top of page

Bestimat Privacy Policy

1. Information we collect

  • Account & contact details (e.g., name, email, phone, suburb/postcode, address).

  • Project information (e.g., kitchen size, materials, timelines, budget, photos/videos, floor plans).

  • Uploaded quotes & documents: If you upload quotes from other providers, those documents may contain personal information and pricing details. Only upload documents you are authorised to share.

  • Supplier/business information (for suppliers): business name, ABN/ACN, business contact details, portfolio, insurances and licences, service categories, availability, pricing data.

  • Communications you send us (support requests, surveys, feedback, reviews)​

1.2 Information we collect automatically

  • Usage and device data: IP address, browser type, device identifiers, pages visited, referring/exit pages, timestamps, and general location (approximate).

  • Cookies and similar technologies: See Section 10 (Cookies).

1.3 Information from third parties

  • Service providers that host, analyse, or support our Services (e.g., website hosting, form collection, analytics, email delivery, payment processing, identity verification, fraud prevention).

  • Public sources and marketing partners were permitted by law (e.g., business registries for supplier verification).

  • We take reasonable steps to de‑identify or aggregate data where feasible.

2. How we use your information

  • We use personal information for the following purposes:

  • Providing and improving the Services: creating and managing requests, matching homeowners with suitable suppliers, facilitating side‑by‑side quote comparisons, and improving site performance and features.

  • Communications: sending confirmations, updates, reminders, and responses to your enquiries.

  • Supplier onboarding and verification: verifying business identity, insurances, licences, and quality signals; managing supplier profiles, ratings, and compliance.

  • Payments and billing: processing fees, subscriptions, refunds, or promotions where applicable.

  • Analytics and research: understanding usage to improve user experience and develop new features (including AI‑assisted quote analysis as the feature rolls out).

  • Security and fraud prevention: detecting, preventing, and responding to spam, abuse, or suspicious activity.

  • Legal compliance: complying with laws, responding to lawful requests, and enforcing our terms and policies.

  • Where required (e.g., for EU/UK users), we rely on legal bases such as performance of a contract, legitimate interests, consent, and legal obligation.

3. When we disclose information

  • We disclose personal information to:

  • Service providers/Processors who help us operate the Services (e.g., web hosting, form collection, analytics, email, customer support, payment processing, cloud storage, identity verification). These parties may only use the information on our instructions.

  • Suppliers, when a homeowner asks us to connect them for quotes or when a supplier responds to a quote request.

  • Professional advisers (lawyers, accountants, auditors) are bound by confidentiality.

  • Law enforcement/regulators, when required by law or to protect rights, safety, and property.

  • Business transfers: if we undergo a reorganisation, merger, or sale of assets, data may be transferred as part of that transaction, subject to this Policy.

  • We do not sell personal information. If we ever engage in activities deemed a "sale" or "sharing" of personal information under certain laws, we will provide required notices and opt‑out rights.

4. International data transfers

  • Our service providers may process information in countries outside Australia. Where we transfer personal information internationally, we take reasonable steps to ensure appropriate safeguards (e.g., contractual protections and vendor due diligence) are in place consistent with the APPs and, where applicable, GDPR/UK GDPR requirements.

5. Data retention

  • We retain personal information for as long as reasonably necessary to provide the Services and fulfil the purposes outlined in this Policy, including complying with legal, tax, accounting, or reporting obligations, resolving disputes, and enforcing agreements. When information is no longer needed, we take reasonable steps to destroy or de‑identify it.

6. Your choices and rights
6.1 Australia (APPs)

  • Access and correction: You may request access to the personal information we hold about you and ask us to correct it if it is inaccurate, out‑of‑date, incomplete, irrelevant, or misleading.

  • Complaints: See Section 13 (How to contact us & complaints).

6.2 EU/UK (GDPR/UK GDPR)

  • Depending on your location, you may have rights to access, rectify, erase, restrict or object to processing, data portability, and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local supervisory authority.

6.3 Marketing preferences

  • You can opt out of marketing emails by using the unsubscribe link in our emails or by contacting us. We may still send you essential transactional messages about your account or requests.

7. Children

  • Our Services are not intended for individuals under the age of 16. If you believe a child has provided personal information to us without appropriate consent, please contact us so we can take steps to delete such information.

8. Security

  • We implement reasonable technical and organisational measures designed to protect personal information from unauthorised access, misuse, loss, or alteration. However, no system is completely secure. If a data breach occurs that is likely to result in serious harm, we will assess and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) when required by the Notifiable Data Breaches scheme.

9. User content and uploaded quotes

  • When you upload quotes, photos, or documents, you are responsible for ensuring you have the right to share them with us. Please avoid uploading unnecessary personal information (e.g., third‑party identifiers) or sensitive data unless we specifically request it for onboarding or compliance. We may redact or de‑identify documents for analysis.

10. Cookies, analytics, and similar technologies

  • We use cookies and similar technologies to:

  • keep you signed in and remember preferences;

  • understand how the Services are used and improve performance; and

  • Measure the effectiveness of our marketing.

  • You can control cookies via your browser settings and, where implemented, our cookie banner or preferences centre. Disabling cookies may impact site functionality. We may use analytics tools (e.g., Google Analytics) and advertising tools that set their cookies under their privacy practices.

11. Third‑party links and services

  • The Services may link to third‑party websites, plug‑ins, or apps (e.g., hosting providers, form providers, payment processors). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

12. Supplier verification, ratings, and reviews

  • To maintain trust and safety, we may verify supplier credentials (e.g., licences, insurance) and collect ratings/reviews from customers. We may publish aggregated ratings or review excerpts on supplier profiles. Suppliers can contact us to request corrections if information is inaccurate.

13. How to contact us & complaints

  • Contact us:
    Email: privacy@bestimat.com (or your preferred contact)
    Postal: Bestimat, [Your Postal Address], Australia

  • Access/correction requests and privacy queries: Please contact us using the details above. We aim to acknowledge your request within a reasonable period and respond within 30 days.

  • Complaints (Australia): If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC). See guidance at oaic.gov.au for lodging a complaint.

  • EU/UK users: You may also complain to your local data protection authority. We will cooperate with relevant authorities in accordance with law.

14. Changes to this Policy

  • We may update this Privacy Policy from time to time. The updated version will be posted on our website with a new "Effective date". Your continued use of the Services after the changes take effect indicates your acceptance of the updated Policy.

15. Region‑specific notices (summary)

  • Australia: We comply with the Privacy Act 1988 (Cth) and APPs. We follow the Notifiable Data Breaches scheme for eligible data breaches.

  • EU/UK: Where applicable, we process personal data in accordance with GDPR/UK GDPR, including providing a lawful basis for processing and facilitating data subject rights. If required, we will appoint an EU/UK representative.

  • Other regions: Where local laws grant additional rights or impose obligations, we will honour those to the extent they apply to our processing.

16. Key definitions

  • Personal information/personal data: Information about an identified individual or a reasonably identifiable individual.

  • Supplier: A business or professional offering renovation services on or through our platform.

  • Processing: Any operation performed on personal information, such as collection, use, disclosure, storage, or deletion.

bottom of page