TowMate

Privacy Policy

Last updated: 18 June 2026
Draft pending legal review. This policy is a starting point tailored to the TowMate platform. Placeholders marked [like this] must be completed and the document reviewed by a qualified Australian legal practitioner before it is relied upon.

This Privacy Policy explains how [Legal entity name] (ABN [ABN]) ("TowMate", "we", "us", "our") collects, uses, discloses, and protects personal information when you use the TowMate platform, including the TowAlerts consumer app, the TowMate driver app, the Fleet Console (alerts.tow.systems), and this website (together, the "Services").

We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By using the Services, you agree to the collection and use of information as described in this policy.

Contents
  1. Information we collect
  2. Location information
  3. How we use information
  4. When we disclose information
  5. Third-party services
  6. Data retention
  7. Security
  8. Your rights and choices
  9. Children
  10. Overseas disclosure
  11. Changes to this policy
  12. Contact us

1. Information we collect

We collect the following categories of personal information, depending on how you use the Services:

  • Account information — your email address and authentication credentials, managed through Amazon Cognito. For fleet users, this may include your name, the operator/fleet you belong to, and your assigned role.
  • Location information — see Section 2.
  • Device and technical information — device type, operating system, app version, push-notification tokens, and diagnostic logs.
  • Usage information — your alert-region preferences, notification settings, and how you interact with incidents and features in the app.
  • Communications — information you provide when you contact us at support@tow.systems, including the contents of your message.

We do not intentionally collect sensitive information (as defined in the Privacy Act) and ask that you do not send it to us unless necessary.

2. Location information

Location is central to the Services. With your permission, we collect your device's geographic location to show relevant nearby road incidents and, for fleet drivers, to share live unit location with your operator's dispatch.

  • You control location access through your device's permission settings, and you can revoke it at any time. Some features will not work without location access.
  • Driver location is shared with your fleet operator only while you are on duty and the app is in use, and is subject to quiet-hours and status controls within the app.
  • We use location data to operate the Services and do not sell it.

3. How we use information

We use personal information to:

  • provide, operate, and improve the Services, including delivering real-time incident alerts;
  • authenticate you and secure your account;
  • send push notifications and service communications you have opted into;
  • provide fleet operators with live driver location and unit status they are authorised to see;
  • respond to your support requests;
  • process payments and manage subscriptions (via our payment provider — see Section 5); and
  • comply with our legal obligations and enforce our Terms of Service.

4. When we disclose information

We may disclose personal information to:

  • Your fleet operator, where you use the Services as a driver under that operator's account;
  • Service providers who help us run the Services (see Section 5), under confidentiality obligations;
  • Authorities, where required or authorised by law; and
  • A successor entity in connection with a sale, merger, or restructure of our business.

We do not sell your personal information.

5. Third-party services

We rely on reputable third parties to deliver the Services, including:

  • Amazon Web Services (AWS) — hosting, authentication (Cognito), storage, and email;
  • Map and routing providers — to display maps and incident locations;
  • Push-notification providers — to deliver alerts to your device; and
  • Stripe — to process payments. Card details are handled by Stripe and are not stored by us. See Stripe's privacy policy at stripe.com/privacy.

Road-incident data is sourced from official and community feeds; that information is about events, not about you.

6. Data retention

We keep personal information only for as long as needed for the purposes described in this policy, to meet legal obligations, resolve disputes, and enforce our agreements. Location history is retained only as long as necessary to operate the Services. When information is no longer required, we take reasonable steps to delete or de-identify it.

7. Security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure — including encryption in transit, access controls, and use of trusted infrastructure providers. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Your rights and choices

You may:

  • Access and correct the personal information we hold about you;
  • Withdraw consent for location or notifications via your device settings;
  • Request deletion of your account and associated data; and
  • Make a complaint about how we have handled your information.

To exercise any of these, email support@tow.systems. We will respond within a reasonable period. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

9. Children

The Services are not directed at children under 15, and we do not knowingly collect their personal information. If you believe a child has provided us information, contact us and we will take appropriate steps to delete it.

10. Overseas disclosure

Some of our service providers (including AWS and Stripe) may store or process information outside Australia. Where this occurs, we take reasonable steps to ensure your information is handled consistently with the APPs.

11. Changes to this policy

We may update this policy from time to time. The "Last updated" date above reflects the latest version, and material changes will be communicated through the Services where appropriate.

12. Contact us

For any privacy question or request, contact us at:
Email: support@tow.systems
Entity: [Legal entity name, ABN]
Address: [Registered business address]