Privacy Policy
Last updated: 29 May 2026
BizEdge ("we", "us") is operated from Melbourne, Australia. This policy explains what personal information we collect, how we use it, and the rights you have under the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
1. What we collect
- Account data — email, name, business profile you provide during sign-up.
- Customer data you import — the names, phone numbers, email addresses, and job history of your own customers that you upload or sync via CSV, Google Contacts, or Jobber.
- Usage data — interactions with the app (pages visited, features used) for product analytics, minimised.
- Communications metadata — when you send a message through BizEdge, we store the send status, delivery result, and opt-out signals so we can honour unsubscribe requests.
2. How we use it
- To provide the Customer Memory, reactivation, and review-harvest features you pay for.
- To send SMS and email campaigns on your behalf, only after you approve each campaign.
- To honour opt-outs (STOP replies, unsubscribe clicks) immediately and permanently.
- To improve the product — never to train third-party models without your explicit consent.
3. Consent basis for customer messaging
We rely on inferred consent under the Spam Act 2003 (Cth)for communications sent to your customers who have an existing business relationship with you (i.e. a prior job record). Every message we send on your behalf includes a visible opt-out mechanism ("Reply STOP" on SMS, unsubscribe link on email) and honours the request within seconds.
4. Your rights
- Export — download your data (profile + customers + jobs + campaign history) at any time via /api/compliance/export-my-data.
- Deletion — request account deletion via /api/compliance/delete-my-account. We soft-delete immediately and hard-delete after a 30-day grace window so you can recover if you change your mind.
- Correction + access — email privacy@bizedge.com.au.
5. Storage & security
- Data stored in Supabase (AWS Sydney region), encrypted at rest.
- Point-in-time recovery (PITR) enabled; nightly logical backups off-site.
- Row-Level Security scopes every record to your organisation.
6. Third parties
We use the following processors strictly to deliver the service: Supabase (hosting + DB), Resend (email delivery), Twilio (SMS delivery), Anthropic (AI assistance), Vercel (app hosting), Sentry (error tracking). Each operates under its own privacy policy; we do not sell or share your data beyond what's needed to run BizEdge. If you enable your own SMS sender, a dedicated Twilio subaccount is provisioned in your business name and you become the named party on Twilio's regulatory registration for that number. If you verify your own email domain, your DNS records authorise Resend to send on your behalf.
7. Contact & complaints
Privacy concerns: privacy@bizedge.com.au. If unresolved, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
This policy is a plain-English summary; specific legal terms apply. If anything here conflicts with our Terms of Service the Terms prevail.