Skip to main content
⚠ STAGING — changes here are not live

Privacy Policy

Last updated: 28 February 2026

1. Overview

Heron Hire ("we", "us") is committed to protecting your personal information. This policy explains what data we collect, how we use it, and your rights under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

2. Information We Collect

Account information: Name, email address, phone number, profile photo, and for owners: business name, ABN, and GST registration status.

Identity verification: Driver's licence, passport, or photo ID uploaded for verification purposes.

Listing information: Equipment details, photos, location (suburb-level), and pricing.

Transaction data: Booking details, payment amounts, and payout records. Payment card details are processed by Stripe and are not stored on our servers.

Communications: Messages sent through the platform, enquiries, and support requests.

Usage data: Browser type, IP address, pages visited, and search queries for improving the service.

3. How We Use Your Information

  • Providing and improving the Heron Hire platform
  • Processing bookings and payments
  • Verifying owner identity and business details
  • Sending booking confirmations, reminders, and notifications
  • Responding to support requests and disputes
  • Preventing fraud and ensuring platform safety
  • Generating anonymous, aggregated analytics

4. Information Sharing

We do not sell your personal information. We share data only with:

  • Other users: Your name, profile photo, suburb (not full address), and reviews are visible to other users as needed for bookings.
  • Stripe: Payment processing. See Stripe's Privacy Policy.
  • Service providers: Email delivery, hosting, and error monitoring services that process data on our behalf.
  • Legal requirements: Where required by law, regulation, or legal process.

5. Data Security

We use industry-standard security measures including encrypted connections (TLS), secure password hashing (Argon2), and access controls. While we take reasonable steps to protect your data, no system is completely secure.

6. Data Retention

We retain your account data while your account is active. Booking and transaction records are retained for 7 years to comply with Australian tax and business record-keeping requirements. You can request deletion of your account at any time.

7. Your Rights

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and associated data
  • Opt out of marketing communications
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

8. Cookies

We use essential cookies for session management and authentication. We do not use third-party advertising cookies.

9. Changes

We may update this policy from time to time. We will notify registered users of significant changes by email.

10. Contact

For privacy-related enquiries, contact us.