Get started

Privacy Policy

In this privacy policy, ‘we’, ‘us’ and ‘our’ means Appstablishment Software Group Pty Limited (Appstablishment) (ACN 602 855 167) and ‘Service’ means the software services we provide to you on our websites, mobile applications, products and services (for example, Spenda).

Appstablishment is committed to protecting the privacy of our users. By providing us with your personal information, you consent to your personal information being collected, stored, used and disclosed as set out in this privacy policy.

This Privacy Policy explains how Appstablishment and its related companies collect, use, disclose, transfer, protect, store and otherwise process your information. It also explains your rights and options around our use of your personal information and how you can exercise these choices.

For the purposes of this Policy, ‘Subscriber’, refers to an individual or an entity that registers to use our Services.


We provide Subscribers with use of and access to the Services as part of a Subscription Plan, a free Account or a free trial of the Services as set out in our Terms and Conditions (T&Cs) which can be viewed at

By using or subscribing for the Services you:

  • agree that you have read and understood this Privacy Policy;
  • agree to be bound by the Privacy Policy; and
  • consent to the use of your Information as set out in this Privacy Policy.

If you do not agree to the terms in this Privacy Policy, please do not use or access the Services.

You may withdraw or vary your consent by emailing Appstablishment may terminate your use of and access to the Services if you withdraw your consent.

In this Privacy Policy,

  1. Personal information means information about an identified living individual or an individual who is reasonably identifiable (e.g. person is one who can be identified, directly or indirectly, in particular by reference to a name and contact details or one or more factors specific to his/her physical, cultural or social identity).The personal information we collect and hold generally includes your name and contact information (being telephone number, email address and postal address). We may also collect other information required to provide the Service.
  2. Subscriber Information is information relating to our Subscribers and their businesses. We collect this information so that we can provide our Services to those Subscribers.
  3. Customer Information is information relating to individuals with whom our Subscribers interact (such as customers, suppliers, partners and others). Subscribers to our Services are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as all privacy policies, agreements or other obligations, relating to the collection of personal information of individuals with whom our Subscribers interact.We collect customer information under the direction of our Subscribers and have no direct relationship with customers whose personal information we process in connection with the use of our Services. If you are a Subscriber providing information (including personal information) about a customer, you must have the legal ability to do so and, if necessary, inform them about how their personal information will be used (as described in this Privacy Policy).If you are a customer who interacts with a Subscriber using our Services, that Subscriber is the controller of your information and you should contact them directly for assistance with any requests or questions relating to your personal information.
  4. By registering for the Services you acknowledge the collection, transfer, processing, storage, disclosure and other uses of your information, as described in this Privacy Policy.

What information we collect

In using our Services, you provide us with the following information which we store securely:

5. Account Information

  1. Contact information such as name, email address, mailing address, phone number and country;
  2. Profile information such as a username, profile photo, and job role;
  3. Preferences information such as notification and marketing preferences.

6. Operational Information

  1. Product and service information (including inventory, pricing, sale, transaction, tax, and other data)
  2. Employee, customer, supplier and contact data

7. Access Logs:

We gather information and store it in log files when you interact with our Services. This information includes Internet protocol (IP) addresses, browser type, URLs of referring/exit pages, operating system, language and location preferences, time/date stamp, search history, device identification numbers and system configuration information. We may correlate personal information with information gathered in access logs to improve our Service.

8. Analytics Information:

We collect analytics to help us improve our products and services and provide a better experience for our Subscribers and their customers. This may include information on functions and features of the Service being used, username, IP address and any other information needed to detail the operation of the function and the parts of the Services.

We also collect operational data as a result of running queries against our user base for the purposes of generating Usage Data. Usage data is data about our Subscribers and their business and is aggregated data about a category or group of features, services, or users that is not of itself personal information. We may incidentally come across sensitive or personal information when we compile Usage Data.

We use third party analytics providers such as Google and Microsoft. Refer to Google’s Policies and Principles to find out more about the privacy policy of Google Analytics. To prevent analytics information from being sent to Google Analytics, use the Google Analytics Opt-out Browser Add-on.

9. Cookies and other tracking technologies:

Cookies and other technologies are used by us and our third-party partners (for example, our advertising and analytics partners) to collect information. We use cookies and other tracking technologies embedded in our Services for analytics and to give you a better and more personalised use of the Services.

A cookie is software stored temporarily or placed on your device’s hard drive. The main purpose of a cookie is to allow a web server to identify a User’s device and tailor web pages and/or login information to their preferences.

Cookies help us promptly display information which we consider to be of interest to you to use the capabilities of the Platform. By gathering and remembering information about your preferences through cookies, we can provide you with a better experience. Cookies do not give us access to your devices and the information we collect through cookies does not include Personal Information.

  1. Session cookies allow us to uniquely identify your browser while you are logged in. Session cookies disappear from your computer when the web browser is closed or computer is turned off.
  2. Persistent cookies identify end users and make it easier for them to log into and use the Platform. Persistent cookies remain on devices after the session is closed or the device is turned off.

