Privacy Policy
Rigup (sole trader Rigup Tradies, ABN 99 852 418 021) is committed to protecting your privacy. This policy explains what information we collect, how we use it, who we share it with, and your rights under the Australian Privacy Principles (APPs).
By using rigup.com.au or our services, you consent to the collection and use of information as described in this policy.
1. Who we are
Rigup is operated by Daniel Francis as a sole trader, registered business name "Rigup Tradies" (ASIC), ABN 99 852 418 021, based in Ocean Shores, NSW, Australia. For privacy enquiries, contact support@rigup.com.au.
2. What information we collect
2.1 Information you give us directly
- Account / billing: name, email address, phone number, business name, ABN, business address, payment card details (handled by Stripe — we do not store full card numbers)
- Intake form: trade type, services offered, service area suburbs, licence numbers, existing Google Business Profile, existing domain (if any), business hours, brand assets, descriptions of common jobs
- Customer support: email and SMS correspondence with our support team
2.2 Information we collect on your behalf (about your customers)
As part of running your Lead Engine, we capture data about people who contact you through your Rigup-built site:
- Form submissions (name, phone, email, message, suburb, service requested)
- Tracked phone calls (caller number, call duration, time, outcome)
- Tracked SMS exchanges (sender number, message content, time)
- AI auto-responder reply logs (what was sent, when, in reply to which lead)
This data is collected so we can route leads to you, audit lead counts for the 5-leads guarantee, and improve auto-responder quality. You are the controller of your customers' data; Rigup is the processor. You are responsible for having appropriate notices, consents, and your own privacy policy on your site (we provide a template; final compliance is your responsibility).
2.3 Information collected automatically
- Site analytics: IP address (anonymised), browser, device, pages viewed, referrer, timestamps. Collected via privacy-friendly Plausible Analytics on rigup.com.au.
- Search Console + Bing Webmaster: aggregate organic search query data (no personally identifying information)
- Google Ads: aggregate click and conversion data tied to your campaigns
- Cookies: minimal first-party cookies for analytics. We do not use third-party advertising cookies on rigup.com.au.
3. How we use your information
We use the information we collect to:
- Provide the Build and Lead Engine services we sell you
- Process payments and refunds via Stripe
- Send you transactional communications (welcome emails, intake reminders, monthly performance reports, refund notifications)
- Audit measurable lead counts for the 5-leads guarantee
- Run AI auto-responders to leads on your behalf
- Manage your Google Business Profile and Google Ads campaigns on your behalf (under your authorised access)
- Improve our service quality and performance
- Comply with legal obligations (tax records, dispute resolution)
We do not sell your personal information. We do not use your customers' data for any purpose beyond serving you and the lead-routing functions of the Lead Engine.
4. Who we share information with
We share information with the following sub-processors as necessary to deliver the service. Each is bound by their own privacy obligations and (where applicable) data processing agreements with us:
| Sub-processor | Purpose | Data location |
|---|---|---|
| Cloudflare Inc. | Site hosting, DNS, email routing, edge security | Global (incl. AU edge) |
| Google LLC (Workspace, Search Console, GBP, Ads, Analytics) | Email, organic + paid search infrastructure, business profile management | US |
| Stripe Payments Australia | Payment processing, subscription billing, refunds | AU + US |
| Resend | Transactional email delivery | US |
| ClickSend | SMS delivery (AU sender IDs, AU routing) | AU |
| Twilio Australia | Tracked phone numbers, call routing | AU |
| Anthropic, OpenAI | AI processing for content generation, auto-responders, intake review (we do not send personal data unnecessarily; lead content is sent so the auto-responder can reply) | US |
| Plausible Analytics | Privacy-friendly site analytics (no personal data, no cookies) | EU |
| ClickUp | Internal task tracking — limited customer info (name, business name, lifecycle stage) | US |
We update this list when sub-processors change. Material changes will be notified by email at least 30 days in advance.
5. International transfers
Some of our sub-processors are located outside Australia (primarily United States, European Union). Where personal information is transferred internationally, we rely on contractual safeguards (where required, Standard Contractual Clauses or equivalent) to ensure your data is protected to an Australian-equivalent standard.
6. Data retention
We retain your information for as long as necessary to provide the service:
- Account + billing data: while your subscription is active, plus 7 years post-cancellation (Australian tax retention requirement)
- Site content + lead history: while your subscription is active, plus 90 days post-cancellation (off-boarding grace period), then permanently deleted
- Email correspondence: 3 years, then archived
- Analytics: aggregated, no personal data, retained indefinitely for trend analysis
7. Your rights under the Australian Privacy Principles
You have the right to:
- Access — request a copy of the personal information we hold about you
- Correction — request that we correct any inaccurate information
- Deletion — request that we delete your personal information (subject to legal retention obligations)
- Portability — request your data in a machine-readable format (we provide HTML + Markdown content exports + JSON data dumps on cancellation)
- Withdraw consent — withdraw consent for processing where processing relies on consent
- Complain — lodge a complaint with us at support@rigup.com.au or with the Office of the Australian Information Commissioner (OAIC)
We will respond to access and correction requests within 30 days. If we cannot provide what you ask for, we will explain why.
8. Data security
We take reasonable steps to protect your information:
- HTTPS / TLS encryption for all site traffic and API communication
- Encrypted storage at rest for sensitive data via our hosting providers
- Secrets stored outside source control (never committed to GitHub)
- Two-factor authentication on all administrative accounts
- Principle of least privilege for sub-processor access
- Regular review of access logs and credentials
No system is perfectly secure. If we ever suffer a data breach affecting your personal information, we will notify you and the OAIC as required under the Notifiable Data Breaches scheme.
9. Children's privacy
Our service is intended for Australian businesses. We do not knowingly collect information from anyone under 18. If you believe we have collected information from a minor, contact us and we will delete it.
10. Marketing communications
We send transactional emails (signup confirmation, intake reminders, monthly performance reports, refund notifications) as part of the service. These cannot be opted out of while you are an active customer.
We do not currently send marketing emails. If we introduce a newsletter or marketing list in future, we will ask for your explicit consent and provide a clear unsubscribe mechanism.
11. Changes to this policy
We may update this policy from time to time. Material changes will be notified by email at least 30 days before they take effect. The "last updated" date at the top of this page reflects the most recent revision.
12. Contact
Rigup (sole trader Rigup Tradies)
ABN 99 852 418 021
Ocean Shores, NSW, Australia
Privacy enquiries: support@rigup.com.au
If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner.