Flashaudit
LearnSign InRun Free Audit

Privacy Policy

Last updated: 21 April 2026
Effective date: 21 April 2026

1. Who We Are

This Privacy Policy explains how Parallax Labs Limited (NZBN 9429053481269), trading as FlashAudit ("we", "us", "our"), collects, uses, and protects personal information when you use FlashAudit at flashaudit.io. We are based in Auckland, New Zealand and operate under the New Zealand Privacy Act 2020. We also comply with the EU General Data Protection Regulation (GDPR) for users in the European Economic Area.

2. Information We Collect

We collect the following personal information:

  • Account information: name, email address, and password (hashed) when you register
  • Authentication data: if you sign in with Google, we receive your name and email from Google
  • Usage data: websites you audit, audit results, feature usage, and activity within the Service
  • Payment information: billing details processed by Stripe. We do not store card numbers — Stripe handles all payment data
  • Technical data: IP address, browser type, device type, and log data collected automatically

3. How We Use Your Information

We use your information to:

  • Provide, operate, and improve the Service
  • Process payments and manage your subscription
  • Send transactional emails (account confirmation, audit complete notifications)
  • Respond to support requests
  • Detect and prevent abuse or unauthorised access
  • Comply with legal obligations

We do not sell your personal information to third parties.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area, our legal basis for processing your personal information is:

  • Contract: processing necessary to provide the Service you have signed up for
  • Legitimate interests: improving the Service, security monitoring, and preventing abuse
  • Legal obligation: complying with applicable laws
  • Consent: where we request it (e.g. marketing communications)

5. Sharing Your Information

We share your information only with:

  • Stripe — payment processing (https://stripe.com/privacy)
  • Google — authentication via Google OAuth (https://policies.google.com/privacy)
  • Neon — database hosting for storing your account and audit data
  • Vercel — hosting and serving the application
  • Legal authorities — where required by law or to protect our rights

All third-party processors are required to handle your data in accordance with applicable privacy laws.

6. Data Storage and Transfers

Your data may be stored and processed outside New Zealand, including in the United States. Where we transfer personal information outside New Zealand, we ensure comparable privacy protections are in place as required by the Privacy Act 2020 Information Privacy Principle 12.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal information within 30 days, except where we are required to retain it by law.

8. Your Rights

Depending on your location, you have the following rights:

All users (NZ Privacy Act 2020):

  • Right to access your personal information
  • Right to correct inaccurate information
  • Right to request deletion of your information

EEA users (GDPR):

  • Right to access, rectification, erasure ("right to be forgotten")
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local supervisory authority

To exercise any of these rights, contact us at flashaudit@parallaxlabs.co.nz. We will respond within 20 working days as required under the Privacy Act 2020.

9. Cookies and Tracking

We use session cookies necessary for authentication. We do not use advertising or tracking cookies. We may use basic analytics to understand how users interact with the Service.

10. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with their information, contact us and we will delete it promptly.

11. Security

We implement appropriate technical and organisational measures to protect your personal information, including encrypted data transmission (HTTPS), hashed passwords, and access controls. In the event of a privacy breach that poses a risk of harm, we will notify affected users and the New Zealand Privacy Commissioner as required by law.

12. Privacy Officer

As required by the New Zealand Privacy Act 2020, Parallax Labs Limited has designated a privacy officer. You can contact our privacy officer at flashaudit@parallaxlabs.co.nz.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via the Service. The date of the latest update is shown at the top of this page.

14. Contact Us

For any privacy-related questions or to exercise your rights:

Parallax Labs Limited
Privacy Officer
Email: flashaudit@parallaxlabs.co.nz
Website: https://flashaudit.io

For EEA users: if you are not satisfied with our response, you have the right to lodge a complaint with your national data protection authority.