Privacy Policy

SETTL is a trade services marketplace operated by Inevara Pty Ltd (ABN [TBD — confirm with Inevara Pty Ltd before public launch]), a company incorporated in Australia (“Inevara”, “we”, “us”, or “our”). SETTL is one of the SINGULARITY family of marketplace platforms operated by Inevara.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use the SETTL platform.

We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“APPs”). By creating an account or using the Platform you acknowledge you have read this Policy.

2.1 Account information

When you register, we collect:

• Full name and display name
• Email address
• Password (stored as a salted cryptographic hash — never in plain text)
• Mobile phone number (optional, used for job notifications)

2.2 Property and job details (consumers)

To enable our matching service, we collect:

• Property address and property type
• Job description, service needs, and urgency
• Estimated budget and budget range
• Photos attached to quote requests (optional)

2.3 Trade professional profile (providers)

If you register as a trade professional, we also collect:

• Business name, ABN or ACN (where applicable)
• Trade licence type, number, and class
• Insurance policy details (public liability)
• Service areas and service radius
• Bank account details for payment disbursement (held by our payment processor)

2.4 Booking and transaction records

For every job and booking, we record:

• Job details, status history, and milestone records
• Consumer and provider identifiers
• Payment metadata: amount, currency, and transaction reference
• Escrow hold and release events

We use personal information to:

• Create and manage your account
• Match consumers with suitable trade professionals
• Process bookings, jobs, and milestone escrow payments
• Send job confirmations, quotes, and status notifications
• Verify trade licences and insurance via compliance services
• Detect fraud and ensure platform safety
• Comply with legal obligations (including ATO tax reporting)
• Resolve disputes between consumers and providers
• Improve the Platform through aggregate analytics

We do not sell your personal information. We disclose it only in the following circumstances:

4.1 With trade professionals upon job acceptance

When you accept a quote, we share your name, contact information, and property details with the trade professional. Providers are not permitted to use this information outside the context of delivering services through the Platform.

4.2 Payment processors

Payments are processed by third-party payment service providers including Stripe and/or Paddle. We do not store full card numbers on our infrastructure.

4.3 Infrastructure and hosting providers

We host the Platform on Amazon Web Services (AWS) infrastructure located in Australia (Sydney region, ap-southeast-2).

4.4 Compliance and verification services

Trade licence and insurance details are shared with compliance verification services for the purpose of verifying provider credentials.

4.5 Legal requirements

We may disclose personal information if required by law, court order, or regulatory direction.

• Account and profile data: retained for the life of your account plus 24 months after closure.
• Job and transaction records: retained for 7 years from the date of the transaction, as required by Australian taxation law.
• Communications: retained for 2 years from the date of the last message, unless subject to an active dispute or legal hold.
• Device and analytics logs: retained for 13 months in identifiable form, then aggregated and de-identified.

• TLS 1.2+ encryption for all data in transit
• AES-256 encryption at rest for sensitive fields
• Passwords stored using cryptographic hashing
• Role-based access controls for Inevara staff
• Multi-factor authentication required for administrative access
• Data stored in AWS ap-southeast-2 (Sydney) — Australian soil

In the event of a data breach, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required under the Notifiable Data Breaches scheme.

Under the Australian Privacy Principles, you have the right to:

• Access a copy of the personal information we hold about you (we will respond within 30 days).
• Correct inaccurate or outdated information (most information can be updated directly in your account settings).
• Delete your account and associated personal information (subject to retention obligations in Section 5).
• Opt out of optional marketing communications at any time.
• Complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your personal information.

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact our Privacy Officer:

We may update this Privacy Policy from time to time. When we make a material change, we will notify you by email and/or by displaying a prominent notice on the Platform at least 14 days before the changes take effect.