1. Information We Collect
We collect information you provide and information generated through your use of SiteCobba, including:
- Account details: name, email address, password (hashed), country/region, phone number.
- Company details: company name, logo, brand colour, business contact details, default GST rate, default merchant and branch.
- Project content: projects, quotes, site reports, timesheets, calendar events, inventory items, rate libraries and notes you create.
- Uploaded media: site photos, voice recordings (used for transcription and AI processing) and other documents you upload.
- Usage analytics: pages viewed, features used, errors encountered, approximate timings.
- Device & app data: device type, operating system, app version, IP address, approximate location (derived from IP for region detection), language and time zone.
- Billing data: subscription status and the limited transaction metadata returned by our payment processor (we do not store full card numbers).
- Support communications: messages, feedback and any attachments you send us.
2. How We Use Your Information
- To provide, operate, secure and improve SiteCobba.
- To generate AI-assisted quotes, reports, transcripts and summaries that you request.
- To authenticate users, manage subscriptions and process payments.
- To send transactional emails (account, billing, security, feedback receipts).
- To detect, prevent and respond to misuse, fraud and security incidents.
- To comply with legal obligations and enforce our Terms.
- To analyse usage in aggregate to improve features and stability.
3. AI Processing
To deliver AI features (voice transcription, quote drafting, report generation, photo analysis), relevant content — including voice recordings, photos and text you submit — is sent to AI model providers acting as our processors. Providers may include Google (Gemini), OpenAI and similar large-language-model providers, accessed via secured API. We instruct providers not to use your content to train their general models where that option is available. Do not submit content you are not authorised to share.
4. How We Store Your Information
Data is stored in managed cloud infrastructure (currently Supabase, hosted on Amazon Web Services). Voice recordings, photos and uploaded files are stored in encrypted object storage with row-level access controls. Data is encrypted in transit (TLS) and at rest. Some data is also cached locally on your device to support offline use.
5. Third-Party Service Providers
We share the minimum information needed with trusted providers, including:
- Cloud hosting & database: Supabase / AWS.
- AI model providers: Google, OpenAI and similar.
- Email delivery: our transactional email infrastructure provider.
- Payment processors: Stripe, Apple App Store and/or Google Play (depending on how you subscribe).
- Analytics & error monitoring: aggregated usage and crash reporting tools.
These providers may store data outside New Zealand or Australia, including in the United States and the European Union. By using SiteCobba you consent to such transfers, subject to appropriate safeguards.
6. Your Rights
- Access the personal information we hold about you.
- Request correction of inaccurate information.
- Request deletion of your account and associated personal information, subject to legal retention requirements.
- Withdraw consent or unsubscribe from marketing emails (transactional emails will continue).
- Lodge a complaint with the New Zealand Office of the Privacy Commissioner or the Office of the Australian Information Commissioner.
To exercise any of these rights, email help@onsitecobba.com.
7. Data Retention
We retain your personal information for as long as your account is active, plus a reasonable period afterwards to meet legal, tax, accounting and dispute-resolution obligations (typically up to 7 years for financial records). Backups may persist for a further limited period before being overwritten.
8. Security
We use industry-standard security measures including encryption in transit and at rest, role-based access controls and audit logging. However, no method of transmission or storage is completely secure. We cannot guarantee absolute security and accept no liability for unauthorised access caused by factors outside our reasonable control. You are responsible for keeping your login credentials confidential.
9. Children
SiteCobba is not intended for use by anyone under 18. We do not knowingly collect personal information from children.
10. Cookies & Local Storage
We use cookies and browser/device local storage for essential functionality (authentication, session, region detection, trial tracking, offline outbox). You can clear these through your browser or device settings; doing so may affect functionality.
11. Changes
We may update this Policy from time to time. The latest version will always be available in-app and at this URL.
12. Contact
Privacy queries: help@onsitecobba.com · SiteCobba Limited, Auckland, New Zealand.