FluroServices
Login
Legal
Privacy Policy
Last updated: 29 May 2026
1. Who we are
FluroServices ("we", "us", "our") is a Melbourne-based home-services business operated by Dallas Kuipers, delivering lawn care, garden maintenance, solar panel cleaning, window cleaning, and gutter cleaning on a subscription basis. We respect your privacy. This policy explains what personal information we collect, why, how we use it, and your rights — in accordance with the Australian Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). When a company structure (Pty Ltd) is in place, the legal entity name and ABN will appear in §15.
2. What we collect
We collect personal information when you sign up for a subscription, use our services, contact us, or browse our website:
· Account details — name, email, mobile, service address, suburb, postcode, password (hashed).
· Property details — lawn / panel / window specifics needed to deliver the service.
· Payment metadata — billing address, last 4 digits of your card, Stripe customer ID. Full card numbers are never stored on our servers — Stripe handles all card data.
· Service records — booking history, scheduled visits, photos taken before/after each visit (showing the lawn or window or panels, not faces), worker notes.
· Communications — emails, SMS, support tickets, customer-portal messages.
· Technical data — IP address, browser type, device, pages visited, basic analytics (collected automatically when you use the site).
2a. Sensitive information we do NOT collect
We do not knowingly collect, request, or use any "sensitive information" as defined by APP 3 — including health, genetic, biometric, racial or ethnic origin, religious belief, political views, sexual orientation, union membership, or criminal record. If you ever volunteer this kind of detail in a support message (for example, mentioning an allergy when asking us to avoid a particular cleaning product), we treat it as confidential service-context information and don't profile, share, or process it for any other purpose.
2b. Anonymity and pseudonymity (APP 2)
Where it's lawful and practical, you can deal with us under a pseudonym — for example, when emailing general questions to fluroservices@gmail.com, you don't have to use your real name. Because we send workers to your home, full anonymity isn't possible for an active subscription: we need a real name, address, contactable phone or email, and a valid payment method to deliver and bill the service. If that's a dealbreaker for you, contact us before signing up and we'll explain in plain English what we hold and why.
3. Why we collect it
We use your information to:
· Provide the service you signed up for (scheduling, dispatching workers, photo-proof, billing);
· Send service communications (reminders, on-the-way SMS, receipts, photos);
· Process payments and prevent fraud;
· Handle support requests and complaints;
· Improve our service (analytics, internal training);
· Comply with legal obligations (tax, ACL, consumer-dispute records);
· Send optional marketing (only if you've opted in — you can opt out anytime).
4. How we share it
We don't sell your personal information. We share it only with the service providers we need to run the business, and only the slice each one needs:
· Stripe (payments, USA) — billing, card processing, refunds
· Supabase (database, Sydney AU) — your account + service data
· Vercel (hosting + analytics, USA) — website + apps
· Resend (email delivery, USA) — transactional emails
· Twilio (SMS delivery, USA / AU) — service text messages
· Our contractors — receive the minimum needed to do the visit (your name, address, access notes, photos they took)
· Government / law-enforcement — only where legally required (subpoena, court order, statutory request)
Each provider has their own privacy practices and security obligations. We choose providers that meet industry-standard security and follow relevant data-protection law.
5. Cross-border transfers (APP 8)
Some of our service providers store or process data outside Australia (primarily in the United States — Stripe, Vercel, Resend, Twilio). When personal information is transferred overseas, we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles. Our database (Supabase) is hosted in Sydney, Australia.
6. Cookies, analytics & advertising
We use cookies and similar technologies for three purposes:
Essential — these keep you logged in, remember your booking selections, and protect against fraud. The site stops working properly if you block them.
Analytics — Vercel Analytics records aggregated page-view metrics (e.g. "100 people visited /lawns this week") with no individual tracking or profile building.
Advertising and third-party tracking — from time to time we may use third-party advertising tools to measure the effectiveness of marketing campaigns and show you relevant ads on other platforms. These may include Meta (Facebook/Instagram) Pixel, Google Ads/Analytics, and similar tools provided by the major ad networks. When active, these tools set their own cookies (e.g. _fbp, _ga) and may share aggregated, hashed, or anonymised data about your visit with the relevant provider. We don't share your name, email, phone, address, or payment details with these tools.
You can disable cookies in your browser settings, opt out of personalised advertising on Meta's and Google's own preference pages, or use a browser extension that blocks trackers. Some features of the site may stop working as a result. We honour Global Privacy Control ("GPC") signals where your browser sends them.
If you'd like a definitive list of every cookie we set at the time of your visit, email us at fluroservices@gmail.com and we'll send it.
7. Photos
Workers take before-and-after photos of the work area for proof-of-service, training, and dispute resolution. These photos show the lawn, windows, or panels — not faces. The photos appear in your customer portal so you can review each visit. Anonymised photos may be used in marketing materials (see Terms §10). Email us — or message us from your portal — if you'd prefer your property never be used this way.
