Privacy Policy
Last Updated: 12 May 2026
Note: This policy explains how we handle personal information. If you are unsure about legal requirements for your business, consider getting independent professional advice.
Quarric Automations (ABN 67 834 409 708) ("Quarric", "we", "us", "our") is a sole trader business operating in Victoria, Australia. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you interact with our website (quarricautomations.com.au), our products, or our services (collectively, the "Platform").
We are committed to complying with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).
This policy applies to all users of the Platform, including website visitors, trade business clients, and end customers who interact with our products (such as quoting tools) on third-party websites.
1. Who This Policy Applies To
We collect and process personal information from three categories of individuals:
1.1 Website Visitors and Prospective Clients ("Leads")
Individuals who visit our website at quarricautomations.com.au and may submit an inquiry form expressing interest in our products.
1.2 Trade Business Clients ("Clients")
Trade business owners (such as roofers, electricians, plumbers, builders, and other tradespeople) who have been onboarded onto our Platform and use our products, including the AI Quote Widget, to serve their customers. Clients access the Platform through a dashboard at quarricautomations.com.au/dashboard.
1.3 End Customers
Individuals who interact with our products (such as quoting tools) on a trade business client's website. Our products may be white-labelled, meaning they appear under the trade business's branding rather than Quarric's. If you have used a quoting tool on a trade business's website and that tool was powered by Quarric, this policy applies to the personal information collected through that tool.
2. What We Collect
2.1 From Website Visitors and Leads
When you submit an inquiry form on our website, we collect:
- Contact details: your name, email address, and phone number (if provided).
- Business details: business name, trade type, and website URL (if provided).
- Inquiry details: which product you are interested in and any message you include.
2.2 From Clients
When you are onboarded as a client, we collect:
- Account details: business name, contact name, email address, phone number, ABN (if provided), trade type, and website URL.
- Branding assets: your business logo and brand colours for use in your products.
- Product configuration: pricing matrices, service area descriptions, notification preferences, and other settings you provide to configure your products.
- Login credentials: an email address and password for dashboard access (passwords are stored securely and never in plain text).
- Payment information: if direct billing is enabled, payment details are collected and processed by our payment provider (Stripe). We do not store full payment card details.
2.3 From End Customers
When you use a quoting tool powered by Quarric on a trade business's website, we collect:
- Job details (always collected): information about the job you are requesting a quote for, such as job type, materials, size, and any additional notes. This information does not identify you personally.
- Contact details (only if you choose to provide them): if you request a callback or choose to share your details, we collect your name, email address, phone number, and address. Providing contact details is entirely optional — you can receive a quote without identifying yourself.
If you receive a quote but do not submit contact details, only your job details and the calculated quote are stored. This data does not contain personally identifiable information and is retained for analytics purposes (such as tracking quote volume and popular job types).
2.4 Information Collected Automatically
We do not use any analytics, advertising, or third-party tracking tools on the Platform. We do not use Google Analytics, Facebook Pixel, or any similar tracking technologies. The only data stored automatically is:
- Authentication session: a session token stored in your browser's local storage to keep you logged in between page visits. This is functional only and is not used for tracking.
- Interface preferences: a single cookie that remembers whether the dashboard sidebar is collapsed or expanded. This is a functional UI preference only.
Since only strictly necessary storage is used, no cookie consent banner is required under current regulations. If we add analytics or tracking tools in the future, this policy will be updated accordingly.
2.5 AI Processing
The Platform uses artificial intelligence (AI) to process job details and pricing data in order to calculate quotes and generate documents. This means that information submitted through our products (such as job details, pricing matrices, and branding assets) is processed by AI models operated by a third-party provider (Anthropic). This processing is essential to provide the service and is performed solely for that purpose. We do not use your data to train AI models or for any purpose unrelated to providing the service.
2.6 Payments
Where payments are collected, they are processed by Stripe. We do not store full payment card details. Stripe may collect and process your payment information under its own terms and privacy policy.
3. How We Use Information
We use personal information to:
- Provide, operate, and maintain the Platform and its products (including calculating quotes, generating documents, and delivering notifications).
- Create and manage client accounts and product configurations.
- Respond to inquiries from prospective clients.
- Send service-related communications (such as quote notifications, system notices, and support correspondence).
- Manage subscriptions, billing, and account administration (where applicable).
- Improve the reliability, security, and performance of the Platform (including debugging and error monitoring).
- Generate anonymised, aggregated analytics for clients (such as quote volume and popular job types).
- Comply with legal obligations and enforce our Terms.
We do not use personal information for marketing purposes unless you have given explicit consent. We do not sell personal information.
4. Our Role in Data Processing
4.1 When Quarric Is the Data Controller
We are the data controller (the party that determines the purpose and means of processing) for:
- Lead inquiry data collected through our website.
- Client account and configuration data.
4.2 When Quarric Is the Data Processor
For end customer data collected through our products (such as the AI Quote Widget) deployed on a client's website, the trade business client is the data controller and Quarric is the data processor. We process end customer data on behalf of our client solely to provide the service. We do not use end customer data for our own marketing or to contact end customers directly (except in response to a data access or deletion request directed to us).
If you are an end customer and wish to exercise your privacy rights regarding data collected through a trade business's quoting tool, you may contact the trade business directly or contact Quarric at office@quarricautomations.com.au.
