Privacy Policy

Floor 04 PTY LTD trading as floor04

Last updated: 20 February 2026

This Privacy Policy explains how Floor 04 PTY LTD (ABN/ACN: 94682174536) trading as floor04 (we, us, our) collects, uses, discloses and protects personal information when you access or use our client dashboard and related services (the Services). The Services are provided through our website at app.floor04.com and are accessible on desktop and mobile web browsers.

This Privacy Policy is designed to meet the requirements of the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and to provide information relevant to the EU General Data Protection Regulation (GDPR) for users located in the European Economic Area (EEA).

Summary

In summary:

  • We provide a web dashboard for business and organisation customers to manage their purchases with floor04, manage authorised users, and view usage analytics.

  • We collect limited account and access information such as name, email address, company and role, plus security and audit information such as IP address and device details.

  • We use this data to operate the dashboard, authenticate users via Google or Microsoft, provide customer support, maintain security, and generate and display analytics.

  • We do not sell personal information and we do not display advertising or marketing on the dashboard.

  • We store dashboard data in Australia. Some third party providers (for example Google, Microsoft, Stripe, AWS and Cloudflare) may process certain data outside Australia as part of providing their services.

Who this policy applies to

This Privacy Policy applies to individuals who access or use the Services on behalf of a business, organisation or school (Customer). If you use the Services as an authorised user for a Customer, the Customer may be the primary account holder and may control certain settings and user management features within the dashboard.

About the Services

The Services currently include a web dashboard that allows Customers to:

  • view product and account information for products and services purchased through floor04

  • invite, manage and remove authorised users and assign roles

  • view usage analytics and other reporting for the Customer’s products and services

  • export or download reports

  • contact floor04 for support through a support request feature

We may add, remove or change dashboard features over time. This Privacy Policy applies to the Services generally, even if specific features change.

Personal information we collect

Information you provide

When you use the Services, we may collect the following personal information:

  • identity and contact details: name and email address

  • organisation details: company or organisation name

  • account details: role, access permissions and user management actions (for example invitations you send)

  • support communications: the content of support requests and any information you choose to include

Information from Google and Microsoft sign in

You access the Services using OAuth sign in with Google or Microsoft. When you sign in, those providers may share certain profile and account information with us, such as your name, email address, profile photo, organisation domain and a unique identifier. We use this information to create and manage your dashboard account and to authenticate you each time you sign in.

Information we collect automatically

When you access the Services, we may collect technical and usage information, including:

  • log and security data such as IP address, device identifiers, browser type, operating system, timestamps, and authentication and access logs

  • cookies and similar technologies that are required to provide secure login sessions and to operate the dashboard (see Cookies below)

  • activity data within the dashboard, such as pages viewed and actions taken, to support security, auditing and service improvement

Analytics and end user data

The dashboard may display analytics about usage of a Customer’s products and services. According to our current design, this analytics data is intended to be aggregated and non-identifiable, and it does not include information that directly identifies individual end users. Depending on the products and services involved, analytics may be generated from internal users (for example staff) and external end users (for example customers).

If, in the future, we introduce features that involve uploading files or collecting additional information, we will update this Privacy Policy as needed.

How we use personal information

We use personal information for the following purposes:

  • to provide, operate and maintain the Services

  • to set up and manage accounts, roles and authorised users

  • to authenticate users via Google or Microsoft and to prevent unauthorised access

  • to generate, display and export reports and analytics within the dashboard

  • to respond to support requests and communicate with Customers and authorised users about service issues

  • to monitor, protect and improve the security and integrity of the Services

  • to comply with legal obligations, resolve disputes and enforce our agreements

Legal bases for processing (EEA users)

If you are located in the EEA, we process personal data under the following legal bases, as applicable:

  • contract: to provide the Services requested by the Customer and to manage user access

  • legitimate interests: to operate our business, improve the Services, maintain security, prevent fraud and ensure the Services work as expected

  • legal obligations: to comply with applicable laws and regulations

  • consent: where required by law, for example for any optional cookies or similar technologies that are not strictly necessary (if we introduce them in the future)

How we disclose personal information

We may disclose personal information to the following categories of recipients:

  • Service providers that help us operate the Services, including hosting, security, content delivery and email or support tooling

  • Authentication providers (Google and Microsoft) for login and account authentication

  • Payment processor (Stripe) to process subscription payments and manage billing, where applicable

  • Professional advisers such as lawyers, accountants and auditors, where necessary

  • Government authorities, regulators or law enforcement where required or authorised by law

We do not sell personal information. We do not use personal information for third party advertising on the dashboard.

Key third parties

We currently use the following key third parties:

  • Google and Microsoft for OAuth sign in

  • Stripe for payment processing and billing

  • Amazon Web Services (AWS) for infrastructure and hosting

  • Cloudflare for content delivery and security services

Each third party has its own privacy practices. We encourage you to review their privacy policies.

International data transfers

We store dashboard data in Australia. If you are located outside Australia, including in the EEA, your personal information may be transferred to and stored in Australia.

Some of our third party providers (for example Google, Microsoft, Stripe and Cloudflare) may process certain personal information outside Australia as part of providing their services. Where we transfer personal data from the EEA to a country that is not recognised by the European Commission as providing an adequate level of protection, we take steps designed to provide appropriate safeguards, such as using standard contractual clauses and implementing additional technical and organisational measures where appropriate.

Security

We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. These measures include access controls, encryption in transit, audit logging, and operational security practices. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Data retention

We retain personal information for as long as needed to provide the Services to the Customer, maintain business records, comply with legal obligations, resolve disputes and enforce our agreements. Customers may request that their data be purged, and we will delete or de-identify data where we are reasonably able to do so and where we are not required to retain it by law.

Cookies and similar technologies

We use cookies and similar technologies that are required to operate the Services, keep you signed in, and protect the dashboard. These cookies are strictly necessary for the Services to function. If you block these cookies through your browser settings, the Services may not work and you may not be able to access the dashboard.

If we introduce optional cookies in the future, we will provide appropriate notices and choices where required by law.

Your choices and rights

Australia

You may request access to, or correction of, the personal information we hold about you. To make a request, contact us using the details below.

If you believe we have breached the Australian Privacy Principles, you can make a complaint to us and we will investigate. You may also complain to the Office of the Australian Information Commissioner (OAIC).

EEA

If you are located in the EEA, you may have rights to access, correct, delete or restrict processing of your personal data, to object to processing, and to request data portability. You may also have the right to lodge a complaint with your local supervisory authority.

To exercise your rights, contact us using the details below. We may need to verify your identity and your authority (for example if you are acting for a Customer).

Account deletion and support

Authorised users can request deletion or changes by contacting us through the dashboard support request feature or by emailing us.

Children

The Services are intended for adults. Users must be at least 18 years old to access the dashboard. We do not knowingly allow individuals under 18 to create an account or sign in. If you believe a person under 18 has accessed the Services, please contact us so we can investigate and take appropriate action.

Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify Customers, such as by posting an updated policy on app.floor04.com. The updated version will apply from the date it is published.

Contact us

Privacy enquiries and requests can be sent to:

Email: contact@floor04.com