Truecost Logo
My ProjectsHow it worksSee an estimateNew estimate
Profile settings

Privacy Policy

Effective: 30 April 2025

Introduction

This Privacy Policy describes how Howmuch2 Pty Ltd (ABN 15 682 879 303), trading as Truecost, collects, uses, and discloses your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By providing personal information to us, you consent to our collection, use, and disclosure of your personal information in accordance with this Privacy Policy. We may update this policy from time to time by publishing changes on our website howmuchto.com.au. We encourage you to check periodically to stay informed.

What Personal Information Do We Collect?

We may collect the following categories of personal information:

  • Name
  • Contact details (email address, phone number, mailing or street address)
  • Payment information (e.g., payment-card details)
  • Device identifiers, device type, and connection information
  • Geolocation data
  • IP address and standard web-log information
  • Project files uploaded to obtain AI-generated cost estimates (e.g., floor plans, budgets, material specifications)
  • Survey and feedback data
  • Any additional information you provide to us directly or through our website

How Do We Collect Personal Information?

We may collect personal information directly from you or from third parties, including when you:

  • Register on our website and create an account
  • Communicate with us via correspondence, chat, email, or phone
  • Connect with us through social media platforms
  • Upload project data to generate AI-powered estimates
  • Interact with our sites, services, content, or advertising

If you apply for employment or a position with us, we may also collect information (e.g., name, contact details, work history, records checks) from recruitment consultants, previous employers, and other referees.

Why Do We Collect, Use, and Disclose Personal Information?

We may collect, hold, use, and disclose your personal information for the following purposes:

  • Service delivery and account management, including enabling access to our website and app
  • Operating, protecting, improving, and optimising our services, AI models, and user experience through analytics and research
  • Generating AI-driven construction-cost estimates and refining our estimation models
  • Sending service, support, and administrative messages, reminders, technical notices, updates, and security alerts
  • Marketing communications, including promotional emails, SMS, and mail in compliance with the Spam Act and Privacy Act
  • Legal compliance, resolving disputes, and enforcing agreements
  • Considering your employment application

Do We Use Your Information for Direct Marketing?

We and/or our carefully selected business partners may send you direct marketing communications about our services or products. You may opt out of receiving marketing materials at any time by contacting us at privacy@howmuch2.com.au or by using the unsubscribe link provided in our emails.

To Whom Do We Disclose Your Personal Information?

We may disclose personal information to:

  • Our employees and contractors
  • Third-party service providers (e.g., cloud hosting, analytics)
  • Professional advisers, dealers, and agents
  • Payment-systems operators (e.g., merchants receiving card payments)
  • Existing or potential business partners
  • Any transferee of our assets or business
  • Government, regulatory, or law-enforcement agencies as required or permitted by law

Disclosure of Personal Information Outside Australia

We may transfer data to service providers in the United States, Singapore, and the European Union. By providing information, you consent to these cross-border disclosures. While we are not required to ensure overseas recipients comply with Australian privacy law, we will take reasonable steps to ensure they handle data consistently with the Australian Privacy Principles.

Using Our Website and Cookies

We use cookies and similar tracking technologies to collect data about your browsing behaviour, including pages visited, time and date of visits, and your IP address. These technologies help us monitor usage and remember your preferences. Disabling cookies may affect website functionality. Any personal information collected by cookies is handled as described in this Privacy Policy.

Security

We use encryption, access controls, and regular security audits to protect your information from misuse, interference, loss, unauthorised access, modification, or disclosure. However, we cannot guarantee complete security of data transmitted over the internet or stored electronically.

Accessing or Correcting Your Personal Information

You can request access to, or correction of, your personal information by contacting us at privacy@howmuch2.com.au. We may need to verify your identity before providing access. If we deny your request, we will provide reasons in writing.

Making a Complaint

If you believe we have breached the Privacy Act or mishandled your personal information, please contact our Privacy Officer with your name, contact details, and a description of your complaint. We will acknowledge receipt and respond within a reasonable timeframe. If you are dissatisfied with our response, we will advise you on further steps, including your right to complain to the Office of the Australian Information Commissioner (OAIC).

Contact Us

Privacy Officer
Howmuch2 Pty Ltd
Email: privacy@howmuch2.com.au

Australian Privacy Law — Factsheet

Last updated: 30 April 2025

Does the Privacy Act apply to you?

The Privacy Act 1988 (Cth) incorporates the Australian Privacy Principles (APPs) and governs the collection, handling, storage, use, disclosure, and destruction of personal information in Australia. An organisation must comply if it has turnover of A$3 million or more, or falls within specific categories (e.g., health-service provider, trades in personal information, related body corporate, Commonwealth contract, or reporting entity under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006). Although Howmuch2 currently falls below the A$3 million threshold, we have adopted the APPs as best practice.

Why do you need a Privacy Policy?

APP 1 requires a clear and up-to-date Privacy Policy describing how personal information is managed, including collection methods, purposes of use, storage locations, and disclosures. If the Privacy Act applies and you lack a compliant policy, you may face penalties (up to A$2.22 million for corporations or A$444,000 for individuals) under the OAIC's enforcement powers.

What do you need to do with your Privacy Policy?

You must make your Privacy Policy available free of charge in an accessible form (e.g., footer link on each webpage and within any mobile app). Keep it up-to-date as your privacy practices change.

What is personal information?

Personal information is any information or opinion about an identified individual, or one who is reasonably identifiable, whether true or not and recorded or not. Information linked with other data to identify an individual (e.g., device IDs combined with purchase records) is also personal information.

What is sensitive information?

Sensitive information includes personal data or opinions about an individual's racial or ethnic origin, political opinions, religious beliefs, sexual orientation, criminal record, health, genetic, or biometric information. More stringent obligations apply to its collection, use, and disclosure.

Why is a Collection Notice required?

APP 5 requires that, at or before (or as soon as practicable after) collecting personal information, individuals are notified of certain matters (Collection Notice). This applies when a user registers on your website or app, enquires via email or phone, or when a new feature collects additional personal information.

Other privacy obligations

  • Direct marketing (APP 7): specific conditions and the Spam Act 2003 (Cth) apply to email and SMS marketing.
  • Cross-border disclosure (APP 8): take reasonable steps (or use a recognised exception) before disclosing data overseas.
  • Security (APP 11): protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure, and destroy or de-identify when no longer needed.
  • Credit-reporting obligations: separate obligations apply if dealing in credit information.