5. Disclosure to Third Parties
We do not sell your personal information. We may disclose information to third-party service providers to operate the Platform, including:
- Database, authentication, and file storage: Supabase Inc. (database hosting, user authentication, file storage, and serverless functions) — hosted on Amazon Web Services in the United States (us-east-1, Northern Virginia).
- AI processing: Anthropic (AI-powered quote calculation and document rendering using Claude language models) — United States. Anthropic does not use data submitted via its API to train its models.
- PDF generation: PDF.co / ByteScout (converting quote documents into PDF format) — United States.
- Email delivery: Google Workspace / Gmail (delivering quote notifications and service emails to clients) — United States.
- Workflow automation: Make.com / Celonis (orchestrating the data processing pipeline between services) — European Union and United States.
- Payment processing: Stripe (subscription billing and payment processing, where applicable) — United States. We do not store your full payment card details.
- Content delivery and hosting: Cloudflare (serving the Platform's web application via a global content delivery network) — global network (requests are served from the data centre closest to the visitor).
- Legal or regulatory authorities: where required by law, court order, or to protect rights, safety, and security.
- Business transfers: if we undergo a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
6. Cross-Border Disclosure
The majority of our third-party service providers are based in the United States, including Supabase, Anthropic, PDF.co, Google Workspace, and Stripe. Our workflow automation provider (Make.com) operates across the European Union and United States. Our content delivery provider (Cloudflare) operates a global network.
This means your personal information is likely to be stored and processed on servers located outside Australia, primarily in the United States.
Under Australian Privacy Principle 8 (APP 8), before disclosing personal information to an overseas recipient, we take reasonable steps to ensure those recipients handle your information in accordance with the APPs. These steps include using reputable, established providers with published security practices and privacy policies, and relying on contractual protections where available.
By using the Platform, you acknowledge that your information will be transferred to and processed in jurisdictions outside Australia, and that the privacy laws of those jurisdictions may differ from Australian law.
7. Data Security
We take reasonable steps to protect information, including:
- All data is transmitted over encrypted connections (HTTPS/TLS).
- File storage uses signed URLs with time-limited access for document downloads.
- Database access is controlled by Row-Level Security, ensuring clients can only access their own data.
- Administrative access to the Platform is restricted to authorised personnel.
- API endpoints are secured with authentication keys.
- We use access controls and least-privilege practices to limit internal access.
No method of storage or electronic transmission is 100% secure. You also play a key role in security: protect your device access, keep your account credentials secure, and avoid sharing your login details.
8. Data Breach Notification
In the event of a data breach that is likely to result in serious harm, we will comply with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). This includes notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law. We will also take reasonable steps to contain and remediate any breach.
9. Data Retention and Deletion
9.1 Lead Inquiry Data
Information submitted through our website inquiry forms is retained until manually deleted by us or upon your request. You may request deletion by contacting office@quarricautomations.com.au.
9.2 Client Account Data
Client account data (including business details, product configurations, and associated analytics) is retained for the duration of the business relationship. On cancellation or termination, client data is retained for a 30-day retention period to allow for reactivation. After 30 days, all client data held in our systems is permanently deleted and cannot be recovered.
9.3 End Customer Data
Anonymous quote data (job details and calculated quotes where no contact details were provided) contains no personally identifiable information and is retained indefinitely for analytics purposes.
Identified end customer data (where contact details were provided via a callback request) is retained for as long as the associated client account is active. When a client account is deleted, all associated end customer data is also deleted.
End customers may request deletion of their personal data at any time by contacting the trade business directly or by contacting Quarric at office@quarricautomations.com.au.
9.4 Emailed Copies
If quote notifications or other communications have been emailed to you or to a trade business, those messages may remain in the recipient's inbox (and any backups maintained by the email provider) even after data is deleted from our systems. We have no control over emails once they are delivered.
9.5 Requesting Deletion
You may request deletion of your data at any time by contacting office@quarricautomations.com.au. Deletion requests are processed within 3 business days, subject to legal retention requirements and technical constraints of third-party services. Data deletion is irreversible.
9.6 Exceptions
We may retain limited information beyond the periods described above where required by law, for fraud prevention, for the resolution of disputes, or to enforce our Terms of Service. Any retained information will be limited to what is reasonably necessary for the applicable purpose.
10. Your Rights and Access Requests
Under the Australian Privacy Principles, you may request access to, correction of, or deletion of personal information we hold about you. To make a request, contact office@quarricautomations.com.au.
We will respond to your request within a reasonable timeframe and may need to verify your identity before processing the request.
11. Complaints
If you have a complaint about how we handle your personal information, please contact us first at office@quarricautomations.com.au and we will try to resolve it promptly. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
12. Children's Privacy
The Platform is intended for use by trade businesses and their customers. Account creation is restricted to individuals aged 18 or over. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from someone under 18, we will take reasonable steps to delete that information.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version on our website with a revised "Last Updated" date. Where changes are material, we may notify affected parties via email or through the Platform. Your continued use of the Platform after any changes take effect constitutes acceptance of the updated policy.
14. Contact Us
Privacy and legal inquiries: office@quarricautomations.com.au
General support: contact@quarricautomations.com.au
Website: quarricautomations.com.au
Quarric Automations
ABN 67 834 409 708
Melbourne, Victoria, Australia