Privacy Policy

1. Introduction

Now (AUST) Pty Ltd (ABN 59 111 630 963) ("we", "us", "our") operates the GetUp Now And Live application and website at https://getupnowand.live (the "Service").

We are committed to protecting your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, and protect your personal information.

2. Information We Collect

2.1 Information you provide

• Account information: Name, email address, and password when you create an account.
• Profile information: Optional details such as your age, occupation, or timezone.
• Payment information: If you subscribe to our Premium plan, payment details are processed securely by Stripe. We do not store your credit card number.
• Communications: Any messages you send us via email or the Service.

2.2 Information collected automatically

• Exercise data: Records of when you complete squats or other exercises, including timestamps, repetition counts, and streak information.
• Device information: Browser type, operating system, screen resolution, and device identifiers (used for push notification delivery).
• Usage data: Pages visited, features used, time spent on the Service, and interaction patterns.
• Push notification tokens: Technical identifiers required to send you reminders, with your consent.
• IP address and approximate location: For timezone detection and security purposes.

2.3 Information from third parties

If you subscribe to Premium, Stripe may provide us with limited payment information such as the last four digits of your card, card type, and billing postcode.

3. How We Use Your Information

We use your personal information for the following purposes:

• Provide the Service: Create and manage your account, track your exercise data, maintain your streak, and display leaderboard rankings.
• Send reminders: Deliver hourly push notifications and/or audio alerts to remind you to exercise, as configured by you.
• Process payments: Manage Premium subscriptions and billing through Stripe.
• Improve the Service: Analyse usage patterns to enhance features and user experience.
• Communicate with you: Send transactional emails (account confirmation, password resets, billing receipts) and, with your consent, occasional product updates.
• Ensure security: Detect and prevent fraud, abuse, or unauthorised access.
• Comply with law: Meet our legal obligations under Australian law.

4. Leaderboard and Public Data

If you participate in the community leaderboard, your display name, streak count, and total squat count will be visible to other users of the Service. You may opt out of the leaderboard at any time through your account settings, in which case your data will only be visible to you.

5. Third-Party Services

We use the following third-party services:

• Stripe (payments): Processes Premium subscription payments. Stripe's privacy policy is available at stripe.com/privacy.
• Web Push services (notifications): Your browser's built-in push notification service (e.g., Firebase Cloud Messaging for Chrome, Mozilla Push Service for Firefox) delivers reminders.

We do not sell, rent, or trade your personal information to any third party.

6. Cookies and Local Storage

We use the following browser storage mechanisms:

• Session cookies: Essential for keeping you logged in and maintaining your session. These expire when you close your browser or after 2 hours of inactivity.
• Local storage: Stores your reminder preferences, timezone settings, and offline exercise data (for PWA functionality) on your device.
• Service Worker cache: Enables offline access and faster page loads.

We do not use third-party tracking cookies or advertising cookies.

7. Push Notification Consent

When you first use the Service, we will ask your permission to send push notifications. You may grant or deny this permission through your browser. You can change your notification preferences at any time through your account settings or your browser's notification settings.

Denying push notification permission will not affect your ability to use the core Service, but you will not receive hourly reminders.

8. Data Retention

We retain your personal information as follows:

• Active accounts: Your data is retained for as long as your account remains active.
• Deleted accounts: When you delete your account, we deactivate it immediately and remove personal data from active systems within 30 days. Anonymised, aggregated data (e.g., total squat counts) may be retained indefinitely for statistical purposes.
• Inactive accounts: Accounts with no activity for 24 months may be flagged for deletion. We will notify you by email before any deletion occurs.
• Legal retention obligations: In accordance with the Australian Corporations Act 2001 and taxation law requirements, transactional and financial records (including payment history and subscription records) are retained for a minimum of 7 years after account closure, even if you request deletion. This data is stored securely and accessed only for legal compliance purposes.

9. Data Security

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. These measures include:

• Encryption of data in transit using TLS/SSL
• Secure password hashing (bcrypt)
• CSRF protection on all forms
• Secure, httpOnly session cookies
• Regular security reviews

No method of electronic storage or transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Access: Request a copy of the personal information we hold about you.
• Correction: Ask us to correct any inaccurate or incomplete personal information.
• Deletion: Request deletion of your account and personal data.
• Opt out: Unsubscribe from marketing communications or remove yourself from the public leaderboard.
• Export: Premium users can export their exercise data in standard formats.

To exercise any of these rights, please contact us at our Contact Us page. We will respond to your request within 30 days.

11. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and, where appropriate, sending you an email notification. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

13. Complaints

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with us at the contact details below. We will investigate and respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Phone: 1300 363 992
• Website: www.oaic.gov.au
• Post: GPO Box 5218, Sydney NSW 2001

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Now (AUST) Pty Ltd
• ABN 59 111 630 963
• Suite 12, 104 Gympie Road, Strathpine QLD 4500
• Phone: 07 3613 9700
• Email: our Contact Us page