Privacy Policy

1.1 Organise My Site is operated by WORKSHOP OS PTY LTD ABN/ACN 42 697 296 236, trading as Organise My Site (Organise My Site, OMS, we, us, our).

1.2 Organise My Site provides an online workshop management software platform for repair shops and related service businesses.

1.3 Privacy contact: info@organisemysite.com.

2.1 This Privacy Policy explains how we collect, hold, use and disclose personal information in connection with OMS, including our website, app, customer portal, support, billing and communications.

2.2 This policy applies to account owners, administrators, invited users, prospective customers, workshop staff, suppliers, portal users and other people whose information is processed through OMS.

2.3 Workshop customers should also read the relevant workshop's own privacy notices. Each workshop is responsible for telling its own customers, staff and suppliers how it collects and uses their personal information through OMS.

3.1 Account and user information: names, business names, job titles, email addresses, phone numbers, login details, account settings, roles, permissions and billing status.

3.2 Workshop operational information: customer records, vehicle records, job records, invoices, receipts, parts, labour, supplier details, images or documents if enabled, notes, staff records, customer portal records and related workshop data entered into OMS by a customer or user.

3.3 Communications information: support requests, emails we send or receive, automated email delivery records, invoice/job update email records and other communications with us or sent through the Service.

3.4 Payment and billing information: plan details, subscription status, billing contact details, invoices, payment status and payment processor references. Card payments are handled by Stripe. OMS does not store full card details.

3.5 Technical and usage information: device information, browser type, IP address, log data, pages/screens viewed, feature usage, error data, analytics events, approximate location from technical data, and similar information collected through Firebase, Google Cloud services, Google Analytics or similar tools.

3.6 We do not intentionally require sensitive personal information. OMS is designed around predetermined workshop-management fields that are not intended to ask for sensitive information. Customers and users should not store unnecessary sensitive personal information in OMS, such as health information, biometric information, government identifiers, financial account credentials, criminal records, information about children, or other sensitive information unless we expressly agree in writing and appropriate safeguards are in place.

4.1 We collect information when you create an account, start a trial, invite users, use the Service, enter or upload data, use the customer portal, contact support, subscribe, pay, visit our website/app or interact with our emails.

4.2 We also collect information automatically through logs, cookies, analytics and similar technologies, including through Firebase/Google Cloud and Google Analytics.

4.3 We may receive information from third-party services you connect to OMS, such as Stripe or accounting/financial tools if integrations are enabled. Xero integration is expected to be introduced first, with QuickBooks, MYOB or similar integrations potentially added later.

5.1 We use personal information to provide, operate, secure, maintain and improve OMS.

5.2 We use personal information to create and manage accounts, authenticate users, administer trials and subscriptions, process payments through Stripe, send invoices and receipts, provide support, send service notices, troubleshoot problems and respond to enquiries.

5.3 We use customer-entered data to deliver the features requested by the relevant customer, including job management, customer portal visibility, invoices, receipts, invoice notices and job update emails.

5.4 We may use aggregated or de-identified information for product improvement, analytics, benchmarking, reporting, planning, security, diagnostics and business insights. We will take reasonable steps so aggregated or de-identified information does not identify an individual or a specific customer unless otherwise permitted by law.

5.5 We do not currently use OMS to send marketing or promotional emails to workshop customers. If that changes, appropriate consent, unsubscribe and legal compliance mechanisms should be implemented before launch of that feature.

6.1 Depending on the circumstances, we may rely on consent, contract performance, legitimate business interests, legal obligations, or another lawful basis recognised by applicable privacy laws.

6.2 Customers are responsible for having an appropriate legal basis, notices and consents for personal information they collect from their own customers, staff and suppliers and enter into OMS.

6.3 Customers are responsible for ensuring information entered into OMS is accurate, lawful, relevant and not excessive for the customer's legitimate business purposes.

7.1 We may disclose personal information to third-party providers who help us provide, secure, bill for, analyse, host, communicate about or improve OMS.

7.2 Known material providers currently include:

(a) Firebase app hosting, Firebase Storage, Firestore and Google Cloud services for hosting, database, infrastructure and related services;

(b) Stripe for payment processing and subscription billing;

(c) Resend for automated emails, including receipts, invoices, invoice notices and job update emails;

(d) basic Google Analytics and Meta Pixel for product analytics, website analytics, advertising measurement and related usage analytics;

(e) accounting integrations if enabled, with Xero expected first and QuickBooks, MYOB or similar services potentially added later.

