Privacy Policy

Website visitors

• Usage information through Google Analytics — pages viewed, how you found us, approximate location (city level), device and browser. It's aggregate measurement, not a profile of you.
• Technical data (such as IP addresses) in server logs, processed by Cloudflare to serve pages and block attacks.
• Whatever you choose to put in our contact, project and free website audit forms — typically your name, email, phone and website address. Please don't send us sensitive information (health, financial, political details) through forms; we don't ask for it and don't want it.

Customers and the setup wizard

• Your name, email, phone and business details.
• Your ABN and the public business details we look up on the Australian Business Register.
• Your Google Business Profile / Places data (listing details, reviews, opening hours) where we fetch it to prefill your setup.
• Your domain preferences, and the logos, images and content you upload or give us for your site.
• One-time sign-in codes — we use email codes rather than stored passwords.

Billing

• Payments are handled by Stripe — we never see or store your card numbers. We store the Stripe customer and subscription identifiers we need to manage your billing, plus what Stripe gives us such as payment status and the last four digits of the card.

Service delivery

• The content and data on the websites we build and host for you.
• Where you engage us for ads management, the data in your Google or Meta ads accounts — those accounts belong to you; we access them as your authorised manager.

Communications

• Emails between us, and the service emails we send (sign-in codes, billing notices, reports) via Resend.

We collect and use this information to:

• Deliver and bill the services you've engaged us for.
• Prefill your setup so the wizard takes minutes, not days.
• Provide support and make the changes you ask for.
• Send service emails — sign-in codes, billing notices, reports. These are part of the service, not marketing.
• Respond to your enquiries and prepare quotes and audits.
• Understand how our website is used so we can improve it.
• Meet our legal, tax and record-keeping obligations.

We do not sell personal information, and we don't add you to marketing lists without your consent.

We share information only with the providers we need to run the business, each for a specific role:

• Stripe — payment processing (United States).
• Resend — sending email (United States).
• Google — sign-in (OAuth, where you use it), Places lookups, Google Analytics, and ads platforms where you've engaged us to manage them.
• Meta — ads platforms, where you've engaged us to manage them.
• Cloudflare — hosting and file storage, including R2 (global infrastructure, largely United States).
• Australian Business Register — ABN lookups.

We do not sell your data, and we don't share it with advertisers or data brokers.

Several of the providers above (notably Stripe, Resend, Google, Meta and Cloudflare) store or process data outside Australia, mainly in the United States. Where that happens, we use providers with strong contractual and security commitments — but APP 8 requires us to tell you it occurs, and it does.

We keep your information for as long as your account or engagement is active, plus whatever the law requires us to keep — Australian tax law requires billing records to be kept for at least five years. You can ask us to delete information we're not required to keep, and we will.

You can ask for a copy of the personal information we hold about you, or ask us to correct it, by emailing privacy@pagecog.com. We respond within 30 days and don't charge for it.

If you think we've mishandled your information, email privacy@pagecog.com first — we take this seriously and will respond within 30 days. If you're not satisfied with our response, you can complain to the Office of the Australian Information Commissioner at oaic.gov.au.

We set essential cookies so things work — a session cookie keeps you signed in to the wizard and dashboard. We also use Google Analytics cookies to measure how the site is used. To opt out of Google Analytics, use Google's browser opt-out add-on or block analytics cookies in your browser — the site still works without them.

We take reasonable steps to protect your information: data is encrypted in transit (TLS), our sites run on Cloudflare's infrastructure, access is limited to the small team who need it to do their work, and we don't hold card numbers at all. No system is completely secure, but we work to keep the risk low.

Our services are for businesses. They're not directed at children, and we don't knowingly collect information from them.

If we change this policy in a way that matters, we'll tell current customers before the change takes effect, and the date at the top always reflects the current version. Questions go to privacy@pagecog.com. The terms that govern the services themselves are in our Terms of Service.