Autech Software, RecoveryHUB Privacy Policy

Effective Date: May 13th, 2025

PRIVACY POLICY

  • Introduction

    • 1.1 This Privacy Policy explains how Smart Lock Booking (“we,” “us,” “our”), on behalf of RecoveryHUB, collects, processes, and uses personal data when you use the Smart Lock Booking application (“the App”).

    • 1.2 By using the App, you agree to the data practices described in this Policy.

  • Data We Collect

    • 2.1 Personal Data
      Name, Phone Number, Email: Required to identify you and issue One-Time Passcodes (OTP). We log which facility you unlocked and the time/date of each unlock

    • 2.2 Location Data
      We do not store precise device location. We may momentarily validate your vicinity to a lock, but do not retain GPS coordinates. We do keep records of which lock was unlocked at what time.

    • 2.3 Auxillary Personal Data
      Gender, Date of Birth, Emergency Contact Name and Phone Number, Digital Signature: We store this data for analytical reasons, emergency situations and recording your signing of the Liability waiver.

  • How We Use Your Data

    • 3.1 Access & Security
      We use your phone number to send OTPs for secure unlocking. We log unlock details for security, auditing, and vandalism investigations.

    • 3.2 Statistics
      We analyse unlock times and dates to gather usage statistics for RecoveryHUB. We also use your Gender identity, and Date of Birth to gather overall audience statistics and analytics

    • 3.3 Contacting Users
      If a facility is damaged, we may contact the users who unlocked it during the relevant time.

    • 3.4 Marketing
      If you opt in to receive marketing, we may send you promotional messages. You can opt out at any time.

  • Legal Basis for Processing

    • 4.1 Consent
      We rely on your consent if you opt in to marketing or voluntarily provide your details.

    • 4.2 Legitimate Interests
      We use your data to ensure secure facility access, investigate vandalism, and provide usage statistics to RecoveryHUB.

  • Data Storage & Retention

    • 5.1 Location of Servers
      We store data in Sydney, Australia (via AWS).

    • 5.2 Retention Period
      We retain personal data indefinitely unless you request its deletion or remove your account.

    • 5.3 Deletion Requests
      If you wish to delete your data, contact us (section 10).

  • Disclosure & Third-Party Processing

    • 6.1 Sub-processors
      We use Twilio for SMS OTP and AWS for hosting. We do not sell your personal data to other third parties.

  • Security Measures

    • 7.1 We do not currently encrypt personal data at rest. We implement protections and take reasonable steps to safeguard our servers

    • 7.2 No method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security. However, we do aim to use best practices with your data security.

  • Children’s Data

    • 8.1 Our App restricts under-18s from registering, with no possible additional verification for minors.

  • Your Rights

    • 9.1 Access & Correction
      You may request a copy or correction of your personal data by contacting us.

    • 9.2 Deletion
      You may request erasure of your data at any time.

    • 9.3 No Explicit GDPR Compliance
      While we are not explicitly GDPR-compliant, we endeavour to respect data subject rights where feasible.

  • Contact Information

    • 10.1 For any questions, data access, or deletion requests, contact:

  • Policy Updates & Notification

    • 11.1 We may update this Privacy Policy from time to time.

    • 11.2 We will notify you of significant changes by posting an update within the App. Continued use of the App after changes are posted constitutes acceptance of the revised Policy.