7a. Automated processing & AI tools
To run the service efficiently we use software that processes your data automatically. Some of this is straightforward (scheduling jobs, routing workers, sending reminders). Some involves third-party artificial-intelligence tools, currently or in the future:
· Photo verification — when active, before-and-after photos may be analysed by an AI vision model (Anthropic Claude, US-hosted) to detect whether the visit was actually completed (lawn shorter, glass cleaner, panels clear). No personal identifying details (your name, email, address) are sent — only the image itself plus the booking type.
· Email triage — when active, customer-support emails sent to us may be analysed by an AI model to draft a suggested reply for our staff to review. The AI does not auto-send replies; a human always approves outbound messages.
· Scheduling and rating analytics — purely statistical algorithms (no AI) decide which worker to assign and how to rank reliability scores.
These automated decisions don't have legal effects on you. You can request a human review of any service outcome by emailing fluroservices@gmail.com. We don't use AI to make decisions about pricing, eligibility, or refunds — those are made by our team.
8. Direct marketing (APP 7)
If you've opted in to marketing communications, we may email or SMS you about new services, promotions, or referral incentives. Every marketing message includes a one-click unsubscribe. Service messages (booking reminders, on-the-way notifications, billing receipts, account alerts) aren't marketing and continue for as long as your subscription is active.
9. Data retention
We keep your information for as long as you have an active subscription and for a reasonable period afterwards to honour tax obligations, resolve disputes, and prevent fraud. After the retention period ends we either delete the data or de-identify it for statistical purposes.
Indicative periods per data category:
| Category | Kept for | Why |
|---|---|---|
| Account & service records | Active subscription + 24 months after cancellation | Re-onboard returning customers, resolve disputes |
| Invoices, payment & tax records | 7 years from the end of the financial year | ATO record-keeping requirements |
| Service photos (before/after each visit) | 12 months by default, then auto-deleted | Proof-of-service, dispute resolution. Email us to delete earlier. |
| Support tickets & portal messages | 5 years from the last activity | Complaint and warranty timelines under ACL |
| Marketing-consent records | Until withdrawn + 12 months | Evidence of consent under Spam Act / APP 7 |
| Web analytics & access logs | Up to 14 months (Vercel default), aggregated | Performance monitoring and abuse prevention |
| Worker contact info you may have shared with us | Removed within 7 days of a verified request | No retention purpose once the engagement ends |
If a legal hold, regulator request, or ongoing investigation requires longer retention, we'll keep only what's strictly needed for that purpose and delete the rest on the schedule above. You can request earlier deletion at any time (see §11) — we'll honour it unless we're legally required to keep specific records, in which case we'll tell you which records and why.
10. Security (APP 11)
We protect your personal information with industry-standard safeguards:
· Encryption in transit (HTTPS / TLS) on every page and API;
· Encryption at rest in our database;
· Card data tokenised by Stripe — never touches our servers;
· Role-based access for staff — only authorised admins can access customer records;
· Regular security review and dependency patching.
No system is ever 100% secure. If we discover a data breach that's likely to result in serious harm to any individual, we will:
· contain the breach as quickly as possible and assess what data was affected;
· notify you and any other affected individuals as soon as practicable, and in any event within 30 days of becoming aware, in line with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988;
· notify the Office of the Australian Information Commissioner (OAIC) within the same 30-day window;
· tell you what was accessed, what we recommend you do (e.g. change a password, monitor your bank statements), and what we're doing to stop it happening again.
We may delay notification only where the OAIC permits (for example, while a criminal investigation is active). We never use a breach as a marketing or upsell opportunity.
11. Your rights (APP 12 + 13)
You have the right to:
· Access the personal information we hold about you — most of it is visible in your customer portal. For anything else, email us.
· Correct information that's inaccurate or out of date — most fields are editable in the portal; for the rest, email us.
· Delete your account and associated personal information — email fluroservices@gmail.com. We'll process within 30 days, subject to record-keeping obligations above (we may need to retain billing records for tax purposes).
· Withdraw consent for marketing communications at any time — one-click unsubscribe on any marketing message.
· Complain — see section 12.
12. Complaints
If you think we've handled your personal information in a way that breaches the Privacy Act or these terms, email us first at fluroservices@gmail.com with the details. We'll acknowledge within 7 days and respond substantively within 30 days.
If you're not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC) — phone 1300 363 992 or oaic.gov.au.
13. Children's information
FluroServices is intended for adults arranging services for properties they're responsible for. We don't knowingly collect personal information from anyone under 16. If you believe a child has signed up or that we hold a minor's information, email fluroservices@gmail.com and we'll delete it. Where a household worker happens to be present during a visit, photos of work areas continue to deliberately avoid faces and identifying details (see §7).
14. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top of the page reflects the most recent revision. Material changes affecting how we collect or use your information will be communicated by email at least 30 days before they take effect, and a notice will appear in the customer portal for 30 days after they take effect so you can re-read the change in context. Archived previous versions are available on request — email us and we'll send the version that was in force on any specific date.
15. Contact
FluroServices
Servicing Greater Melbourne & the Mornington Peninsula, VIC
Email: fluroservices@gmail.com
FluroServices is operated by Dallas Kuipers. When a company structure is in place, the legal entity name will appear here.