Back to Offgridly

Privacy Policy

Last updated: 27 March 2026

1. Introduction

Offgridly ("we", "us", "our") operates the Offgridly application and website at offgridly.app. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service. By accessing or using Offgridly, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

We collect only the information necessary to deliver the service. This includes:

Account Information

  • Email address (used for authentication and account communications)
  • Display name (chosen by you, shown in community features)

Profile Information

  • Housing type and ownership status (used by recommendation engines)
  • Space type and approximate size (used by recommendation engines)
  • Suburb (geocoded to approximate coordinates for climate zone detection)
  • Household size and age ranges (used by recommendation engines, encrypted at rest)
  • Budget bracket (used by recommendation engines, encrypted at rest)

Assessment Data

  • Fragility audit responses and scores
  • Contextual deepening answers

Usage Data

  • Recommendation interactions (saved, dismissed, completed)
  • Community contributions (forum posts, resource links, session participation)

3. How We Use Your Information

Your information is used exclusively to:

  • Authenticate your account via one time email verification codes
  • Generate personalised recommendations through our rule based engines
  • Detect your climate zone for location relevant suggestions
  • Enable community features (forums, resource sharing, local sessions)
  • Send transactional emails (verification codes, account notifications)
  • Send product emails if you have opted in (seasonal prompts, re audit reminders)

We do not use your data for advertising, profiling, behavioural targeting, or any purpose beyond delivering the Offgridly service.

4. Data Storage and Security

  • Data is stored in Turso (libSQL) databases hosted in the Sydney region (syd1)
  • Sensitive fields (income bracket, debt bracket, household ages) are encrypted at rest using AES 256 GCM application level encryption
  • Authentication codes are hashed with SHA 256 before storage
  • Location data is stored at suburb centroid precision, not exact addresses
  • All connections use HTTPS/TLS encryption in transit
  • Sessions expire after 30 days of inactivity

5. Third Party Services

We share the minimum data necessary with the following services:

Resend (Email Delivery)

Data shared: your email address. Purpose: delivering verification codes and account notifications.

LocationIQ (Geocoding)

Data shared: suburb text. Purpose: converting your suburb to approximate coordinates for climate zone detection.

Stripe (Payments)

Data shared: email address and subscription tier. Purpose: processing payments for paid plans. Stripe's privacy policy governs payment data they collect directly.

invyt.io (Community Sessions)

Data shared: display name, suburb, and session topic. Purpose: creating and managing community meetup sessions. Only shared when you actively host or join a session.

We do not share the following with any third party:

  • Fragility scores or assessment responses
  • Financial data (income bracket, debt bracket)
  • Household composition or ages
  • Recommendation history or interactions
  • Forum posts or community activity

6. Cookies and Local Storage

  • Session cookie (HTTP only, Secure, SameSite=Strict): used solely for authentication. No tracking or analytics purpose.
  • Local storage: used to preserve your progress in questionnaires and UI preferences (such as PWA install dismissal). This data stays on your device and is not transmitted to our servers.

We do not use analytics cookies, tracking pixels, fingerprinting, or any third party tracking scripts.

7. Your Rights

Under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs), you have the right to:

  • Access your data: View all stored data on your profile page or export it as a JSON file from Settings.
  • Correct your data: Edit your profile fields at any time. Assessment data can be updated by retaking the assessment.
  • Delete your data: Request full account deletion from Settings. After a 24 hour grace period, all personal data is permanently deleted. Community contributions are anonymised.
  • Export your data: Download a machine readable JSON file containing all your data from Settings.
  • Withdraw consent: You may stop using the service and delete your account at any time.

8. Data Retention

Your data is retained for as long as your account is active. When you delete your account, all personal data is permanently removed after a 24 hour grace period. Anonymised community contributions (with no personally identifiable information) may be retained to preserve community discussion integrity. We do not perform automatic data purging on active accounts.

9. Children's Privacy

Offgridly is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through the application. Your continued use of Offgridly after changes are posted constitutes your acceptance of the updated policy.

11. Contact

For privacy inquiries, data requests, or concerns about your personal information, contact us at:

support@offgridly.app

Terms of ServiceHome