Autech Software, DEVONPORT COUNCIL Privacy Policy

Effective Date: February 20, 2025

PRIVACY POLICY

  • Introduction

    • 1.1 This Privacy Policy explains how Smart Lock Booking (“we,” “us,” “our”), on behalf of Devonport City Council, collects, processes, and uses personal data when you use the Smart Lock Booking application (“the App”).

    • 1.2 By using the App, you agree to the data practices described in this Policy.

  • Data We Collect

    • 2.1 Personal Data
      Name and Phone Number: Required to identify you and issue One-Time Passcodes (OTP). We log which facility you unlocked and the time/date of each unlock

    • 2.2 Location Data
      We do not store precise device location. We may momentarily validate your vicinity to a lock, but do not retain GPS coordinates. We do keep records of which lock was unlocked at what time.

  • How We Use Your Data

    • 3.1 Access & Security
      We use your phone number to send OTPs for secure unlocking. We log unlock details for security, auditing, and vandalism investigations.

    • 3.2 Statistics
      We analyse unlock times and dates to gather usage statistics for Devonport City Council.

    • 3.3 Contacting Users
      If a facility is damaged, we may contact the users who unlocked it during the relevant time.

    • 3.4 Marketing
      If you opt in to receive marketing, we may send you promotional messages. You can opt out at any time.

  • Legal Basis for Processing

    • 4.1 Consent
      We rely on your consent if you opt in to marketing or voluntarily provide your details.

    • 4.2 Legitimate Interests
      We use your data to ensure secure facility access, investigate vandalism, and provide usage statistics to Devonport City Council.

  • Data Storage & Retention

    • 5.1 Location of Servers
      We store data in Sydney, Australia (via AWS).

    • 5.2 Retention Period
      We retain personal data indefinitely unless you request its deletion or remove your account.

    • 5.3 Deletion Requests
      If you wish to delete your data, contact us (section 10).

  • Disclosure & Third-Party Processing

    • 6.1 Devonport City Council
      We share unlock logs and user details with the council if required for vandalism investigations or usage statistics.

    • 6.2 Sub-processors
      We use Twilio for SMS OTP and AWS for hosting. We do not sell your personal data to other third parties.

  • Security Measures

    • 7.1 We do not currently encrypt personal data at rest. We implement protections and take reasonable steps to safeguard our servers

    • 7.2 No method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

  • Children’s Data

    • 8.1 Our App does not restrict under-16s from registering, nor do we have additional verification for minors. If you are a parent or guardian, please supervise children’s usage.

  • Your Rights

    • 9.1 Access & Correction
      You may request a copy or correction of your personal data by contacting us.

    • 9.2 Deletion
      You may request erasure of your data at any time.

    • 9.3 No Explicit GDPR Compliance
      While we are not explicitly GDPR-compliant, we endeavour to respect data subject rights where feasible.

  • Contact Information

    • 10.1 For any questions, data access, or deletion requests, contact:

  • Policy Updates & Notification

    • 11.1 We may update this Privacy Policy from time to time.

    • 11.2 We will notify you of significant changes by posting an update within the App. Continued use of the App after changes are posted constitutes acceptance of the revised Policy.