TrueBlue ComplianceTrueBlue Compliance — home

Legal

Privacy Policy

Last updated: 24 May 2026. This Privacy Policy explains how TrueBlue Compliance handles your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles.

1. Who we are

TrueBlue Compliance ("we", "us", "our") is an Australian software business providing compliance documentation, registers and an AI compliance assistant to approved providers and education and care services regulated under the Education and Care Services National Law and National Regulations.

Business name: TrueBlue Compliance Pty Ltd
ABN: [ABN to be inserted]
Registered office: [Registered office address to be inserted], Australia

2. What information we collect

We collect only the information needed to provide our service. This includes:

  • Identity and contact details: your name, role, work email address and phone number.
  • Service details: your centre or service name, approved provider name and number, ABN, ACN, trading name, registered and physical address, suburb, postcode, state, website and centre logo.
  • Account credentials: the email address and password used to access TrueBlue Compliance.
  • Payment information: billing details are processed directly by our payment processor (Paddle). We do not store full card numbers or CVCs on our servers.
  • Usage data: the documents you download, the registers you access, and your interactions with the platform — to support billing, security and product improvement.
  • Chat history: messages you exchange with the TrueBlue AI compliance assistant, retained against your account so you can revisit prior conversations.
  • Lead capture data: if you request a free resource (e.g. the Gap Assessment), your service name, state and email address.

3. How we use your information

  • To create and operate your account and provide the compliance documents, registers and AI assistant.
  • To process payments, manage your subscription and issue invoices.
  • To pre-fill your service details into the documents you download.
  • To send compliance updates, legislative change notifications and product news directly relevant to your service.
  • To respond to support requests and improve the platform.
  • To meet legal, accounting, audit and regulatory obligations.

4. How we store and protect your information

We store your information using Supabase, our managed Postgres hosting provider, with Australian data residency where available. All data is encrypted in transit (TLS 1.2+) and at rest. Access to production systems is restricted to authorised personnel and is protected by multi-factor authentication.

Payment information is processed by Paddle under their PCI-DSS Level 1 certification. We never store full card details.

While we take reasonable steps to protect your information, no method of electronic transmission or storage is 100% secure.

5. Who we share your information with

We share information only with the service providers needed to deliver TrueBlue Compliance:

  • Paddle — payment processing and subscription management.
  • Resend — transactional and update emails.
  • Supabase — database, file storage and authentication.
  • Lovable AI Gateway — routing your chat messages to the language model that powers the compliance assistant.

We do not sell your personal information to third parties — ever.We do not share your information for advertising or marketing by other companies.

6. Your rights under the Australian Privacy Act 1988

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you.
  • Request correction of information that is inaccurate, out of date, incomplete or misleading.
  • Request deletion of your personal information, subject to our legal record-keeping obligations.
  • Opt out of marketing communications at any time.
  • Complain to us about how we handle your personal information.
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au if you are unsatisfied with our response.

7. Cookies and analytics

We use essential cookies to keep you signed in and to remember your preferences. We use privacy-respecting product analytics to understand how the platform is used in aggregate — these analytics do not track you across other websites.

You can disable cookies in your browser settings. Disabling essential cookies will prevent you from signing in.

8. Data retention

  • Account information: retained while your account is active and for 7 years after cancellation to meet Australian tax and record-keeping obligations.
  • Chat history: retained while your account is active. You can request deletion at any time.
  • Lead capture data: retained for 24 months unless you ask us to remove it earlier.
  • Backups: retained for up to 35 days for disaster recovery.

9. Contact us

For privacy questions, access or correction requests, or to make a complaint about how we have handled your personal information:

Privacy Officer, TrueBlue Compliance
Email: info@truebluecompliance.com.au

We will respond within 30 days of receiving your request.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified to you by email at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

See also our Terms and Conditions.