Privacy Policy

Last updated: May 2026

Pool Safety Hub (“we”, “us”, “our”) operates the website poolsafetyhub.com.au. This policy explains how we collect, use, hold and disclose personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and how we comply with the Spam Act 2003 (Cth) when sending commercial electronic messages.

1. Information We Collect

We collect the following types of information:

• Enquiry form data: Name, email address, phone number (optional), and message content when you submit an enquiry about a listed professional.
• Contact form data: Name, email address, phone number (optional), and message content when you contact us directly.
• Usage data: Anonymous analytics data including pages visited, browser type, IP address, and device information collected through standard web analytics. We do not use advertising or cross-site tracking cookies.
• Listed professional data: Business names, licence numbers, contact information (where publicly published in a business context), and service details. See section 3 below.

2. How We Use Your Information

• To facilitate enquiries between consumers and listed pool safety professionals.
• To respond to your direct contact messages.
• To send transactional confirmations (auto-responders, listing claim verification, removal-request acknowledgements).
• To improve our website and services using aggregated, de-identified analytics.
• To meet our legal obligations under the Privacy Act, Spam Act, and other applicable laws.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

3. Listed Professional Data — Sources and Lawful Basis

Professional listings displayed on our website are sourced from publicly available Australian government licensing registers, including:

• Queensland Building and Construction Commission (QBCC)
• NSW Fair Trading — Building and Development Certifiers Register
• Victorian Building Authority (VBA) / Building and Plumbing Commission — Building Practitioner Register (published as open data by data.vic.gov.au)
• Consumer and Business Services (SA), Consumer, Building and Occupational Services (TAS), Access Canberra (ACT), Building Practitioners Board (NT), Building and Energy (WA), and equivalent state regulators

We supplement government register data with publicly available information from:

• Australian Business Register (ABR) — for ABN verification and entity-type confirmation
• Google Maps and Google Business Profiles — for contact details, opening hours, and ratings where publicly published
• Industry association directories (SPASA, MPBAA) — where the association publishes member contact details
• A listed professional’s own business website — where contact details have been conspicuously published in a work-related context

For sole-trader listings, this information may also be personal information about the individual under the Privacy Act. We hold this data on the basis of the public-register provisions of APP 3 and, for any commercial electronic messages we send, the conspicuous-publication exception in Schedule 2 clause 4 of the Spam Act 2003 — meaning we only send commercial messages to a published business address where (a) it has been published by the holder in a business or work-related capacity, (b) it is not accompanied by a statement that unsolicited messages are not wanted, and (c) the message is directly relevant to the recipient’s role as a pool safety professional.

Some data enrichment is performed using third-party services including Outscraper (Google Business Profile data) and Apify (publicly available web content). We do not use scraped data for unsolicited marketing.

4. Your Choices — Unsubscribe, Listing Removal and Data Requests

You can opt out of further communications at any time:

• Email: Click the “Unsubscribe” link at the foot of any email we send you, or email unsubscribe@poolsafetyhub.com.au. All our marketing emails carry a one-click List-Unsubscribe header so any modern mail client can also unsubscribe you directly.
• SMS: Reply STOP to any SMS we send you. This adds your number to our global suppression list within minutes.
• Listing removal: If you are a listed professional and want your listing removed (or any contact field hidden), use our listing removal request page. We process removal requests within 5 business days and add the affected contact details to our suppression list at the same time.
• Other data subject requests: To request access, correction, or deletion of personal information we hold about you, email hello@poolsafetyhub.com.au. We aim to respond within 30 days.

5. Spam Act 2003 Compliance

Every commercial electronic message we send identifies us as the sender, identifies the authoriser, and contains a functional unsubscribe facility. Unsubscribe requests are honoured within 5 business days, in line with the Spam Act. We do not use address-harvesting software or harvested-address lists.

6. Data Storage and Security

Your data is stored using industry-standard encryption (TLS in transit, AES-256 at rest) on Supabase infrastructure, with PostgreSQL row-level security policies. Database hosting region is selected to keep data within Australia or other adequately protected jurisdictions wherever possible. We log all outbound emails and SMS for audit and Spam Act compliance purposes.

7. Data Retention

• Enquiry and contact form submissions: 12 months from submission.
• Listed professional data: refreshed periodically from government registers; on removal request, the listing is suppressed within 5 business days and the underlying record is deleted within 30 days unless retention is required for legal or audit reasons.
• Removal request records: 24 months, for compliance and audit purposes.
• Email and SMS audit logs: 24 months.
• Suppression list entries: retained indefinitely so we honour your unsubscribe permanently.

8. Notifiable Data Breaches

We maintain a documented breach response process. If an eligible data breach occurs that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable, and in any case within the 30-day assessment period required by Part IIIC of the Privacy Act.

9. Cookies

Our website uses essential cookies required for the site to function (session, security, and form anti-abuse). We do not use advertising, profiling, or cross-site tracking cookies, and we do not embed third-party social-media widgets that set cookies before user interaction.

10. Your Rights

Under the Privacy Act, you have the right to:

• Access the personal information we hold about you and ask how it is used.
• Request correction of inaccurate or incomplete information.
• Request deletion of your personal information (subject to legal retention obligations).
• Opt out of commercial electronic messages under the Spam Act.
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached.
• Lodge a Spam Act complaint with the Australian Communications and Media Authority (ACMA).

11. Contact Us

For privacy-related enquiries or to exercise any of the rights above, contact our Privacy Officer at hello@poolsafetyhub.com.au or write to Pool Safety Hub Pty Ltd. We aim to acknowledge requests within 5 business days and resolve them within 30 days.