top of page

prelo

Download app now

Privacy Policy

Last Updated: 10/04/2026

Prelo ("we," "our," or "us") is committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the Prelo marketplace App (the “App”), and it outlines your rights regarding your personal data under Australian privacy law.

By using the App, you agree to the collection and use of your personal information in accordance with this Privacy Policy.

1. Information We Collect

We collect a variety of information in order to provide our services to you:

Personal Information

  • Account Information: This includes your name, email address, phone number, shipping address, profile picture and other contact details when you create an account.

  • Transaction Information: Information related to your purchases and sales, such as payment methods, billing details, shipping information, dispute records and transaction history.

  • Verification Documents: This includes government-issued ID and proof of address for Trust Badge verification purposes.

  • User-Generated Content: This includes any listings you create, images, descriptions, reviews and ratings you post, support ticket messages, feedback and comments.

 

Non-Personal Information

  • Usage Data: We collect data on how you interact with the App, such as device type, IP address, browser type and version, session data, authentication tokens, operating system, and App usage patterns.

  • Location Data: If you choose to share it, we may collect location data from your device.

 

Third-Party Information

We may collect information from third-party service providers, such as Stripe (for payment processing) and Easyship (for shipping), including shipping addresses, transaction history, and payment details.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide and improve our services

  • Operate, maintain, and improve the functionality of the Prelo app and marketplace

  • Improve platform functionality and develop new features based on how users interact with the App

To process and fulfil orders

  • Enable buyers and sellers to complete transactions

  • Share necessary order and shipping details between parties and integrated shipping providers (e.g. Easyship)

 

To facilitate payments and escrow services

  • Process payments securely via Stripe Connect

  • Hold funds in escrow and release them in accordance with Prelo’s policies and user satisfaction

 

To verify and build trust on the platform

  • Verify seller accounts and, where applicable, issue trust badges or similar trust indicators

  • Conduct checks aimed at maintaining a safe and reliable marketplace environment

 

To provide customer support

  • Respond to your questions, requests, and complaints

  • Help resolve issues with orders, payments, shipping, or account access

 

To send transactional notifications

  • Send order confirmations, payment receipts, shipping updates, dispute notifications, and other service-related messages

  • Notify you of important changes to your account, listings, or our terms and policies

 

To prevent fraud and abuse

  • Monitor accounts and transactions for suspicious or unauthorised activity

  • Detect, investigate, and help prevent fraud, abuse, security incidents, and violations of our terms

 

To comply with legal obligations

  • Meet our obligations under Australian law and any other applicable laws

  • Respond to lawful requests from regulators, law enforcement, or courts

 

To analyse usage and performance

  • Use aggregated and de-identified data to understand how the App is used

  • Improve user experience, app performance, and our business operations

 

3. How We Share Your Information

We may share your personal information in the following circumstances:

  • With Service Providers: We share your data with third-party service providers, such as payment processors (e.g., Stripe), shipping companies (e.g., Easyship), content moderation processors (e.g. ModerationAPI) and cloud providers (e.g. AWS) to facilitate transactions and services.

  • For Legal Compliance: We may disclose your information when required by law or to comply with legal obligations, such as a subpoena or regulatory request.

  • In Business Transfers: If Prelo is involved in a merger, acquisition, or sale of assets, your personal information may be transferred as part of the transaction.

 

We do not sell your personal data to third parties.

 

4. Google User Data

Our App uses Google Sign-In for authentication purposes. When you sign in with your Google account, we may access the following information from your Google account (with your consent):

  • Basic Profile Information: This may include your name, email address, and profile picture.

  • Authentication Token: We collect an authentication token to verify your identity and securely manage your session.

 

How we use your data

  • We limit our use of Google user data strictly to providing and improving user-facing features that are visible and prominent within our App’s interface. This includes personalizing your experience by pre-populating your name and email address for ease of registration and account management.

  • We do not use this data for any other purpose outside of these features, including for advertising or any other commercial use.

 

Data storage and retention

  • The information we collect is stored securely and only for as long as necessary to provide our services to you.

  • We retain your authentication token during your session, but we do not store sensitive Google user data (such as passwords or security details).

 

Data sharing

  • We do not share Google user data with third parties, except when necessary to provide or improve our App’s user-facing features, with your explicit consent.

  • We may also share data for security purposes (e.g., investigating abuse or bugs) or to comply with applicable laws.

  • In the event of a merger, acquisition, or sale of assets, user data may be transferred, but only after obtaining explicit consent from the user.

