How It WorksFor BusinessesAboutFAQContact

Privacy Policy

Last updated: May 2026

At Ourfit, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our platform. We comply with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth).

1. Information We Collect

Information you provide:

  • Account information (name, email, phone number, password)
  • Profile information (photo, bio, location)
  • Identity verification documents (driver's licence, passport)
  • Payment information (processed securely by Stripe)
  • Listing details (item descriptions, photos, pricing)
  • Messages and communications with other users
  • Support requests and feedback

Information collected automatically:

  • Device information (browser type, operating system, device ID)
  • Usage data (pages visited, features used, search queries)
  • Location data (approximate location based on IP address)
  • Cookies and similar tracking technologies

2. How We Use Your Information

We use your information to:

  • Create and manage your account
  • Facilitate rentals between users
  • Process payments and payouts
  • Verify your identity and prevent fraud
  • Provide customer support
  • Send transactional emails (booking confirmations, reminders)
  • Send marketing communications (with your consent)
  • Improve and personalise our services
  • Analyse usage trends and platform performance
  • Comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • With other users: When you make or receive a booking, we share necessary information (name, photo, contact details) to facilitate the transaction.
  • With service providers: We use trusted third parties for payment processing (Stripe), email delivery, analytics, and hosting. These providers only access information needed to perform their services.
  • For legal reasons: We may disclose information when required by law, to respond to legal process, or to protect the rights, property, or safety of Ourfit, our users, or others.
  • Business transfers: If Ourfit is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential cookies: keeping you logged in and remembering your preferences.
  • Analytics cookies: Google Analytics 4 (set by Google) to measure how visitors find and use the platform (pages visited, device type, approximate location). You can opt out via the Google Analytics opt-out browser add-on.
  • Payment cookies: set by Stripe on checkout pages to process payments and prevent fraud.

You can control cookies through your browser settings. Note that disabling essential cookies will affect core functionality (e.g. login, checkout).

5. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Secure payment processing through Stripe (PCI-DSS compliant)
  • Regular security assessments
  • Access controls and authentication

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Notifiable data breaches. If we have reasonable grounds to believe that an eligible data breach has occurred involving your personal information, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988 (Cth).

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We may retain certain information after account closure for:

  • Legal and regulatory compliance
  • Dispute resolution
  • Fraud prevention
  • Enforcing our terms and policies

7. Your Rights

Under the Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information (subject to legal requirements)
  • Opt out of marketing communications
  • Lodge a complaint with the Office of the Australian Information Commissioner

To exercise these rights, contact us at the email address below. We will respond within a reasonable timeframe.

8. Third-Party Services

We share personal information with the following third-party service providers so we can run Ourfit. Each provider is bound by its own privacy policy and, where applicable, a data processing agreement with us.

  • Stripe (United States): payment processing, payouts to lenders, and identity verification. Stripe collects payment card details, bank details, identity documents (for lenders), device information and IP address.
  • Twilio (United States): SMS delivery for phone verification and booking notifications.
  • Resend (United States): transactional email delivery (booking confirmations, password resets, lender invites).
  • Google Analytics 4 (United States): aggregated usage analytics for the marketing site and app.
  • Sentry (United States): error and crash reporting so we can diagnose and fix bugs.
  • Vercel (United States): hosting and edge infrastructure for our website and app.
  • Railway (United States): hosting for our backend API.
  • Cloudflare R2 (worldwide): object storage for listing photos and other uploaded media.

We may add or change providers from time to time. Material changes will be reflected in an updated version of this Privacy Policy.

9. International Transfers

Some of our service providers may be located outside Australia. When we transfer your information overseas, we take steps to ensure it receives appropriate protection consistent with Australian privacy laws.

10. Children's Privacy

Ourfit is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our platform. Your continued use of Ourfit after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy, want to access or correct your personal information, or wish to make a privacy complaint, please contact us:

Ourfit Pty Ltd (ABN 68 674 899 917)

Sydney, NSW, Australia

Email: legal@ourfit.app

If you are not satisfied with how we have handled your privacy complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.