Privacy Policy
Last updated: 28 April 2025
1. About Us
VoteGuide.com.au ("VoteGuide", "we", "us", "our") collects and processes Personal Information in accordance with the Privacy Act 1988 (Cth), as amended by the Privacy and Other Legislation Amendment Act 2024.
This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the VoteGuide website located at https://voteguide.com.au ("Website").
2. What Information We Collect
| Category | Typical Data Points | Source |
|---|---|---|
| Website Interaction Data | Pages visited, duration, navigation patterns, clickstream, referral sources, exit pages, device/browser/OS/screen size, IP (truncated), approximate geolocation, session duration, frequency, scroll depth, engagement metrics | Cloudflare, first-party logs |
| Political Compass Quiz Data | Quiz responses, time on each question, changes before submission, political alignment results, economic/social scores, quadrant positioning, party match percentages, drop-off points, quiz completion rates | Quiz form |
| Demographic Information (Optional) | Age range, postcode, education status, income bracket, parents' political leanings, friends' political leanings | Quiz form |
| Australian-Specific Political Positions | Stances on Voice to Parliament, GST, negative gearing, renewable energy, offshore processing, republic vs monarchy, university funding, welfare, taxation | Quiz form |
| Contact Data | Names, emails, message content, inquiry type | Contact forms, email |
| Technical Identifiers | Cookies, local-storage tokens, browser fingerprint, session IDs, cross-session tracking identifiers, performance/error metrics | First-party scripts |
Note: We do not knowingly collect data from children under 13.
3. Types of Information
- Personal Information: Information or opinion about an identified individual (whether true or not).
- Sensitive Information: Includes political opinions (e.g., quiz responses), and is handled only:
- For the primary purpose it was collected;
- For a directly related secondary purpose;
- With your consent; or
- As required or authorised by law.
4. How We Collect Your Information
- Directly from you (e.g., forms, emails, dashboard login)
- Automatically (e.g., cookies, local storage, server logs)
- Third-party sources (e.g., political parties matching voter files; opt-out available)
Cookies: We use cookies for session tracking, analytics, and website customization. Most cookies do not personally identify you.
Third-Party Information: Where we receive information from third parties, we take reasonable steps to notify you.
5. Why We Collect Information
| Purpose | Legal Basis | Notes |
|---|---|---|
| Website operations, quiz delivery | APP 3 | To provide services and personalisation |
| Analytics and improvements | APP 3.2 | Aggregated metrics, debugging |
| Direct marketing | APP 7 (consent) | Unsubscribe at any time |
| Research and statistics | APP 6.2(b) | De-identified where practicable |
| Legal compliance | APP 6.2(b) | Fraud prevention, lawful disclosures |
By using our Website, you consent to receive direct marketing material (which you can opt out of at any time).
6. Disclosure and Overseas Transfers
We may share your information with:
- Service providers (e.g., Supabase, Vercel, Cloudflare, email/SMS gateways).
- Research partners (under strict de-identification agreements).
- Political organisations and market research companies, where you have expressly opted-in to such sharing.
- Regulatory bodies and law enforcement, if legally required.
Your data may be transferred to United States, Canada, United Kingdom, New Zealand, European Union countries. You consent to these transfers and acknowledge overseas recipients may not be subject to the same privacy obligations under Australian law.
7. Data Security and Retention
- TLS 1.3 encryption in transit and AES-256 encryption at rest.
- Role-based access control (RBAC) and Multi-Factor Authentication (MFA).
- Annual penetration testing and privacy impact assessments.
Retention:
- Raw quiz data pseudonymised after 30 days.
- Other records retained for up to 7 years for legal purposes, then securely deleted or de-identified.
8. Notifiable Data Breaches
If a breach involving your Personal Information is likely to cause serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches Scheme.
9. Your Rights
You have rights under the Australian Privacy Principles, including the right to:
- Access your Personal Information (APP 12).
- Correct inaccuracies (APP 13).
- Withdraw consent for direct marketing.
- Request deletion (where lawful).
Requests can be made by contacting us at info@voteguide.com.au.
10. Direct Marketing & Profiling
- We do not use Sensitive Information (e.g., political views) for direct marketing.
- Marketing emails are Australian-hosted.
- All emails contain a simple unsubscribe option.
11. Complaints
If you have any privacy concern:
Contact our Privacy Officer:
Name:
Email: info@voteguide.com.au
We aim to acknowledge within 5 business days and resolve within 30 days. If you are not satisfied, you can lodge a complaint with the OAIC.
12. Changes to This Policy
This Privacy Policy is reviewed at least annually and when privacy laws change. Material updates will be announced via the Website banner and email (where practicable).
13. Data Commercialisation & Business Transfers
| Clause | What We May Do | Legal Basis |
|---|---|---|
| 13.1 | Sell or licence de-identified or aggregated datasets (e.g., postcode-level political trends). De-identified data is not classified as Personal Information. | OAIC de-identification guidelines |
| 13.2 | Sell or licence Personal Information to political organisations, market research companies, or similar entities - only where: (a) you have expressly opted-in; or (b) an APP 6 exception applies and such disclosure is reasonably expected. | APP 6 |
| 13.3 | Transfer user data to a buyer if the business is sold, merged, or restructured, subject to privacy obligations. | OAIC "Selling a Business" guide |
| 13.4 | For overseas buyers, take contractual steps to ensure compliance with APP 8. You consent to such transfers. | APP 8 |
| 13.5 | You release and indemnify VoteGuide for acts/omissions of lawful data transferees post-transfer (except non-excludable rights under the Privacy Act and Australian Consumer Law). | Contract law & Privacy Act s 16C |
14. Your Consent
By continuing to use VoteGuide after the date above, you:
- Acknowledge and accept this Privacy Policy; and
- Consent to the collection, use, disclosure (including sale/licensing to political organisations and market research companies if you opt-in), and overseas transfer of your information as described.
If you do not agree, please discontinue use or contact us to request deletion (§9).
Last updated: 28 April 2025