 

Limited access

  • No human will read your Google user data unless:

    • We have obtained your affirmative agreement to view specific messages, files, or other data.

    • It is necessary for security purposes, such as investigating abuse or bugs.

    • It is necessary to comply with applicable laws.

    • The data is aggregated and used for internal operations in accordance with applicable privacy and legal requirements.

 

Prohibited uses

  • We do not transfer or sell Google user data to third parties, including advertising platforms, data brokers, or resellers.

  • We do not use Google user data for serving ads, including personalized or interest-based advertising, nor for purposes such as credit-worthiness or lending.

  • We do not share or sell Google user data for any other unauthorized use.

 

Your control:

  • You can manage the data shared with our App by reviewing and adjusting your Google account permissions at any time. You can revoke access to your Google account through your Google settings.

 

5. Use of Google Maps API

Our App uses the Google Maps API to provide location-based services and features.

By using our app, you acknowledge that Google may collect, process, and store your data as part of its services. This data may include location information, IP addresses, and other data collected by the Google Maps API.

Google’s Privacy Policy governs how Google handles your data when using the Google Maps API. We encourage you to review Google’s Privacy Policy to understand how they process and protect your information. You can find Google’s Privacy Policy here: https://policies.google.com/privacy.

 

6. Data Retention

We retain personal information only for as long as is reasonably necessary to provide our services, meet legal obligations, resolve disputes, and maintain the integrity and safety of the Prelo marketplace. The specific retention periods we apply are as follows:

  • Account Data
    We retain account information for as long as your account remains active. If your account is inactive for 3 years, or if you request deletion, we will take reasonable steps to delete or de-identify your personal information, unless we are required to retain it for legal or operational reasons.

  • Transaction Records
    We retain records relating to payments, purchases, sales, invoices, and other financial transactions for 7 years, in accordance with Australian taxation, record-keeping, and corporate law requirements.

  • Support Tickets and Communications
    Messages sent to our support team, including ticket history and correspondence, are retained for 2 years after the matter is resolved. This helps us manage follow-up enquiries, resolve disputes, and detect improper activity.

  • Notifications and Delivery Logs
    Records of system-generated notifications (such as emails, push notifications, and SMS logs) are retained for 90 days to assist with troubleshooting, service delivery, and abuse detection.

  • Session Information
    Session IDs, login tokens, and similar authentication data are stored for 7 days, unless actively revoked earlier for security reasons.

  • One-Time Passwords (OTPs)
    OTP verification codes are retained only for the duration of their validity and are automatically deleted after 10 minutes. OTPs are never stored for longer than necessary to complete authentication.

 

We may retain anonymised or de-identified information for analytics, product development, and statistical purposes. Such data cannot be used to identify you and is not considered personal information under the Privacy Act 1988.

 

If you request deletion of your account or personal information, we will take reasonable steps to comply, subject to any legal obligations requiring us to retain certain data (for example, financial records required by law).

 

For detailed retention periods, see our Data Retention Policy.

 

7. Your Rights and Choices

Under the Australian Privacy Principles (APPs), you have the following rights regarding your personal information:

  • Access and Correction: You can request access to and correction of your personal information. Most of your personal information can be viewed and changed on your account with the App, and for other information please contact us using the details provided below.

  • Data Deletion: You may request that we delete your personal data, subject to certain legal and regulatory requirements. For further information on how to delete your data, see our Data Deletion page.

  • Opt-Out of Direct Marketing: You can opt-out of marketing communications by following the unsubscribe instructions included in the communication or by toggling them off in the App.

  • Data Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format.

 

If you would like to exercise any of these rights, please contact us at the contact details listed below.

 

8. Security of Your Information

We take the security of your personal information seriously and implement a combination of technical and organisational measures to protect it from misuse, interference, loss, unauthorised access, modification, or disclosure, in accordance with the Australian Privacy Principles (APP 11).

These measures include:

  • Encryption of personal information in transit and at rest

  • Secure servers, firewalls, and access-controlled environments

  • Multi-factor authentication and role-based access controls for authorised personnel

  • Monitoring and logging of access to systems storing personal information

  • Regular security assessments, testing, and updates to our systems

  • Secure development practices and risk-based controls for new features

  • Data minimisation, including retaining information only as long as necessary

  • Secure deletion and destruction procedures when information is no longer required

  • Third-party security checks, including ensuring that providers such as Stripe meet recognised industry standards (e.g. PCI DSS)

 

Despite our efforts, no method of electronic transmission or storage is completely secure. If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner in accordance with the Notifiable Data Breaches scheme.

