1. Overview
BowserWars ("we", "us", or "our") operates the website bowserwars.com.au (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
By using BowserWars you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the Service.
2. Information We Collect
2.1 Information you provide directly
- Email address — when you subscribe to price alerts or create a Pro account.
- Payment information — billing details processed by Stripe on your behalf. BowserWars never stores your full card number, CVV, or bank account details.
- Community price reports — fuel price data you voluntarily submit. Your IP address is cryptographically hashed before storage and is never stored in plain text.
2.2 Information collected automatically
- Usage data — pages visited, search queries (postcodes/suburbs), fuel type selections, and click data, collected via cookies and server logs.
- Device information — browser type, operating system, screen resolution, and referring URL.
- Location data — approximate location derived from your postcode or, if you grant permission, precise GPS coordinates via the browser Geolocation API. Precise GPS data is used only to resolve your postcode and is not stored.
- Cookies and local storage — see Section 5 below.
3. How We Use Your Information
- To provide and operate the BowserWars Service
- To send price alert emails and transactional notifications you have opted into
- To process Pro subscription payments via Stripe
- To improve the accuracy of our fuel price data
- To analyse usage patterns and improve the Service
- To comply with legal obligations
- To detect and prevent fraud or abuse
We do not sell, trade, or rent your personal information to third parties for marketing purposes.
4. Third-Party Service Providers
We share information with the following third-party processors solely to deliver the Service:
| Provider | Purpose | Data shared |
|---|---|---|
| Resend | Transactional email (price alerts, receipts) | Email address |
| Stripe | Payment processing and subscription management | Name, email, billing address, payment method |
| Vercel | Web hosting and edge network | Server request logs, IP addresses |
| Neon / Vercel Postgres | Database hosting | All stored user data |
| OpenStreetMap Nominatim | Reverse geocoding GPS to postcode | GPS coordinates (not stored) |
All providers are contractually bound to use your data only for the stated purpose.
5. Cookies and Local Storage
We use the following cookies and browser storage mechanisms:
- bw_cookie_consent (localStorage) — stores your cookie preference (accepted/declined). Persists until you clear browser data.
- Stripe cookies — used by Stripe to prevent fraud during checkout. Subject to Stripe's Privacy Policy.
- Analytics cookies — if you accept cookies, we may use first-party analytics to understand site usage. No third-party advertising cookies are set.
You can manage cookies through your browser settings. Declining cookies will not prevent access to core features but may affect personalisation.
6. Data Retention
- Email addresses (alert subscribers) — retained while your subscription is active, then deleted within 30 days of unsubscription.
- Payment records — retained for 7 years as required by Australian taxation law.
- Price history data — retained indefinitely for trend analysis. This data is not linked to individual users.
- Hashed IP addresses (community reports) — retained for 90 days, then purged.
- Server logs — retained for 30 days, then deleted automatically.
7. Your Rights Under the Australian Privacy Act
You have the right to:
- Access — request a copy of the personal information we hold about you.
- Correction — request that we correct inaccurate or incomplete personal information.
- Deletion — request deletion of your personal information, subject to legal retention obligations.
- Opt-out — unsubscribe from marketing or price alert emails at any time using the unsubscribe link in any email.
- Complaint — lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au if you believe we have breached the APPs.
To exercise any of these rights, contact us at hello@bowserwars.com.au. We will respond within 30 days.
8. Data Security
We implement commercially reasonable technical and organisational measures to protect your personal information, including TLS encryption in transit, database encryption at rest, and access controls limiting who can view personal data. However, no internet transmission is 100% secure and we cannot guarantee absolute security.
9. Cross-Border Disclosure
BowserWars is hosted on infrastructure operated by Vercel (USA) and Neon (USA). By using the Service, you consent to the transfer of your data to these countries. We ensure contractual protections are in place consistent with the Australian Privacy Principles.
10. Children
The Service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered subscribers by email of material changes. The "Last updated" date at the top of this page indicates when the policy was last revised.
12. Contact
For privacy enquiries or to exercise your rights, contact:
BowserWars
Email: hello@bowserwars.com.au