Baybook

Privacy Policy

Last updated: 21 February 2026

About this policy

This privacy policy explains how Adam Rosato (ABN 25 841 671 229), trading as “Baybook,” collects, uses, stores, and discloses your personal information. We're bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy covers all personal information we handle through the Baybook platform, including data collected from service providers, workshops, and their team members.

What personal information we collect

The types of personal information we collect depend on how you use the platform:

  • Account information: name, email address, phone number, business name, ABN
  • Inspection records: inspector names, digital signatures, inspection dates, findings, and measurements
  • Pre-start check records: operator names, check results, and photos of identified issues
  • Hoist information: serial numbers, manufacturer details, installation dates
  • Usage data: login timestamps and pages visited, collected via error monitoring for service improvement

We do not collect financial payment information directly. When payment processing is enabled, payment data is handled by Stripe and is not stored on our servers.

How we collect personal information

We collect personal information in the following ways:

  • Directly from you: when you create an account, complete inspections, submit pre-start checks, or upload photos
  • Automated collection: error monitoring via Sentry for service reliability — this does not collect personally identifiable information
  • From third parties: when your service provider or workshop creates your account on the platform

Why we collect personal information

We collect and use your personal information for these purposes:

  • Providing the hoist compliance management service
  • Generating inspection certificates under AS 2550.9:2024
  • Maintaining compliance records for workplace safety obligations
  • Communicating about your account and service updates
  • Improving the platform's reliability and performance
  • Meeting our legal obligations

How we use and disclose personal information

We may share your personal information with:

  • Your service provider or workshop, as part of the provider-workshop relationship on the platform
  • Third-party service providers who help us operate the platform:
    • Supabase — database hosting (data stored in Sydney, Australia, ap-southeast-2 region)
    • Vercel — application hosting
    • Sentry — error monitoring (no personally identifiable information sent)
    • Stripe — payment processing (when enabled)
    • Resend — transactional emails (when enabled)
  • Regulatory authorities if required by law (e.g., WorkSafe)

We do not sell personal information to third parties.

Overseas disclosure

Our primary data is stored in Australia (Supabase Sydney region). Some service providers (Vercel, Sentry) may process data in the United States. We take reasonable steps to ensure overseas recipients handle your information in accordance with the APPs.

Data security

We take the security of your personal information seriously. Our measures include:

  • Encrypted connections (HTTPS/TLS) for all data in transit
  • Row-level security on database access
  • Role-based access controls
  • Secure authentication
  • Regular security monitoring

No system is 100% secure. We take reasonable steps to protect your information, but we can't guarantee absolute security.

Accessing and correcting your information

You can access and update your account information directly through the platform. To request access to other personal information we hold, or to request a correction, contact us at contact@baybook.com.au. We'll respond within 30 days as required by APP 12.

Data retention

Inspection records and compliance certificates are retained for the period required by Australian workplace safety regulations (typically 10+ years for hoist inspection records). Account information is retained while your account is active and for a reasonable period after closure.

You can request deletion of your account by contacting us. Note that compliance records may need to be retained to meet regulatory obligations even after your account is closed.

Notifiable data breaches

We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act. If we become aware of a data breach likely to result in serious harm, we'll notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required.

Complaints

If you believe we've breached the APPs, contact us at contact@baybook.com.au. We'll investigate and respond within 30 days.

If you're not satisfied with our response, you can lodge a complaint with the OAIC at www.oaic.gov.au or by calling 1300 363 992.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated through the platform. The “Last updated” date at the top indicates when this policy was last revised.

Contact us

Baybook Australia
ABN 25 841 671 229
Email: contact@baybook.com.au