Privacy Policy

Effective Date: 5 March 2026 · Last Updated: 22 March 2026

IMPORTANT NOTICE: Trackexa is currently in Beta. While we take reasonable steps to protect your data, the app is under active development and may experience interruptions, bugs, or data loss. By using Trackexa, you acknowledge these risks.

1. Introduction

Trackexa ("we", "us", or "our") is a trade business management application based in Cairns, Queensland, Australia. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use the Trackexa web and mobile application (the "Service").

We are committed to protecting your privacy and complying with the Australian Privacy Principles under the Privacy Act 1988 (Cth).

2. Information We Collect

2.1 Information You Provide Directly

When you create an account and use Trackexa, you provide us with:

Account Information: Email address, password (encrypted), and display name
Business Information: Business name, ABN, license numbers, contact details, bank account details (for quote/invoice generation)
Customer Information: Customer names, addresses, phone numbers, email addresses
Financial Data: Quote details, invoice data, job costs, materials costs, payment information, profit tracking data
Job Information: Job descriptions, addresses, scheduling details, photos, task lists, notes
Calendar Data: When you connect Google Calendar, we access and store scheduling information to sync your jobs with your calendar
Billing Information: When you subscribe, Stripe collects payment details (such as card information) and billing contact details. We receive subscription status, customer identifiers, and related metadata needed to manage access—not your full card number on our own servers
Product and onboarding communications: If you receive email sequences (for example walkthroughs or tips), your email address and related profile or usage signals may be processed by our email automation provider as described below

2.2 Information Collected Automatically

We may collect certain information automatically when you use the Service:

Usage Data: Features used, actions taken within the app, session duration
Device Information: Device type, operating system, browser type, IP address
Cookies and Similar Technologies: We may use cookies, local storage, and similar technologies to enhance functionality, remember your preferences, and analyze usage patterns

3. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Trackexa Service
Create and manage your account
Generate quotes, invoices, and PDF exports
Calculate profit margins, financial metrics, and business insights
Sync jobs with your Google Calendar (when authorized)
Store and retrieve your business data across devices
Improve and optimize the Service
Communicate with you about updates, changes, billing, or support issues
Send onboarding, educational, or engagement-related emails when you have signed up or use the Service (where permitted)
Process subscription payments and manage access through Stripe
Comply with legal obligations
Detect and prevent fraud or security issues

4. How We Store and Protect Your Information

4.1 Data Storage

Your data is stored using:

Supabase: A cloud database service that stores your quotes, invoices, jobs, tasks, business settings, account authentication, and related application data
Stripe: Processes subscription payments, stores payment method details according to Stripe’s policies, and provides the billing customer portal
Vercel: Hosts the web application and serverless APIs; may process request metadata (such as IP addresses and headers) in the course of operating the Service
Local Storage: Some preferences and temporary data are stored locally in your browser or device
Google Services: When you authorize Google Calendar sync, scheduling data is synchronized with your Google account

4.2 Data Security

We implement reasonable security measures to protect your information, including:

Encryption of data in transit using HTTPS/TLS
Secure authentication via email/password or Google OAuth
Access controls and user-specific data isolation
Regular security reviews and updates

HOWEVER, PLEASE NOTE: Trackexa is in Beta, and no system is completely secure. We cannot guarantee absolute security of your data. You use the Service at your own risk.

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Third-Party Service Providers

We share your information with trusted third-party service providers who assist us in operating the Service:

Supabase: Database hosting, authentication, and (where configured) database webhooks that help sync signup events to other tools
Stripe, Inc.: Payment processing, subscription management, tax and invoice presentation as configured, and the customer billing portal. See Stripe’s privacy materials at stripe.com/privacy
Loops: Email delivery and automation (for example onboarding sequences, product tips, and engagement-based messages). Loops may process your email address and contact properties we sync for those purposes
Vercel: Hosting and deployment of the website and API routes
Google: Calendar synchronization and Google sign-in when you choose those options—subject to Google’s terms and policies

These providers process data as described in their own policies and our agreements with them. They may be located in Australia, the United States, or other countries.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, such as:

Court orders or subpoenas
Government investigations
Protection of our legal rights or the safety of others

6. Your Rights and Choices

Under Australian privacy law, you have the following rights:

6.1 Access and Correction

You can access and update most of your information directly through the Trackexa app settings. If you need assistance accessing or correcting your data, contact us at the email below.

6.2 Data Export and Deletion

You can request:

Data Export: A copy of your personal data in a portable format
Account Deletion: Permanent deletion of your account and associated data (note: some data may be retained for legal or backup purposes for a limited period)

6.3 Google Calendar Disconnect

You can revoke Trackexa's access to your Google Calendar at any time through your Google Account settings or within the Trackexa app.

6.4 Subscription and billing

You can cancel your subscription at any time using the billing portal linked from Trackexa (Stripe Customer Portal), which allows you to manage payment methods and subscription status. Questions about a specific charge may be directed to us at support@trackexa.com or reviewed in your Stripe-hosted receipt where applicable.

6.5 Marketing and product email

Where we send non-transactional product or onboarding email through Loops, you may use unsubscribe links in those messages where provided, or contact us to opt out of optional communications. Transactional messages (such as security, billing, or account notices) may still be sent where necessary to operate the Service.

6.6 Cookies and Tracking

You can control cookies through your browser settings, though some features of Trackexa may not function properly if cookies are disabled.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete or anonymize your data within a reasonable timeframe, except where we are required to retain it for legal, accounting, or security purposes.

8. International Data Transfers

Your data may be stored or processed outside Australia, including through Supabase, Stripe (including operations in the United States and other regions), Loops, Vercel, and Google, depending on how you use the Service. By using Trackexa, you acknowledge that your information may be transferred to countries that have different data protection laws than Australia. We take reasonable steps to work with reputable providers and to protect your information in line with this Policy.

9. Children's Privacy

Trackexa is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of significant changes by:

Posting the updated policy on our website with a new "Last Updated" date
Sending an email notification to your registered email address (for material changes)

Your continued use of Trackexa after changes become effective constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: privacy@trackexa.com
Business Name: Trackexa

We will respond to your inquiry within a reasonable timeframe, typically within 30 days.

12. Complaints

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us using the contact details above. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Website: www.oaic.gov.au
Phone: 1300 363 992