← Back to SpinLocal
PrivacyTerms

Privacy Policy

Last updated: 5 June 2026

SpinLocal ("we", "us", "our") respects your privacy and is committed to protecting personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains what we collect, why, and your rights.

1. Who we are

SpinLocal is an Australian SaaS that helps restaurants and cafés collect Google reviews and reward repeat customers. We act as a data processor for our restaurant customers and as a data controller for our own subscribers.

2. Information we collect

  • Restaurant subscribers: name, business name, email, billing details, and account activity.
  • End customers (diners using a SpinLocal wheel): mobile phone number, first name, star rating, written feedback (if provided), and reward redemption history.
  • Technical: IP address, device/browser type, pages visited, and cookies necessary for the service to work.

3. Why we collect it

  • To deliver the SpinLocal service (issue rewards, track redemption, prevent fraud).
  • To send transactional and marketing SMS to opted-in customers on behalf of the venue.
  • To process subscription payments and provide receipts.
  • To improve the product, troubleshoot issues, and provide support.

4. SMS marketing & the Spam Act 2003

Diners only receive SMS after they have provided express or inferred consent at the venue. Every marketing message includes the sender identity and a free, functional opt-out (reply STOP). Opt-outs are honoured within 5 business days, as required by the Spam Act 2003 (Cth).

5. Third parties we use

  • Stripe — subscription billing & card processing.
  • ClickSend — SMS delivery to Australian mobile numbers.
  • Google — review redirection to Google Business Profile.
  • Supabase — database & application hosting (data stored in supported regions).
  • Meta (Facebook) Pixel — advertising measurement and conversion tracking on our marketing site. The Pixel sets cookies and shares limited event data (page views, checkout starts, purchases) with Meta Platforms, Inc. so we can measure ad performance and reach similar audiences. No diner data is sent to Meta.

We do not sell personal information. We share data with these processors only as needed to deliver the service.

6. Data storage & security

Data is stored in encrypted databases with row-level security. Access is restricted to authorised staff and audited. Passwords are hashed; payment data is handled exclusively by Stripe and never stored on our servers.

7. Cookies & tracking technologies

We use essential cookies for login sessions and a small number of analytics cookies to understand product usage. Our public marketing pages also load the Meta (Facebook) Pixel, which uses cookies and similar technologies to measure the effectiveness of our advertising and to show relevant ads on Meta platforms (Facebook, Instagram). You can disable cookies in your browser, opt out of personalised ads via your Meta ad preferences, or use browser-level tracking-protection tools. Some features may stop working if cookies are disabled.

8. Data retention

We retain customer data for as long as the venue's account is active, plus 24 months for legal, accounting and dispute-resolution purposes. End-customer phone numbers are deleted on request or when a venue closes its account.

9. Your rights

You may request access to, correction of, or deletion of your personal information at any time by emailing hello@spinlocal.com.au. You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

10. Changes to this policy

We may update this policy from time to time. The current version is always at spinlocal.com.au/privacy.

11. Contact

SpinLocal · Sydney, Australia · ABN 37 248 421 348 · hello@spinlocal.com.au

© 2026 SpinLocal · Sydney, Australia · ABN 37 248 421 348
hello@spinlocal.com.au