Privacy Policy

This Privacy Policy explains how PointMate Pty Ltd ("we", "us", "our", or "PointMate") handles information when you use the PointMate mobile application (the "App"). We publish this policy voluntarily because we believe in transparency about how the App works, even where we may not be legally required to do so. This policy describes what information is and is not collected, how third-party services operate within the App, and how you can contact us with questions.

1. Who We Are

The App is operated by PointMate Pty Ltd (ACN 697 700 860), located in Melbourne, Victoria, Australia. For privacy enquiries, contact us at support@pointmate.au.

2. Information We Collect

The App is designed with privacy as a core principle. Most information you enter for calculations is stored locally on your device. We do not currently maintain user accounts or a cloud database for your entered balances, wallet entries, or savings logs. However, the App uses limited third-party services for subscriptions, analytics, crash reporting, and advertising, as explained below.

2.1 User-entered calculation data (stored locally on your device)

Credit card selections, loyalty program balances, points calculations, savings logs, PM Wallet card entries, custom card entries, goals, and app preferences are stored locally on your device using on-device storage. This data is not transmitted to PointMate Pty Ltd or any third party. If you uninstall the App or clear your device's app data, this locally stored information will be permanently deleted.

All locally stored data persists between sessions for both free and Premium users. Free users are subject to capacity limits on certain features (for example, the number of cards in Pay or programs in Portfolio), but their entered data is saved and reloaded each time the App is opened. In all cases, this data remains on your device and is not sent to our servers.

2.2 Subscription and entitlement data

If you purchase a Premium subscription, payment is processed by Apple (via the App Store) or Google (via the Play Store). We use RevenueCat as our subscription management platform. RevenueCat receives an anonymous app user identifier and your purchase and subscription history to verify your entitlement to Premium features.

We do not receive your name, email address, payment card details, bank account information, or billing address through this process. We receive only your anonymous subscription status (whether you are a free or Premium user and whether your subscription is active).

2.3 Analytics data

We use Firebase Analytics (provided by Google) to understand how the App is used and to improve it. Firebase Analytics automatically collects:

• A pseudo-anonymous app-instance identifier (Firebase Installation ID)
• Device type, operating system version, screen size, language, and app version
• Approximate city-level location (derived from your device's IP address, not GPS)
• Screen views and feature usage events (for example, that a user performed a calculation on the Pay tab — but not the amounts, balances, or card details entered)

We also set two non-identifying user properties: your device platform (iOS or Android) and your subscription status (free or Premium).

Firebase Analytics does not collect your name, email address, loyalty program balances, card selections, savings amounts, or any other information you enter into the App. We do not use analytics data to identify individual users by name, although Firebase assigns an app-instance identifier that is unique to your installation of the App.

2.4 Crash and diagnostic data

We use Firebase Crashlytics (provided by Google) to automatically collect crash reports and diagnostic information when the App encounters an error. This includes device state, stack traces, a Crashlytics installation identifier, and operating system version. Crash reports may also include contextual information such as which screen was active or which operation failed, but never your balances, card details, or anything else you enter. This data is used solely to identify and fix bugs and improve App stability. We do not use crash data to identify individual users by name.

2.5 Advertising data (free tier only)

If you use the free version of the App, non-personalised advertisements are served by Google AdMob. The App is configured to serve non-personalised ads only — ads are not targeted based on your activity, interests, or identity. Even in non-personalised mode, the AdMob SDK may collect limited technical data (such as IP address for general geographic ad serving, device type, and ad interaction data) for fraud prevention and ad delivery purposes. The App does not request or use the Android Advertising ID.

Premium subscribers do not see advertisements and the AdMob SDK does not serve ads or collect ad-related data for them.

2.6 Support communications

If you contact us at support@pointmate.au, we will receive your email address and any information you choose to include in your message. We use this information solely to respond to your enquiry and do not add it to any marketing list or share it with third parties.

2.7 Local notifications

If you grant notification permission, the App may schedule local on-device notifications such as card cancel-by date reminders from PM Wallet. These notifications are generated and delivered entirely on your device. We do not currently send remote or marketing push notifications, and do not collect or transmit a push notification token to any server.

3. How We Use Your Information

We use the limited information we collect to:

• Provide and maintain the App and its features;
• Process and manage your Premium subscription via Apple, Google, and RevenueCat;
• Analyse usage patterns via Firebase Analytics to improve the App;
• Monitor App stability and fix crashes via Firebase Crashlytics;
• Serve non-personalised advertisements to free-tier users via Google AdMob;
• Schedule local on-device notifications (e.g. card cancel-by reminders);
• Respond to your support enquiries;
• Comply with legal obligations.

