Skip to main content
Flashaudit
LearnSign InRun Free Audit

Privacy Policy

Last updated: 13 April 2026
Effective date: 13 April 2026

1. Who We Are

This Privacy Policy explains how Parallax Labs Limited (NZBN 9429053481269), trading as Flashaudit.io (“we”, “us”, “our”), collects, uses, and protects personal information when you use Flashaudit.io at flashaudit.io. We are based in Auckland, New Zealand and operate under the New Zealand Privacy Act 2020. We also comply with the EU General Data Protection Regulation (GDPR) for users in the European Economic Area.

2. Information We Collect

We collect the following personal information:

  • Account information: name, email address, and password (hashed) when you register
  • Authentication data: if you sign in with Google, we receive your name and email from Google
  • Usage data: websites you audit, audit results, feature usage, and activity within the Service
  • Payment information: billing details processed by Stripe. We do not store card numbers — Stripe handles all payment data
  • Technical data: IP address, browser type, device type, and log data collected automatically

3. How We Use Your Information

We use your information to:

  • Provide, operate, and improve the Service
  • Process payments and manage your subscription
  • Send transactional emails (account confirmation, audit complete notifications)
  • Send marketing and reminder emails (tips, product updates, re-engagement campaigns) - you can opt out anytime from your Account Settings
  • Respond to support requests
  • Detect and prevent abuse or unauthorised access
  • Comply with legal obligations

We do not sell your personal information to third parties.

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area, our legal basis for processing your personal information is:

  • Contract: processing necessary to provide the Service you have signed up for
  • Legitimate interests: improving the Service, security monitoring, and preventing abuse
  • Legal obligation: complying with applicable laws
  • Consent: where we request it (e.g. marketing communications)

5. Sharing and Accessing Your Information

We share your information only with:

  • Stripe — payment processing (https://stripe.com/privacy)
  • Google — authentication via Google OAuth (https://policies.google.com/privacy)
  • Neon — database hosting for storing your account and audit data
  • Vercel — hosting and serving the application
  • Legal authorities — where required by law or to protect our rights

All third-party processors are required to handle your data in accordance with applicable privacy laws.

6. Data Storage and Transfers

Your data may be stored and processed outside New Zealand, including in the United States. Where we transfer personal information outside New Zealand, we ensure comparable privacy protections are in place as required by the Privacy Act 2020 Information Privacy Principle 12.

7. Data Retention

We keep your account data while your account is active. You can delete your account from your Account Settings at any time. Deletion happens right away. Your personal information, audit data, and account records are removed from our database at that point. Some records like transaction logs kept by Stripe cannot be deleted and will be kept only if required by financial regulations.

8. Your Rights

Depending on your location, you have the following rights:

All users (NZ Privacy Act 2020):

  • Right to access your personal information
  • Right to correct inaccurate information
  • Right to request deletion of your information
  • Right to opt out of marketing emails - toggle off from your Account Settings at any time

EEA users (GDPR):

  • Right to access, rectification, erasure (“right to be forgotten”)
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your local supervisory authority

You can delete your account and data right away from your Account Settings. You do not need to contact us for deletion. For all other rights (access, correction, portability, restriction) or if deletion through Account Settings does not work, contact us at flashaudit@parallaxlabs.co.nz. We will respond within 20 working days as required under the Privacy Act 2020.

9. Cookies and Tracking

We use session cookies necessary for authentication. We do not use advertising or tracking cookies. We may use basic analytics to understand how users interact with the Service. We do not place Google Analytics tracking cookies on our website.

10. Children’s Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with their information, contact us and we will delete it promptly.

11. Security

We implement appropriate technical and organisational measures to protect your personal information, including encrypted data transmission (HTTPS), hashed passwords, and access controls. In the event of a privacy breach that poses a risk of harm, we will notify affected users and the New Zealand Privacy Commissioner as required by law.

12. Privacy Officer

As required by the New Zealand Privacy Act 2020, Parallax Labs Limited has designated a privacy officer. You can contact our privacy officer at flashaudit@parallaxlabs.co.nz.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via the Service. The date of the latest update is shown at the top of this page.

14. Contact Us

For any privacy-related questions or to exercise your rights:

Parallax Labs Limited
Privacy Officer
Email: flashaudit@parallaxlabs.co.nz
Website: https://flashaudit.io

For EEA users: if you are not satisfied with our response, you have the right to lodge a complaint with your national data protection authority.