/
Author profile
Kurtis Payne
Updated:

Data Privacy, Storage & Governance

This guide explains how 1nbox handles your data: what we collect, where it's stored, how long we keep it, and how we govern it. For the full legal terms, see our Privacy Policy.

Privacy policies

1nbox is operated by Kudo Digital Pty Ltd. We comply with the Australian Privacy Act 1988 (Cth) and take reasonable steps to align with international standards such as GDPR where applicable. Our Privacy Policy describes:

Access the full policy from Settings → Data & Privacy or at 1nbox.au/privacy.

Data storage

1nbox runs on AWS (Amazon Web Services). Your data is stored in secure, encrypted databases and object storage. We use:

Data is hosted in AWS regions chosen for performance and compliance. We do not store full payment card details — Stripe handles payments and card data.

Local cache (IndexedDB)

The 1nbox web app may cache some data locally in your browser (IndexedDB) to improve load times and offline behaviour. This cache is scoped to your session and can be cleared when you log out or clear site data.

Data governance

We follow clear rules for how data is handled:

Data ownership

Businesses own the customer data they collect through 1nbox. We act as a data processor — we store and process it only to provide the Service. Businesses are responsible for having appropriate rights and permissions to collect and use customer data.

Access controls

Access to production data is restricted to authorised personnel. We use role-based access, least-privilege principles, and audit logging. Staff and owners see only the data their role permits.

Processing purposes

We process data only for defined purposes: operating the platform, facilitating bookings, sending notifications, maintaining security, and improving the service. We do not sell personal information.

Data retention

We retain personal information only as long as necessary to:

Businesses control much of the data in their accounts. When you delete your account, we permanently remove your data after the 7-day grace period (see Deleting your account).

Backups

We maintain backups for disaster recovery. Backup data is retained according to our retention policy and is subject to the same security controls as production data.

Security

We implement technical and organisational safeguards, including:

No method of transmission or storage is completely secure. We cannot guarantee absolute security but we take commercially reasonable steps to protect your data.

Your rights

Depending on your jurisdiction, you may have the right to:

To exercise these rights, contact contact@1nbox.au. We may need to verify your identity before fulfilling requests.

International users

1nbox is operated from Australia but may be accessed globally. By using the Service, you acknowledge that your information may be transferred to and processed in jurisdictions with different data protection laws. We take reasonable steps to ensure appropriate safeguards are in place.

Third-party services

We use trusted service providers to operate the platform, including payment processors (Stripe), cloud hosting (AWS), and communication providers. These providers are permitted to use information only to deliver services on our behalf. We do not sell personal information.

Changes to policies

We may update our Privacy Policy and related practices periodically. When material changes occur, we will take reasonable steps to notify users (e.g. via the platform or website). Continued use of the Service constitutes acceptance of the revised policy.