Legal Document

Privacy Policy

📅 Effective: 1 May 2026 🏢 Pay Audtr (ABN: TBC) 🌏 Jurisdiction: Commonwealth of Australia

Contents

Who we are
What we collect
How we use your data
Sub-processors & sharing
AI features
Data storage & security
Retention
Your rights
Cookies & local storage
Future features
Contact us

Section 1

Who We Are

Pay Audtr is an online payroll compliance tool designed to help workers in the Social, Community, Home Care and Disability Services (SCHADS) industry verify that their pay is consistent with the SCHADS Award (MA000100).

In this Policy, "Pay Audtr", "we", "us" and "our" refers to the operator of pay-audtr.com. "You" refers to any person who registers for or uses the Pay Audtr service.

We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Section 2

What Personal Information We Collect

2.1 Information you provide directly

Category	Examples	Why collected
Account details	Email address, password (hashed)	Create and authenticate your account
Employment details	Employer name, award stream, classification level, pay point, employment type, agreed hours	Calculate your correct Award entitlements
Roster data	Shift dates, start/end times, break details, shift types, leave entries, on-call days	Compute hours worked and penalty rates
Payslip data	Gross pay, net pay, base rate, hours paid, allowances, super contributions, tax withheld	Compare actual pay against Award minimum
Quick Audit data	Hourly rate, pay period, employment type, hours worked — entered via the Quick Audit onboarding flow	Provide an instant estimate before full audit
Feedback	Free-text responses to targeted questions (confusion points, result accuracy, likelihood to return)	Improve the tool

2.2 Information collected automatically

Browser type and version
Device type (mobile/desktop)
Pages visited and session duration (anonymised)
IP address (fraud prevention only; not stored long-term)
Scan correction patterns — if you correct an AI-extracted field, the field name, extracted value, and corrected value are stored locally in your browser to improve future scan accuracy. This data never leaves your device.

2.3 Information we do not collect

We do not collect your tax file number (TFN), bank account details, Medicare number, or any government-issued identity document. We do not store your full credit card number — payment processing is handled entirely by Stripe.

Section 3

How We Use Your Information

Providing the service — calculating your Award entitlements, generating reports, and comparing your payslip against the SCHADS Award minimum.
Quick Audit — providing an instant pay estimate using the data you enter in the onboarding flow.
Account management — authenticating you, managing two-factor authentication, managing your subscription, and sending transactional emails.
Improving the tool — analysing anonymised, aggregated usage patterns to identify bugs and improve accuracy. Targeted feedback responses are reviewed to improve the product.
Legal compliance — retaining records as required by Australian law.
Security — detecting and preventing fraudulent account creation and unauthorised access.

We will never use your employment data, payslip data, or roster data for marketing, advertising, or profiling purposes. We do not sell your data.

Section 4

Sub-Processors and Data Sharing

Provider	Purpose	Data shared	Location
Supabase	Database, authentication, and file storage	All account and app data	Australia (ap-southeast-2)
Stripe Soon	Payment processing and subscription billing	Name, email, billing address, payment method details	Australia / USA
Anthropic	AI payslip and roster scanning (Claude API)	Cropped payslip or roster image/PDF (opt-in, per scan)	USA
Vercel	Web application hosting and deployment	HTTP request metadata, IP address (transient)	Australia / Global CDN

4.1 We will never share your data with:

Your employer or any other employer
Fair Work Australia or any government body (unless legally compelled)
Marketing platforms, data brokers, or advertising networks
Any third party for their own commercial use

Section 5

AI Features and Data Processing

AI scanning is an opt-in feature. You are never required to use it. All payslip and roster data can be entered manually.

5.1 What happens when you scan

When you use the AI Scan Payslip or Scan Roster features, a cropped image or PDF of the document you select is transmitted to Anthropic's Claude API. Claude extracts structured data (pay figures, shift times) from the image and returns it to the app.

5.2 Correction learning (local only)

If you correct a field after a scan, the app stores the field name, the AI's extracted value, and your corrected value in your browser's localStorage under the key payauditr_ps_corrections. This data is used only to improve accuracy on your next scan and never leaves your device. Up to 10 corrections are stored; older corrections are automatically removed.

5.3 Data minimisation

We strongly encourage you to use the crop tool to remove personal identifiers — your name, address, bank account details, and TFN — before scanning. The crop tool is presented before every scan.

5.4 Anthropic's data practices

Anthropic does not use API inputs to train its models. Scanned content is processed transiently and not retained by Anthropic beyond the API call. See anthropic.com/privacy.

5.5 Cross-border transfer

Anthropic processes data in the United States. By using the scan feature, you consent to this transfer. Data is transmitted over TLS and is not stored in the USA after the API call completes.

Section 6

Data Storage and Security

Your data is stored in Supabase's managed PostgreSQL database hosted in the ap-southeast-2 (Sydney, Australia) AWS region.

All data in transit: TLS 1.2 or higher
All data at rest: AES-256 encryption
Passwords: bcrypt hashed, never stored in plaintext
Two-factor authentication (TOTP): available and strongly encouraged
Row-Level Security (RLS): each user can only access their own data
Access tokens: short-lived and automatically refreshed
Device trust: a trust flag is stored in localStorage for 7 days after MFA verification on a device. Clearing localStorage revokes trust.

No internet-based service can guarantee absolute security. You are responsible for maintaining the security of your account credentials and enabling two-factor authentication.

Section 7

Data Retention

Active accounts — data retained while your account is active.
Deleted accounts — all personal data removed from production within 30 days of deletion request.
Inactive accounts — accounts with no login activity for 24 months may be deleted after 30 days' notice by email.
Backup retention — encrypted database backups retained for up to 7 days then automatically deleted.
Payment records — Stripe retains billing records for periods required under Australian tax law.
Anonymised data — aggregate statistics (e.g. total audits performed, award most commonly checked) may be retained indefinitely.

Section 8

Your Rights

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the right to:

Right	What it means	How to exercise it
Access	Request a copy of your personal information	Email privacy@pay-audtr.com
Correction	Request that inaccurate information be corrected	Update in-app or email us
Deletion	Request deletion of your account and all associated data	Email privacy@pay-audtr.com — processed within 30 days
Portability	Request an export of your data (JSON/CSV)	Use Settings → Export, or email privacy@pay-audtr.com
Complaint	Lodge a complaint if you believe we have breached the APPs	Contact us first; if unresolved, contact the OAIC at oaic.gov.au

Section 9

Cookies and Local Storage

Pay Audtr uses minimal localStorage for the following purposes only:

Session authentication — Supabase stores a short-lived access token to maintain your login session
Preferences — your chosen theme, display density, compact descriptions setting, and home state
Device trust — a flag indicating MFA has been verified on this device (7-day expiry)
Employer context — which employer profile is currently active
Scan corrections — local-only AI field correction history (see Section 5.2)
Onboarding state — whether you have completed the Quick Audit onboarding

We do not use advertising cookies, cross-site tracking, or third-party analytics cookies.

Section 10

Future Features and Data Implications

The following features are planned. This Policy will be updated before each is released, with 14 days' notice to registered users.

Feature	Data implication	Status
Stripe payment integration	Billing details (name, email, card last 4) shared with Stripe. No card data stored by Pay Audtr.	Planned
Introductory pricing / promo codes	Discount usage tracked in subscription record. No additional personal data.	Planned
Hospitality Award support	Same data types as SCHADS — employment details and shift data. No additional personal data.	Planned
Period comparison (Pro)	Historical audit results stored in reports table — already collected, no new data types.	Planned
Rate update email notifications	Email sent to registered users when SCHADS rates are updated. Requires email address already held.	Planned

Section 11

Contact Us

For any privacy-related queries, access requests, or complaints:

Email: privacy@pay-audtr.com
Website: pay-audtr.com

We will respond to all requests within 30 days.

Policy updates

Material changes will be communicated by email to registered users at least 14 days before they take effect. The current version is always available at pay-audtr.com/privacy.