9. Children's Privacy

Prelo is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If we discover that we have collected personal data from a child under 18, we will take steps to delete the information as soon as possible. If you believe we have collected data from a child, please contact us immediately.

10. International Data Transfers

Prelo operates with international service providers, and your personal data may be transferred to and processed in countries outside Australia where data protection laws may differ. If we transfer your data overseas, we will take reasonable steps to ensure that your personal data is handled in accordance with the Australian Privacy Principles (APPs), including ensuring that the recipient provides an adequate level of protection.

11. Trust Badge Identity Verification

Our App offers an optional identity verification feature (“Trust Badge”) to promote confidence and safety within our community. If you choose to verify your identity, we would collect the following information directly from you:

  • A photograph or scan of an identity document (such as a driver licence, passport, or other government-issued ID)

  • A photograph or scan of an proof of address

 

We collect and use this information to:

  • confirm your identity;

  • help prevent fraud, impersonation, or misuse of the platform; and

  • display your verified status to other users.

 

Identity verification is voluntary. All verification data is stored securely in Australia in encrypted form and is accessible only to authorised Prelo personnel who require access for verification and compliance purposes.

 

Raw ID documents and photos are retained for a maximum of 90 days after verification is completed, unless a longer period is required by law or for the resolution of a dispute. After that period, images of ID documents and biometric data are securely destroyed (permanently deleted or irreversibly anonymised). We retain minimal metadata such as your verification status, document type, date of verification, and expiry date for audit and user-support purposes.

 

We will not share your identity documents or biometric data with third parties unless:

  • we are required to do so by law or regulatory request; or

  • you consent to a disclosure for a specific purpose (for example, dispute resolution).

12. Cookies and Tracking Technologies

Prelo uses cookies, device identifiers, and similar tracking technologies (“Cookies”) to operate the Platform, enhance user experience, improve performance, analyse usage, and support security and fraud prevention. We also use Cookies to provide personalised features and deliver relevant content and marketing.

 

Cookies may be placed on your device by Prelo (first-party cookies) or by third-party service providers (third-party cookies).

Types of Cookies We Use

1. Essential and Functional Cookies

These Cookies are necessary for the operation of the Platform. They enable core functions such as account login, security, fraud detection, and session management. The Platform cannot function properly without these Cookies.

2. Performance and Analytics Cookies

These Cookies help us understand how Users interact with the Platform, diagnose issues, and improve Platform performance. We may use third-party analytics tools (such as Google Analytics or similar services) to collect aggregated and anonymised information about Platform usage.

3. Security and Fraud Prevention Cookies

These Cookies assist with detecting suspicious behaviour, preventing unauthorised access, protecting accounts, and maintaining the integrity of the Platform.

 

4. Marketing and Personalisation Cookies

Where permitted, these Cookies help us show content or ads that may be relevant to you, measure the effectiveness of our marketing campaigns, and understand how Users engage with promotions. Third-party partners (such as advertising or attribution tools) may set Cookies to assist with these functions.

 

Third-Party Cookies

Certain third-party service providers that support the operation of the Platform may use their own Cookies, including:

  • Stripe (payment and security cookies)

  • Easyship / courier partners (shipping and tracking cookies where applicable)

  • Analytics providers (e.g., Google Analytics, Firebase)

  • Marketing and attribution tools

  • Cloud hosting and content delivery services

 

These third parties may collect information about your browsing behaviour across Prelo and other websites or apps, in accordance with their own privacy policies.

 

Managing or Disabling Cookies

You may be able to manage or disable Cookies through your browser, device, or operating system settings. If you disable certain Cookies, some features of the Platform may not function correctly or may become unavailable.

 

Consent to Cookies

By using the Platform, you consent to our use of Cookies as described in this Privacy Policy. If you do not agree with the use of Cookies, you should adjust your device settings or discontinue use of the Platform.

13. Direct Marketing

We may use your personal information to send you marketing communications, such as promotional offers, new feature updates, and other information related to Prelo. If you no longer wish to receive these communications, you can opt-out by following the unsubscribe instructions in the communication or by toggling them off in the App.

14. Data Breaches

In the event of a data breach that may result in serious harm, we will notify the affected individuals and the Office of the Australian Information Commissioner (OAIC), in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the revised policy on this page and update the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. If the changes are material or affect how we handle your personal information, we will notify you through the App or via email.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us at: contact@prelo.com.au

You may also contact the Office of the Australian Information Commissioner (OAIC) for further privacy-related inquiries:
Website: https://www.oaic.gov.au/
Phone: 1300 363 992

bottom of page