
  • Meeting our legal obligations under Australian law

We don't sell your information to third parties. Never have, never will. That's not our business model, and frankly, it shouldn't be anyone's.

Data Storage and Security

Your data is stored on secure servers located in Australia. We use industry-standard encryption both when data moves between your device and our servers, and when it's sitting in our databases.

Security Measures

We implement multiple layers of protection:

  • 256-bit SSL encryption for all data transmission
  • Encrypted database storage with regular security audits
  • Two-factor authentication available for all accounts
  • Regular automated backups stored in separate secure locations
  • Restricted employee access—only authorized personnel can view user data, and only when necessary
  • Continuous monitoring for suspicious activity or unauthorized access attempts

But let's be honest: no system is 100% bulletproof. We do everything reasonably possible to protect your information, though we can't guarantee absolute security. That's why we recommend using a strong, unique password and enabling two-factor authentication.

Data Retention

We keep your information for as long as your account remains active. Once you close your account, here's what happens:

Data Type Retention Period Reason
Account credentials 30 days after closure Allows you to reactivate if you change your mind
Budget and transaction data 90 days after closure Provides time for data export if you forgot to download it
Communication records 2 years Required for legal compliance and dispute resolution
Anonymized usage data Indefinitely Helps improve service without identifying individuals

After these periods, data is permanently deleted from our systems and backups. We don't keep old accounts lying around indefinitely.

Third-Party Services

We work with a few trusted service providers to run our platform. Each has access only to information they need to perform their specific function.

Current Service Providers

  • Cloud Hosting: Amazon Web Services (Sydney region) hosts our application and databases
  • Email Services: Mailgun handles transactional emails like password resets and budget alerts
  • Analytics: We use privacy-focused analytics to understand how people use our platform without tracking individuals
  • Payment Processing: Stripe processes subscription payments and doesn't share your payment details with us

These providers operate under strict data processing agreements and must comply with Australian privacy standards when handling your information.

Your Rights Under Australian Privacy Law

The Privacy Act 1988 gives you significant control over your personal information. Here's what you can do:

Access Your Data

You can request a complete copy of all personal information we hold about you. We'll provide this within 30 days in a commonly used electronic format. Just email support@orolivexara.com with "Data Access Request" in the subject line.

Correct Inaccurate Information

If something's wrong in your profile or records, you can update most information directly through your account settings. For things you can't change yourself, contact us and we'll fix it within 10 business days.

Delete Your Data

You can close your account and request data deletion at any time. We'll remove your information according to the retention schedule outlined above. Some data may need to be kept for legal compliance, but we'll anonymize it so it can't identify you.

Object to Processing

If you believe we're using your information in a way that wasn't agreed to, you can object. We'll review the situation and either stop the processing or explain why it's necessary under our terms or legal obligations.

Data Portability

You can export your budget data, transaction history, and account information anytime through your account dashboard. The export includes everything in CSV and JSON formats that work with other budgeting tools.

Lodge a Complaint

If you're unhappy with how we've handled your information, contact us first. If we can't resolve it, you have the right to complain to the Office of the Australian Information Commissioner (OAIC).

Cookies and Tracking

We use minimal cookies—small text files stored on your device. Here's the complete list:

Essential Cookies

These keep you logged in and remember your preferences. The site won't work properly without them. They include your session ID and basic security tokens.

Analytics Cookies

We track general usage patterns to understand which features people find useful and where they get stuck. These don't identify individuals—we see patterns, not people. You can disable these in your account settings without affecting functionality.

We don't use advertising cookies or tracking pixels from social media platforms. Your browsing behavior outside orolivexara stays private.

International Data Transfers

Your data stays in Australia. Our servers are located in Sydney, and we don't transfer information overseas except in two limited situations:

  • Some of our service providers (like Stripe and AWS) are US-based companies with Australian data centers. They're required to meet Australian privacy standards for our data.
  • If you access your account while traveling internationally, data technically crosses borders because it travels from our servers to wherever you are. This is unavoidable with internet services.

We don't store copies of your data outside Australia, and overseas access by our team isn't permitted except for critical security incidents.

Children's Privacy

orolivexara isn't designed for anyone under 18. We don't knowingly collect information from children. If you're a parent and discover your child has created an account, contact us and we'll delete it immediately.

Financial management tools require adult decision-making capacity, and we've structured our service accordingly.

Changes to This Policy

We'll update this policy occasionally as our service evolves or laws change. When we make significant changes, we'll notify you by email and through a prominent notice on the platform at least 30 days before changes take effect.

Continued use of orolivexara after changes become effective means you accept the updated policy. If you don't agree with changes, you can close your account before they take effect.

Minor clarifications or formatting changes won't trigger notifications—those happen continuously as we work to keep this document clear.

Legal Disclosure

Sometimes we're legally required to disclose user information. This only happens when:

  • We receive a valid subpoena or court order from an Australian court
  • We're required to comply with tax or financial reporting obligations
  • We reasonably believe disclosure is necessary to prevent harm to individuals or serious crime
  • We need to protect our legal rights in a dispute

We don't voluntarily share information with law enforcement without a proper legal basis. When we receive requests, we review them carefully and push back on overly broad demands. Where legally permitted, we'll notify you before disclosure.

Contact Us About Privacy

Questions about this policy or how we handle your information? We're here to help. You can reach our privacy team through any of these channels:

Email: support@orolivexara.com (we respond within 2 business days)
Phone: +61408860786 (Monday to Friday, 9am to 5pm AEST)
Mail: Privacy Officer, orolivexara, 22 Merriwa Blvd, North Arm Cove NSW 2324, Australia

When contacting us about privacy matters, include "Privacy Inquiry" in your subject line so we can route it to the right team quickly. We take these requests seriously and prioritize them accordingly.