Trust & legal
Privacy Policy (Draft)
How VariationGuard handles your information. This is a working draft for launch preparation.
Last updated: Private beta draft — 4 July 2026
About this policy
This policy explains how VariationGuard (private beta — operating entity to be confirmed before public launch) handles information in connection with VariationGuard. It is a working draft and must be reviewed against the Australian Privacy Principles by a qualified adviser before launch.
Information we may collect
- Account and contact information (name, email, company name).
- Company and project information you set up.
- Builder emails and instructions you forward or paste in.
- Field capture notes recorded onsite.
- Subcontract clause text you enter for time-bar configuration.
- Cost workbook data (line items, rates and figures).
- Usage and analytics events (see below).
- Payment-related information handled by Stripe (we do not store full card numbers).
What analytics intentionally excludes
Our analytics are designed to measure how the product is used, not to capture the content of your work. Analytics should not intentionally collect raw email bodies, subcontract clause text, notice bodies, cost line descriptions or invite tokens.
- We track events such as 'instruction assessed' or 'notice preview opened', with coarse buckets (for example, a confidence band) rather than raw content.
- We do not intentionally send the text of your instructions, clauses, notices or cost descriptions to analytics.
Payment information
Card and payment data is handled by Stripe under its own terms and security. We receive limited billing status information (such as plan and subscription state), not full card details.
Infrastructure we use
The Service relies on third-party infrastructure, which may include Firebase (authentication and database), hosting providers and email processing for inbound forwarding. These providers process data on our behalf to operate the Service.
How we use information
- To provide, operate and secure the Service.
- To generate your drafts, register and workbook outputs.
- To process subscriptions and manage your plan.
- To understand product usage and improve the Service.
- To provide support and respond to your requests.
How information is stored
Information is stored in our database and infrastructure providers' systems. Access controls and security rules are applied to limit access to your company's data.
Who information may be shared with
- Service providers that help us operate the Service (such as hosting, database, payment and email-processing providers).
- Users you invite to your own company workspace.
- Authorities where required by law.
- We do not sell your personal information.
Access, export and deletion
You can export your register and cost workbook as CSV within the product. You can also request a copy or deletion of your account/company data by contacting privacy@variationguard.com.au. Some information may need to be retained to meet legal, accounting or backup obligations. See the Data page for more detail.
Data retention
We retain information for as long as needed to provide the Service and to meet legal, tax and backup obligations. Final retention periods are to be confirmed before launch.
International storage and processing
Some providers may store or process data outside Australia. The specific locations are to be confirmed and disclosed before launch.
Security
We use reasonable technical and organisational measures to protect information, including authentication and database security rules. No system is completely secure; you are responsible for keeping your credentials and invite links safe.
Contact
Privacy enquiries: privacy@variationguard.com.au. VariationGuard (private beta — operating entity to be confirmed before public launch) · Australia (contact address to be confirmed before public launch).