Privacy Policy

Purpose
Scope
Policy Statement
Information We Collect
How We Use Personal Information
Data Storage and Security
Data Retention
Disclosure of Information
Access and Correction
Breach Response
Review and Amendments

1. Purpose

This policy outlines how OKLY Pty Ltd collects, uses, stores, and protects personal information from drivers, riders, and staff in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Scope

This policy applies to:

All users of the OKLY platform (drivers, riders, and staff);
All personal information collected through the OKLY app, website, and related systems; and
Third-party partners or service providers engaged by OKLY.

3. Policy Statement

OKLY respects your privacy and is committed to handling personal data lawfully, securely, and transparently.

We only collect information necessary for operating a safe and efficient rideshare platform.

4. Information We Collect

We may collect the following information:

Drivers: name, contact details, driver's licence, accreditation, vehicle details, insurance, banking details, and trip data.
Riders: name, contact details, trip locations, and payment information.
Operational Data: location, feedback, ratings, safety reports, and communication logs.

All payment details are processed by secure third-party payment providers and are not stored by OKLY.

5. How We Use Personal Information

Personal information is used to:

Match riders with drivers and facilitate rides;
Process payments and payouts;
Verify driver accreditation and compliance;
Support customer service and resolve disputes;
Monitor safety and investigate incidents;
Improve the platform's performance and features; and
Meet legal, regulatory, and insurance obligations.

6. Data Storage and Security

All data is stored on secure servers located in Australia or compliant overseas data centres (e.g., AWS or Google Cloud).
Data is encrypted in transit and at rest.
Only authorised OKLY personnel may access user information, and all access is logged.
We take reasonable steps to protect against misuse, unauthorised access, or disclosure.

7. Data Retention

Trip and account data are retained for five years from the date of transaction, or longer if legally required.
Safety and incident data may be held for extended periods for regulatory purposes.
Once data is no longer required, it is securely deleted or anonymised.

8. Disclosure of Information

We may disclose personal information:

To law enforcement or regulatory agencies when required by law;
To payment processors, insurers, or support providers solely for operational purposes; and
To other parties only with your explicit consent.

OKLY does not sell, rent, or trade user data for marketing purposes.

9. Access and Correction

Users can:

Request access to their data;
Ask for corrections if information is inaccurate or outdated; or
Request deletion, where legally permitted.

Requests can be made by emailing privacy@okly.com.au

10. Breach Response

If a data breach is suspected:

OKLY will promptly investigate and mitigate risk;
Notify affected users and the Office of the Australian Information Commissioner (OAIC) when required under the Notifiable Data Breaches (NDB) scheme; and
Implement corrective security actions.

11. Review and Amendments

This policy will be reviewed annually or sooner if laws or platform practices change.

Updates will be published within the OKLY app and on the company website.

PRIVACY POLICY

Table of Contents