7.3 We may also disclose information to professional advisers, insurers, government authorities, regulators, courts, law enforcement, prospective business purchasers or investors, and other parties where required or permitted by law.

8.1 OMS currently uses Firebase, Firestore, Firebase Storage and Google Cloud services in the australia-southeast2 region.

8.2 Some service providers, including global cloud, payment, email, analytics and accounting-integration providers, may access, store or process information outside Australia or use personnel/subprocessors in other countries. OMS is primarily targeted at Australian workshop businesses, but users outside Australia may be able to access or sign up through the website. OMS does not actively market to New Zealand, the United Kingdom, the United States, the European Union or other overseas markets at this stage, and may refuse, suspend or restrict access from high-risk, sanctioned, unlawful, unsupported or unsuitable countries, regions, users or use cases.

9.1 OMS may use cookies, local storage, SDKs, pixels, analytics identifiers and similar technologies for login, security, preferences, analytics, diagnostics and product improvement.

9.2 OMS currently uses basic Google Analytics and Meta Pixel. OMS does not currently use Google Ads or Google signals for OMS unless this Privacy Policy, the website or an in-app notice is updated. If OMS later enables additional advertising, remarketing or similar tracking, OMS should update this Privacy Policy and consider whether additional cookie notice or consent mechanisms are required.

10.1 OMS may send automated emails such as receipts, invoices, invoice notices and job update emails. OMS does not currently send SMS, marketing/promotional emails, quote approvals or reminders unless those features are later released.

10.2 The customer portal currently allows workshop customers to view their own jobs and invoices. It does not currently allow quote approvals, document/image uploads, workshop messaging or invoice payment through OMS unless those features are later released.

10.3 Customers are responsible for ensuring their own recipients have been notified about, and where required have consented to, receiving communications or accessing information through OMS.

11.1 We use commercially reasonable technical and organisational measures designed to protect personal information against unauthorised access, loss, misuse, interference and disclosure.

11.2 No online service is completely secure, uninterrupted or error-free. Customers should keep their own required business, legal, accounting, tax, warranty and operational records and exports.

11.3 If you become aware of a privacy or security incident involving OMS, contact us promptly at info@organisemysite.com.

12.1 We retain personal information for as long as reasonably needed to provide OMS, manage accounts, comply with legal obligations, resolve disputes, enforce agreements, maintain security, support business records and improve the Service.

12.2 Customers can export data module-by-module where export functionality is available. Current export formats include CSV and Excel. OMS does not currently promise PDF, JSON or whole-account export unless those options are expressly made available in the Service or agreed in writing. Customers should export required data before cancellation or termination.

12.3 After cancellation, OMS currently intends to retain Customer Data in active systems for 60 days before deletion or de-identification, unless a longer period is required or permitted by law, security, dispute resolution, backup rotation or legitimate business recordkeeping needs.

12.4 OMS does not currently promise any fixed backup frequency or that deleted data can be restored. Deleted data may remain in backups for a limited period subject to backup rotation, security, legal and technical requirements.

13.1 You may contact us at info@organisemysite.com to request access to, correction of, or deletion of personal information we hold about you, subject to legal exceptions.

13.2 If you are a workshop customer's customer, staff member or supplier, we may need to refer your request to the relevant workshop customer because the workshop controls the information entered into OMS.

13.3 We may need to verify your identity before responding to a privacy request.

14.1 If you have a privacy complaint, contact us at info@organisemysite.com with details of the issue.

14.2 We will take reasonable steps to investigate and respond. If you are not satisfied, you may be able to contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

15.1 We may update this Privacy Policy from time to time. The updated version will be posted on our website, in the app or otherwise notified to you where appropriate.

15.2 If changes are material, we will take reasonable steps to notify affected customers where practicable.

16.1 Privacy, legal, support and privacy/security incident enquiries may be sent to info@organisemysite.com.

17.1 The current Privacy Policy, Terms of Service, pricing page, app/login page and any public help or user manual materials are available through the Organise My Site website at www.organisemysite.com or through links in the Service.