4. Information We Do NOT Collect

We do not collect, access, or store:

• Your loyalty program account credentials or login details;
• Your actual loyalty program balances (you enter these manually);
• Your credit card numbers, bank account details, or financial account information;
• Your precise location (GPS);
• Your contacts, photos, or other personal files;
• Any information from linked loyalty program accounts (we do not connect to loyalty program APIs). The App is a standalone calculator and comparison tool.

5. Data Storage and Security

As described in Section 2.1, your entered calculation data, card selections, and preferences are stored locally on your device. We do not operate a cloud database for this data. If you uninstall the App or clear your device's app data, this locally stored information will be permanently deleted.

Premium subscription status is verified through RevenueCat and the relevant app store (Apple App Store or Google Play Store) and may be cached locally on your device.

We implement reasonable security measures appropriate for the nature of the data we handle. No method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security. Data transmitted to third-party services (Firebase, RevenueCat, AdMob) is encrypted in transit.

6. Third-Party Services

The App uses the following third-party services:

(a) Apple App Store / Google Play Store: For app distribution and subscription payment processing. Subject to Apple's Privacy Policy or Google's Privacy Policy respectively.

(b) RevenueCat: For subscription management across platforms. RevenueCat receives an anonymous app user identifier and purchase history to verify subscription entitlements. We do not pass names, email addresses, or other identifying subscriber attributes to RevenueCat. Subject to RevenueCat's Privacy Policy (https://www.revenuecat.com/privacy).

(c) Firebase Analytics (Google): For usage analytics. Firebase collects an app-instance identifier, device and app metadata, screen views, and feature usage events as described in Section 2.3. Subject to Google's Privacy Policy (https://policies.google.com/privacy).

(d) Firebase Crashlytics (Google): For crash reporting and App stability monitoring. Crashlytics collects crash logs, device state, and diagnostic data as described in Section 2.4. Subject to Google's Privacy Policy.

(e) Google AdMob (free tier only): For serving non-personalised advertisements to free-tier users. AdMob collects limited technical data for ad delivery and fraud prevention as described in Section 2.5. Ads are not personalised or targeted based on user behaviour. Subject to Google's Privacy Policy.

We do not sell, trade, or rent your personal information to third parties.

7. Children's Privacy

The App is not directed at persons under the age of 18. We do not knowingly collect personal information from persons under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@pointmate.au and we will take steps to delete such information.

8. Your Rights

We welcome privacy enquiries. Because most of the data you enter into the App is stored locally on your device and is not held by us centrally, you can view, modify, or delete that data at any time within the App or by clearing the App's data in your device settings.

If you would like to enquire about, access, correct, or request deletion of any information that we or our third-party service providers may hold (such as analytics data, crash reports, or subscription records), please contact us at support@pointmate.au. We will consider and respond to all reasonable requests.

If you are not satisfied with our response to a privacy enquiry, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au for further guidance.

9. Data Retention

Locally stored data persists on your device until you delete it via "Clear all app data" in the App's settings. On both iOS and Android, your device's operating system may include the App's data in your device-level cloud backup (Google Drive Backup on Android, iCloud Backup on iOS) if you have those features enabled. If you uninstall and reinstall the App on a device that has previously backed up, the operating system will automatically restore your data. To prevent this, disable cloud backup in your device's system settings before uninstalling, or use "Clear all app data" first. We do not retain copies of your locally stored data.

If you subscribe to Premium, your subscription transaction records are retained by Apple or Google in accordance with their respective data retention policies. RevenueCat retains subscription entitlement data in accordance with its data retention policy. We do not maintain our own subscription database; subscription status is verified in real time via RevenueCat.

Firebase Analytics data is retained by Google in accordance with the retention settings configured in the Firebase console. Crashlytics data is retained by Google for 90 days.

10. International Data Transfers

While the App is Australian, some third-party services we use (including Firebase, RevenueCat, Google AdMob, and app store providers) may process data outside of Australia, including in the United States. These services maintain their own privacy policies and security practices. Data transmitted to these services is encrypted in transit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated Privacy Policy within the App and updating the "Last updated" date at the top of this document. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: support@pointmate.au

Website: pointmate.au

© 2026 PointMate Pty Ltd. All rights reserved.