Privacy Policy

Last updated: February 2026

1. Introduction

Brady and Souza Consulting Pty Ltd ("we", "us", "our") operates the Costie platform. This Privacy Policy explains how we collect, use, disclose, and protect your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using Costie, you consent to the collection and use of your information as described in this policy.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

  • Name and contact details (email address, phone number)
  • Business information (company name, ABN, business address)
  • Account credentials (email, encrypted password)
  • Payment information (processed securely via third-party providers)
  • Professional information (job title, industry)

2.2 Business Data

Through your use of the Platform, you may input:

  • Customer and client information
  • Project details and specifications
  • Quotes, estimates, and pricing information
  • Invoices and payment records
  • Employee and contractor information
  • Documents and file attachments

2.3 Automatically Collected Information

We automatically collect:

  • Device information (browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • IP address and general location (country/region)
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Platform
  • Process transactions and send related information
  • Send administrative messages, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Monitor and analyse usage patterns to improve user experience
  • Detect, prevent, and address technical issues or fraud
  • Comply with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

4.1 Service Providers

Third-party companies that help us operate the Platform, including:

  • Cloud hosting providers (Vercel, Neon)
  • Payment processors (Stripe)
  • Email service providers (Resend)
  • Analytics providers (Vercel Analytics)
  • Authentication providers (Google, Microsoft, LinkedIn)

4.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Storage & Security

5.1 Storage Location

Your data is stored on secure servers located in Australia and/or the Asia-Pacific region. Some data may be processed by service providers located overseas.

5.2 Security Measures

We implement appropriate security measures including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure password hashing (bcrypt)
  • Regular security updates and vulnerability assessments
  • Access controls and authentication
  • Regular backups

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Your Rights

Under Australian privacy law, you have the right to:

  • Access: Request access to the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Data Portability: Export your data in a commonly used format
  • Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached your privacy

To exercise these rights, contact us at privacy@costie.com.au.

7. Cookies & Tracking

We use cookies and similar technologies to:

  • Keep you signed in to your account
  • Remember your preferences
  • Understand how you use the Platform
  • Improve our services

You can control cookies through your browser settings. Disabling cookies may affect some Platform functionality.

8. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

9. Children's Privacy

The Platform is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it.

10. Data Retention

We retain your personal information for as long as necessary to provide the Services and fulfil the purposes described in this policy, unless a longer retention period is required by law.

Upon account termination, you have 30 days to export your data. After this period, your data may be permanently deleted from our systems, except where retention is required for legal or compliance purposes.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the Platform and, where appropriate, via email.

Your continued use of the Platform after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Brady and Souza Consulting Pty Ltd

Email: privacy@costie.com.au

Website: costie.com.au

13. Complaints

If you believe we have breached your privacy rights, you may lodge a complaint with us at privacy@costie.com.au. We will investigate and respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

This Privacy Policy should be read in conjunction with our Terms & Conditions.