We utilise various categories of cookies, which are summarised below along with the options available to you to manage them:

  1. Essential cookies are those that are critical to the functionality of the Platform. We use these to keep you logged into the Service and remember relevant information when return to the Service.
  2. Functional cookies track you and your activities on the Service, understand your preferences and improve your user experience. These cookies can also be used to remember configurations of the Service that you customise.
  3. Marketing cookies serve a variety of functions that enable us to track and analyse usage and other statistical information. Marketing cookies are also used to track the performance of our marketing campaigns and are employed by us via third-parties. We use third-parties to collect information that assists us in other methods of marketing our Services including customised email communications.

To opt out of receiving cookies, instruct your browser to stop accepting cookies or prompt you before accepting a cookie from websites you visit, by changing your browser options. To learn more about cookies visit

Blocking or deleting cookies used in our Services may adversely affect aspects of our Services provided to you.

10. Information from Third Party Services:

We may receive personal information from third parties such as social media, data enrichment or authentication services. Any information we access is governed by the authorisation procedures of that service.

By authorising us to connect with a third party service, you authorise us to access and store your name, email address(es), locale, profile picture URL, and other personal information that the third party service makes available to us, and to use and disclose it in accordance with this Privacy Policy. Check your privacy settings on these third party services to learn and modify the information these services send to us.

11. Other Information: 

We collect personal information from you when you submit forms on our sites or when you participate in any interactive features of our Services, surveys, competitions, promotional activity, request customer support, download content, via third party sites, or otherwise communicate with us.

How we collect your personal information 

12. We may collect your personal information in a number of ways, including when you engage us to provide the Service or when you register as a user with us for any of our products, such as when you submit forms on our sites or when you participate in any interactive features of our Services, surveys, competitions, promotional activity, request customer support, download content, via third party sites, or otherwise communicate with us.

The purpose for collecting your personal information and how we use it

13. We continually work to improve our Service for our Subscribers. As such, we collect and use your personal information for the purpose of providing the Service and directly related purposes. Such purposes include:

  1. enabling you to access and use the Services;
  2. measuring, customising and improving the Services to help to develop new products and services that may interest you and others;
  3. telling you about our other service offerings, or general promotions for business partner campaigns and services, which we believe may be relevant (if you have requested to receive this);
  4. conducting market or customer research to administer referral programs, rewards, surveys or other promotional activities or events sponsored or managed by us or our partners;
  5. sending service, support and administrative messages, reminders, technical notices, updates, security alerts to prevent unauthorised access to Services,
  6. any other purpose notified to you at the time your personal information is collected.

14. We may also use your information to comply with legislative or regulatory requirements in any jurisdiction, prevent fraud, crime or other activity that may cause harm in relation to the Service.

15. We will not use your personal information other than as set out in this privacy policy or as required or permitted by law.

Disclosure of your personal information

When you register for the Services, we may share your information only as described below:

16. Where appropriate, we will disclose your personal information to your employer, principal or administrator for verification purposes.

17. Marketing Materials, BLOGS, Forums and Wikis:

Our websites offer publicly accessible services such as blogs, forums, and wikis. Any information you provide in these areas may be read, collected, and used by others who access them. Information you provide may remain even after you cease using the Service. To request removal of your personal information from us, please contact us using the information listed below. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to and why.

18. Related Parties, Business Partners, Service Providers and Others:

We use and work with third party service providers to provide application development, hosting, website, infrastructure, maintenance, backup, payment processing, customer relationship management, marketing, accounting, human resources, business intelligence and analytics, data enrichment, customer support and other services for us. These service providers may have access to or process your information for the purpose of providing those services for us. You acknowledge that you are providing your information to these third parties, some of which may be located in countries outside of your location, acting on behalf of us. if we disclose your personal information to external service providers overseas, we will take reasonable steps to ensure that they comply with the Privacy Act 1988 (Cth)

We also obtain contact information from select Business Partners to better understand your preferences and to deliver you more personalised marketing.

19. We may also disclose any of the personal information we collect to our related bodies corporate and our advisers such as lawyers and accountants, our related entities and our external service providers (on a confidential basis).

20. Parties You Authorise:

You can give third parties access to your and your end users’ information. The use of this information will be governed by the terms and privacy policies of the third party. We have no control over, and take no responsibility for, the privacy practices or content on other sites. You are responsible for checking the privacy policy of any such sites so that you can be informed of how they handle personal information.

21. Widgets:

Our Services may include widgets, such as social media features, “Like” and “Share” button or interactive programs that may run on our site. These features may collect data such as your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Widgets are either hosted by a third party or hosted directly on our site. Your interactions with these features are governed by the privacy policy of the company providing it.

22. We will not disclose your personal information other than when required or permitted by law, to a third party if we believe the disclosure is reasonably necessary or with your permission.

