Privacy policy

Who we are

OnBooq (ACN 690 973 285) provides a revenue growth and operations system for service businesses that reduces admin work. We help capture and manage enquiries, streamline customer communication, and connect key workflows so our clients can focus on delivering their services.

For details about how our services operate and your responsibilities as a client, please see our Terms & Conditions

Contact

You can contact us about privacy by emailing us at hello@onbooq.com.

What this policy covers

This Privacy Policy explains how we collect, use, store and disclose personal information when you visit our website, when you use our services as a client business, or when you submit an enquiry to a business using an OnBooq-installed Enquiry Assistant or enquiry form. This policy operates alongside our Terms & Conditions.

Roles and responsibilities

OnBooq may act as a service provider to client businesses. If you are our client, you control what information your customers are asked to provide and how you use enquiries you receive. If you are a customer of one of our client businesses, that business controls the customer relationship and the purposes for which your enquiry is used, and we handle information on their behalf to deliver the service.

Information we collect

We aim to collect only what is reasonably necessary to provide our services. If you become a client, we may collect business information such as your business name, ABN/ACN, trading address and service locations, business contact details, service details you provide such as services offered and hours or availability, and billing and account administration details.

When a customer submits an enquiry via an Enquiry Assistant or enquiry form, we may process the information provided, which may include name, email address, phone number, the service requested and basic details about the request, preferred date/time or availability where collected, suburb or service address where provided, and any free-text enquiry content entered by the customer.

When you visit our website or interact with service components, we may collect technical and usage information such as IP address and approximate location derived from IP, device, browser and operating system details, pages visited and interaction logs for security and performance, and cookies or similar technologies.

Sensitive information

Some businesses, including psychologists and health-adjacent providers, may receive enquiries that include sensitive information. Our Enquiry Assistant is intended for general enquiries and administrative matters. Please do not include sensitive personal information such as health details, detailed medical history, payment card details, or government identifiers in an enquiry message. If sensitive information is provided, we treat it with additional care and restrict access where practicable.

Crisis and emergency notice

The Enquiry Assistant is not monitored for emergencies and is not suitable for urgent help. If you or someone else is in immediate danger, call 000 in Australia or your local emergency number.

Not a health professional

The Enquiry Assistant provides general information and helps route enquiries. It is not a health professional and does not provide medical or mental health advice, diagnosis, or treatment. For clinical advice, contact a qualified practitioner directly.

How we use information

We use personal information to provide, operate and support our services, including routing enquiries to the right business, sending confirmations or notifications requested by the business where enabled, maintaining service security, preventing misuse and troubleshooting issues, improving reliability and functionality including quality and performance monitoring, and complying with legal obligations and enforcing our agreements.

Automated processing

To help route enquiries and provide timely responses, we may use automated tools to categorise an enquiry, summarise or structure the information supplied, and generate suggested responses or drafts for the business. These tools are used to deliver the service. We do not use enquiry content to build advertising profiles about individuals, and we do not sell personal information.

What we do not do

We do not sell personal information, we do not rent personal information, we do not share personal information with third parties for their own direct marketing, and we do not create advertising profiles from enquiry content for targeted advertising.

How we share information

We disclose customer enquiries to the business the customer intended to contact. We may also disclose personal information to third-party service providers that help us operate and deliver the service, such as providers of cloud hosting, communications delivery, automation or workflow tools, monitoring and analytics, and support systems. These providers process information only to deliver services to us and must protect it through confidentiality and security obligations. We can provide a list of key service providers upon request.

Payments for our services are processed through a secure third-party payment processor. We do not store full payment card details on our systems.

We may disclose information where required or authorised by law, or where necessary to protect the rights, property, or safety of OnBooq, our clients, or others. If OnBooq is sold, merged, or reorganised, personal information may be transferred as part of that transaction, and we will take reasonable steps to ensure ongoing protection consistent with this policy.

International data transfers

Some service providers we use may store or process information outside Australia. Where this occurs, we take reasonable steps to ensure appropriate safeguards are in place consistent with Australian privacy law.

Data security

We take reasonable steps to protect personal information from loss, misuse, interference, and unauthorised access, modification or disclosure. Measures may include encryption in transit, access controls and least-privilege permissions, audit logging and monitoring, secure backups and recovery practices, and staff confidentiality obligations and security awareness. No method of transmission or storage is 100% secure, but we maintain practical safeguards appropriate to the nature of the information.

Data retention

We retain personal information only for as long as necessary to provide our services, meet legal and accounting obligations, and resolve disputes and enforce agreements. Retention periods may vary depending on the type of information, client requirements, and legal obligations. Where appropriate, we will delete or de-identify information when it is no longer needed.

Cookies and tracking

We may use cookies and similar technologies to support website functionality, understand performance, and improve user experience. You can control cookies through your browser settings. Disabling cookies may affect some website features.

Access and correction

You may request access to, or correction of, personal information we hold about you by contacting us using the details above. If you are a customer of one of our client businesses, you may also contact that business directly, as they control the customer relationship and may hold additional records.

Complaints

If you have a privacy concern or complaint, contact us using the details above with information about the issue. We will investigate and respond within a reasonable timeframe.

Changes to this policy

We may update this Privacy Policy from time to time. The latest version will be published on our website with the updated effective date.