Privacy Policy

Last Updated: 22 January 2026

Meal Plan Mate (“we”, “us”, “our”) respects your privacy and is committed to handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy explains how we collect, use, disclose, store and safeguard your personal information when you use our website, applications, digital services, or related features (collectively, the “Platform”).

We are an entity that is required to manage personal information transparently, securely, and in compliance with the APPs.

1. What Personal Information We Collect

We may collect and hold the following types of personal information:

  • Identity information: name, date of birth
  • Contact information: email address, phone number, billing address
  • Account information: username, password, profile data
  • Transactional data: subscription and payment information (processed via Stripe)
  • Usage and device information: IP address, device identifiers, logs. We collect IP addresses for security, fraud prevention, and account administration purposes.
  • Support information: correspondence and communications
  • Authentication data: tokens and identifiers via Firebase

We do not directly collect or store full payment card numbers or CVV; this data is processed securely by Stripe and never stored on our servers.

2. How We Collect Your Information

We collect personal information:

  • Directly from you: when you sign up, contact support, update your profile, or make a purchase
  • Automatically: through cookies and similar technologies as you interact with the Platform
  • From third parties: such as Stripe (for payment processing) and Firebase (for authentication and data storage)

3. Purposes of Use

We use your personal information for the following purposes:

  • creating and managing your account
  • processing subscriptions and billing via Stripe
  • providing and improving the Platform and services
  • personalising your user experience
  • communicating with you (updates, notifications, support)
  • security, fraud detection and prevention
  • performance monitoring and analytics

We only process your personal information where it is reasonably necessary for these purposes, where you have consented, or where required or permitted by law.

4. Third-Party Service Providers

We share personal information with the following trusted third parties only as necessary for Platform operation:

Stripe (Payment Processing)

Stripe processes your payment data to facilitate transactions and prevent fraud. For more on Stripe’s privacy practices and rights, see: https://stripe.com/privacy.

Firebase (Authentication and Data Storage)

Firebase (a Google-owned service) may process your authentication and stored data. Personal information stored with Firebase is subject to Google’s privacy practices; you can review them via the official Firebase documentation.

Other service providers (e.g., hosting, analytics, support tools) that help operate the Platform may also receive personal information as needed. We ensure they handle data securely and only for permitted purposes.

5. Disclosure to Overseas Recipients

Your personal information may be disclosed to recipients overseas because:

  • Stripe may process data in multiple countries, including the U.S. and partners compliant with cross-border frameworks.
  • Firebase stores or processes data in global data centres that can include the United States and other locations.

Where practicable, we specify likely countries involved in transfers. If we cannot, we will still take reasonable steps to ensure the overseas entity protects personal information consistent with the APPs (e.g., contractual safeguards).

6. Cookies and Tracking Technologies

We may use cookies, local storage, and similar technologies to collect usage data, enhance security, personalise content, and provide analytics. You may control cookie preferences through your browser or consent tools where provided.

7. Data Retention

We retain personal information only as long as necessary to:

  • provide the services you requested
  • comply with legal and tax obligations (e.g., billing records up to 7 years for compliance)
  • respond to enquiries or disputes

After the retention period ends, we securely delete or de-identify the information.

8. Your Rights and How to Exercise Them

You may request:

  • Access to the personal information we hold about you
  • Correction of any inaccuracies
  • Deletion of personal information, where lawful and practical
  • Restriction or objection to processing in certain circumstances

To exercise these rights, please contact us (details below). We aim to respond within 5 business days. If we refuse your request, we will explain why and how you may complain.

If you remain dissatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

9. Data Security and Breach Response

We implement appropriate administrative, technical and physical safeguards to protect personal information against misuse, loss, unauthorised access, modification, or disclosure. However, no system is perfectly secure.

In the event of a data breach likely to result in serious harm, we will:

  • investigate promptly,
  • notify affected individuals as soon as practicable, and
  • notify the OAIC in accordance with the Notifiable Data Breaches scheme.

10. Children’s Privacy

Our Platform is not intended for use by individuals under 18. We do not knowingly collect personal information from minors. If we become aware we have collected such information, we will delete it as soon as practicable.

11. Changes to This Privacy Policy

We may update this policy to reflect changes in legal requirements, Platform practices, or third-party services. We will publish updates on the Platform with a revised “Last Updated” date.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact:

Email: mealplanmatemanagement@gmail.com