  1. To comply with any applicable law, legal process or governmental request;
  2. To enforce and administer our agreements, policies and terms of use;
  3. To protect the property, rights, and safety of us, our Subscribers or the public from harm or illegal activities;
  4. For fraud prevention, risk assessment, investigation, customer support or product development;
  5. To establish or exercise our legal rights against any third-party claims or allegations;

23. Nothing in this privacy policy prevents us from using and disclosing to others de-personalised aggregated data that does not directly identify you with third parties in order to improve our Services.

Your obligations when we disclose personal information to you

24. If we give you or provide you access to the personal information of any individual in connection with our Service, you must only use it:

  1. for the purposes we have specified; and
  2. in compliance with the requirements of applicable privacy laws, including the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) and this privacy policy.

25. You must also ensure that your representatives, agents, employees and contractors meet the above requirements.

Accuracy and correction of your personal information

26. We take reasonable steps to ensure that your personal information is accurate, complete and up-to-date whenever we collect, use or disclose it. However, we also rely on you to advise us of any changes to your personal information.

27.  You may access, change, or correct information about you by logging into your account at any time or by making a request to us using the contact details below. Please note we may need to verify your identity before granting access or otherwise changing or correcting your information.

Your obligations when you provide us with the personal information of others

28. You must not provide us with personal information of any other individual unless you have the express consent of that individual to do so. If you do provide us with such information about another individual, before doing so you:

  1. must tell that individual that you will be providing their information to us and that we will handle their information in accordance with this privacy policy;
  2. must refer that individual to this privacy policy; and
  3. warrant that you have obtained that individual’s consent to provide their information to us.

Security of information 

29. We take reasonable steps to protect any information that we hold from misuse, interference and loss and from unauthorised access, alteration and disclosure.

30. Data protection measures are never completely secure and despite the security measures we have in place, we cannot guarantee your information during transmission through the Internet, while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.

You must take care to ensure you protect your personal information (for example, by protecting any usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches.

Your Choices and Privacy Rights

31. If you make a request by contacting us at the contact details below, we will provide you with access to the personal information we hold about you unless otherwise required or permitted by law. We will notify you of the basis for any denial of access to your personal information.

32. If you wish to deactivate your account, you may do so by emailing us using the contact details provided below. Please note we may need to verify your identity before processing such a request.

33. Opting out of Promotional Communication: You may opt out of receiving promotional communications from us by using the unsubscribe link within each email or contacting us using the contact details provided below. Please note you will continue to receive messages from us regarding Services (e.g., account verification, purchase and billing confirmations and reminders, technical and security notices).

Requests to opt-out of transfers to third-party providers may be submitted, but limitations on data sharing may make it difficult or impossible to process this request and still utilise the Services.

34. Children’s use of the services

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from persons under the age of 16 and if we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.

If You become aware that a child has provided us with personal information, please contact us at the address listed below and we will take steps to delete such information.

Transfer of data from your home country

35. To bring you the Services, we operate globally with global partners. In order to provide you with the Services, your personal information may be transferred to, and processed in countries outside of your home country, including to Australia, New Zealand, United Kingdom and the United States.

These countries may have laws different and where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.

36. Australian users: The third parties we share data with do not control and are not permitted to access or use your personal data, except for the limited purpose it was provided. For the purposes of Australian privacy legislation relating to Australian users, we do not disclose personal data to third parties located overseas.

Information retention

37. We retain information we collect where we have an ongoing business need to do so in connection with the purposes set out above. For Information about how long any of our Subscribers retain your personal information, please contact that Subscriber.

38. If we have no ongoing need to process your information, we will either delete or anonymise it or, if this is not possible (if information has been stored in backup archives), then we will aim to securely store your personal information and isolate it from any further processing if and until deletion is possible.

Updates to our Privacy Policy

39. We reserve the right to change this Privacy Policy from time to time, and if we do we will post any changes on this page. We will make every effort to communicate any significant changes to you directly. Your continued use of the Services will be deemed acceptance of any updated policy.

How to make a complaint 

40. If you wish to make a complaint about a breach of this privacy policy or under the Privacy Act 1988 (Cth), you can contact us using the contact details below. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence and information.

41. We will refer your complaint to our Privacy Officer who will investigate the issue and determine the steps (if any) that we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation. We will try to resolve any complaint within 14 working days. If this is not possible, you will be contacted within that time to let you know how long it should take us to resolve your complaint.

42. If you are not satisfied with our determination, you can contact us to discuss your concerns or complain to the Australian Privacy Commissioner via

How to contact us 

43. If you wish to gain access to your personal information, want us to correct or update it or you have a complaint about a breach of your privacy or any other query relating to this privacy policy, please contact us by sending an email to: or by letter addressed to our Compliance Officer at 27 Oxford Close, West Leederville WA, 6007.

44. No fee will be charged by us for an access request. However, you may be charged the reasonable cost of complying with the access request.


NOTE: For further information on privacy, visit the Federal Privacy Commissioner’s website at: