Privacy Policy

Last Updated: 9 Sept 2025

This Privacy Policy governs the collection, use, storage, disclosure, and processing of personal information by Perpetuate Life Pty Ltd (ACN 689 899 894) of QLD 4120 (“Perpetuate”, “we”, “our”, “us”) in connection with the Perpetuate website (perpetuate.life) (the “Website”) and the Perpetuate mobile application (the “App”).

By accessing or using the Website or App, you acknowledge and agree to the terms of this Privacy Policy. If you do not agree, you must immediately cease use of the Website and App.

1. Categories of Information Collected

We may collect and process the following categories of information:

(a) Information Provided Directly by You

• Account registration data including name, email address, password, age range, gender (optional).

• User-generated content including onboarding responses, “True North Engine” inputs, rituals, journaling entries, or similar functionality.

• Communications and enquiries submitted via Website, App, or support channels.

(b) Information Collected Automatically

• Device and technical data including IP address, device identifiers, operating system, browser type, access times, crash logs, and session activity.

• Usage data collected through cookies, local storage, pixels, and analytics technologies (see Section 3).

(c) Information Obtained from Third Parties

• Authentication and profile information obtained via third-party sign-in (Google or Facebook), limited to information you authorise.

• Transaction data from Apple App Store and Google Play relating to subscriptions or in-App purchases (excluding full payment card data).

2. Purposes of Collection and Use

We collect and use personal information for the following purposes:

1. To provide, maintain, and improve the Website and App.

2. To generate personalised AI outputs, including “True North” vision scripts, rituals, and audio playback.

3. To deliver reminders, push notifications, and alerts.

4. To conduct analytics, research, and service optimisation.

5. To detect, investigate, and prevent unauthorised or unlawful activity.

6. To send marketing communications, subject to opt-out rights.

7. To comply with applicable legal and regulatory obligations.

3. Cookies, Tracking and Analytics

We use cookies, web beacons, local storage and similar technologies to:

• Authenticate users and maintain sessions.

• Record preferences and settings.

• Measure and analyse Website/App usage.

• Provide personalised content and recommendations.

• Facilitate targeted advertising and promotional communications.

The following services may collect information via cookies and tracking:

• Google Analytics – traffic and usage analytics.

• FullStory – behavioural analytics and session replay to improve user experience.

• Firebase Analytics – in-App usage tracking and crash analytics.

• Meta (Facebook) – authentication and, if consented, analytics associated with Facebook login.

You may disable cookies through your browser or device settings; however, functionality of the Website or App may be impaired.

Where required by applicable law (including GDPR and ePrivacy Directive), we obtain your consent for non-essential cookies and tracking technologies.

4. Disclosure to Third Parties

In addition to disclosure to third-party service providers listed in this Policy, personal information may be accessed internally by authorised employees, contractors, or vendors of Perpetuate. Such access is:

• Strictly limited to individuals who require it in order to perform their duties.

• Logged and auditable, including date, time, reason, and identity of the individual.

• Subject to contractual confidentiality and data protection obligations.

• Prohibited for personal, commercial, or non-business use.

Where accidental or unavoidable access occurs (for example, through debugging, technical error, or vendor dashboards), such access must be treated as confidential, promptly logged in Perpetuate’s internal Access Log, and not retained or shared.

Perpetuate requires that all internal access to raw user data complies with strict internal Data Access Agreements. Any breach of these obligations may result in termination of access rights, contractual liability, or civil/criminal penalties under applicable law.

5. Storage, Location and Retention

• Data is primarily stored in Google Firebase/Firestore infrastructure, which may be located in Australia, the United States, or other regions.

• We retain personal information for as long as is necessary to provide services or comply with legal obligations.

• Residual data (including backups and logs) may persist temporarily for system reliability and security.

6. Cross-Border Data Transfers

Data may be transferred to jurisdictions outside your country of residence, including the United States and the European Union. Such transfers are carried out in accordance with the Privacy Act 1988 (Cth), GDPR, CCPA, and other relevant laws.

7. Security

We implement commercially reasonable technical and organisational measures to protect personal information, including encryption in transit and at rest, restricted access, and security monitoring.

We do not guarantee absolute security of personal information, and you provide such information at your own risk.

8. Rights of Individuals

Subject to applicable law, individuals may have rights to:

• Access personal information.

• Request correction of inaccuracies.

• Request erasure, subject to lawful retention obligations.

• Restrict or object to processing.

• Obtain data portability.

• Withdraw consent to marketing.

Requests may be submitted to the contact details in Section 11.

9. Children’s Data

The Website and App are not directed to individuals under the age of 16 (or as otherwise defined by local law). We do not knowingly collect data from such individuals. If discovered, the information will be deleted.

10. Account Deletion and Data Access Requests

To delete an account or request data access, contact support@perpetuate.life. On verified request, data will be erased (subject to lawful retention obligations) and confirmation provided.

11. Compliance with Apple and Google

Perpetuate complies with:

• Apple App Store Connect Data Privacy requirements, including App Tracking Transparency (ATT).

• Google Play Data Safety disclosure rules, including categories of data collected, purpose of processing, and data sharing.

12. Contact Information

Perpetuate Life Pty Ltd
QLD
Australia

Email: support@perpetuate.life

13. Amendments

We may update or replace this Privacy Policy at our discretion. Where changes are material, notice will be provided via the Website, App, or email. Continued use of the Website or App following such notice constitutes acceptance of the updated Privacy Policy.
14. Internal Data Access and Accountability

Perpetuate maintains internal agreements governing employee and contractor access to personal information. These agreements include:

• A prohibition on viewing or accessing user data without explicit user consent, legal obligation, or technical necessity.

• A requirement to minimise access, restrict it to the specific data necessary, and retain such access only for the shortest possible duration.

• Obligations not to download, copy, or redistribute user data under any circumstances.

• Logging and auditing of all access events.

• Mandatory reporting of accidental or unavoidable exposure.

• Obligations to use multi-factor authentication, secure devices, and immediately report suspected breaches.

• Enforcement measures including termination of access, termination of employment/contract, and potential civil or criminal liability in the event of breach.

These safeguards exist to ensure that users’ personal information is handled with the highest degree of confidentiality and accountability.