Legal

Privacy Policy

Last updated 10 July 2026

This Privacy Policy explains how Peak State Global (we, us, our) handles personal information when you use Peak State Books (the Service). We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. What we collect

  • Account information — your name and email address, and the identifier from your sign-in provider when you sign in with Google.
  • Business details — your company name, ABN, business address, director and user names, and logo, used on your invoices and BAS reports.
  • Bookkeeping data you enter — expenses and purchases (amounts, GST, dates, descriptions, categories), seller and supplier details, inventory and teardown records, sales invoices, manual payment records, and BAS and reporting figures.
  • Captured content — photos and PDFs of receipts and invoices you upload, text you paste, and transcripts of voice dictation you record for expense entry.
  • Your customers’ and suppliers’ details — information you enter about the people and businesses you deal with, such as their name, company, ABN, and address.
  • Technical and usage data — device and browser information, log and error records (kept so we can diagnose faults), and basic performance metrics.
  • Offline cache — drafts and captures you create while offline are stored on your own device (in your browser) until they sync.

We use cookies and similar browser storage only to keep you signed in and to run the Service. We do not use advertising or tracking cookies.

2. How we collect it

We collect most information directly from you as you use the Service. Some technical data is collected automatically when you use the app. Where you sign in with Google, we receive basic account information from that provider with your authorisation.

3. How we use it

  • to provide and operate the Service and keep your books and records;
  • to read receipts and text and suggest expense fields, and to calculate Global Pool balances, BAS 1A/1B figures, and reports from your data;
  • to send you transactional messages, such as invoices you choose to email;
  • to provide support, maintain security, and diagnose and fix faults;
  • to comply with our legal obligations.

We do not sell your personal information, and we do not use it for advertising.

4. AI processing

When you capture an expense, the receipt image, PDF, or text you provide is sent to our third-party AI provider solely to extract the expense details and return them to you. The provider is engaged under terms that do not permit your data to be used to train their models. We only send what is needed to produce the result.

5. Who we share it with

We share personal information with the following categories of service providers, only as needed to run the Service and bound to use it solely for that purpose:

  • Cloud database, authentication, and file hosting — to store your account, your bookkeeping data, and your logo.
  • Object storage — to hold your uploaded receipt and invoice photos and PDFs in a private store.
  • AI processing provider — to read receipts and text, as described above.
  • Email delivery provider — to send invoices and transactional email.
  • Application hosting and performance monitoring — to run and measure the Service.

We may also disclose personal information where required or authorised by law, or as part of a genuine business sale or transfer (in which case it stays subject to protections consistent with this policy). We do not otherwise disclose your information.

6. Overseas disclosure

Some of our providers store or process data outside Australia. Our database and file storage are hosted in Japan, and our AI processing, email delivery, hosting, performance monitoring, and sign-in providers are located in the United States. Before disclosing personal information overseas, we take reasonable steps to ensure recipients handle it consistently with the APPs.

7. Security

We take reasonable steps to protect personal information: data is encrypted in transit (HTTPS/TLS); your uploaded files are kept in a private store accessed only through short-lived, signed links; and access controls (row-level security) restrict each account to its own data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

We comply with the Notifiable Data Breaches scheme: if a data breach is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required.

8. Retention and deletion

We keep your information for as long as your account is active and as needed to provide the Service. You can ask us to delete your account and personal information by emailing us; we will do so unless we are required to retain certain records by law (for example, tax records). Disconnecting or deleting a capture source stops new collection but does not, by itself, erase data already imported. Offline drafts held on your own device are cleared when you clear your browser storage.

9. Access, correction, and portability

You can access and correct much of your information directly in the app. You may also ask us for access to, or correction of, the personal information we hold about you (APP 12 and APP 13) by emailing contact@peakstate.global.

10. Complaints

If you have a privacy concern, please contact us first at contact@peakstate.global so we can try to resolve it. If you are not satisfied, you can contact the Office of the Australian Information Commissioner at oaic.gov.au or on 1300 363 992.

11. Children

The Service is intended for business owners and is not directed at anyone under 18. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here and change the “Last updated” date above.

13. Contact

For any privacy question or request, email contact@peakstate.global.