Privacy

Privacy Policy

Plain-English summary of what we collect, why, where it lives, and how long it stays.

Last updated: 12 July 2026

1. Who we are

Vize is a visitor parking compliance platform operated for Australian strata schemes and self-managed Owners Corporations. References to "we", "us" and "our" mean Vize Pty Ltd.

2. What we collect

From visitors: vehicle plate, host apartment, email address, session start/end times, building short-code scanned.

From residents and managers: name, email, phone, building, apartment, role, plate allowlist, authentication tokens, audit metadata.

We deliberately do not collect: government IDs, driver's licence, payment details from visitors, location data outside the active session, marketing preferences.

3. Why we collect it

To operate the visitor parking workflow, evidence enforcement actions, prevent abuse, comply with Australian Privacy Principles (APPs), and respond to lawful requests from authorities and tribunals.

4. Where data lives

Application services and primary database are hosted in Australian regions. Backups remain in AU. We do not transfer personal information offshore for routine processing.

5. How long we keep it

Visitor PII is retained for the retention window configured by your building (default 90 days), after which contact details are hashed and only the audit-grade evidence (plate, times, action) remains. The audit log is append-only and immutable.

6. Who we share it with

Authorised personnel of your building (committee, manager, strata manager), tow contractors when a notice is issued (limited to the plate, time, reason and one secure handoff link), our infrastructure providers under contract, and authorities where required by law.

7. Your rights

You may request access to or correction of your personal information, or complain about a privacy issue, by emailing privacy@vize.app. If we cannot resolve your complaint, you may contact the Office of the Australian Information Commissioner (OAIC).

8. Security

TLS 1.2+ in transit, AES-256 at rest, row-level security at the database, MFA for staff, breach response within 72 hours per the Notifiable Data Breaches scheme.

9. Changes

We will notify customers of material changes by email at least 30 days before they take effect.