Privacy Policy

Effective date: April 2026

One Guest Guide ("we", "us", "our") is committed to protecting your privacy in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we collect, use, disclose, and protect your personal information.

1. Information We Collect

We collect the following types of information:

• Account information: email address and password (or Google account identifier if using OAuth).
• Property and guide content: property names, section text, icons, and other content you create.
• Payment information: processed and stored securely by Stripe. We do not store your credit card details on our servers.
• API keys: if you provide an OpenAI API key for the AI concierge, it is stored in our database. We never share your API key with third parties beyond OpenAI for the purpose of powering your concierge.
• Usage data: basic analytics such as page views and feature usage to improve the Service.

2. How We Use Your Information

• To provide, maintain, and improve the Service.
• To process subscription payments via Stripe.
• To power AI-generated guide content and the AI concierge via OpenAI.
• To send transactional emails (account verification, password resets, billing receipts).
• To respond to support requests.

3. Third-Party Services

We use the following third-party services to operate One Guest Guide:

• Supabase (database, authentication) — your account and property data is stored in Supabase's infrastructure.
• Stripe (payments) — processes and stores your payment information. See Stripe's Privacy Policy.
• OpenAI (AI features) — property content is sent to OpenAI's API to generate guide sections and power the concierge. See OpenAI's Privacy Policy.
• Cloudflare (hosting, CDN) — serves the application and runs server-side functions. See Cloudflare's Privacy Policy.

4. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We only share data with the third-party services listed above, and only to the extent necessary to operate the Service.

5. Data Retention

We retain your account and property data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it by law. Stripe retains payment records independently according to their own policies.

6. Data Security

We use industry-standard security measures including encrypted connections (HTTPS), row-level security policies on our database, and secure authentication via Supabase. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

7. Cookies

One Guest Guide uses essential cookies and local storage to maintain your login session. We do not use third-party tracking cookies or advertising cookies. No cookie consent banner is required under current Australian law for essential-only cookies.

8. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you.
• Request correction of inaccurate information.
• Request deletion of your account and associated data.
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached.

To exercise any of these rights, contact us at [email protected].

9. Children's Privacy

The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via the Service. The effective date at the top of this page indicates when the policy was last revised.

11. Contact

If you have questions or concerns about this Privacy Policy, contact us at [email protected].