Privacy Policy

DRIVE WITH US

ABN: 23 803 781 283

Trading as: DRIVE WITH US

Last Updated: 18th March 2026

1. 1. Introduction

      DRIVE WITH US ("we", "us", "our") is committed to protecting the privacy of your personal information. This Privacy Policy explains how we collect, use, store, and disclose personal information through our website at https://drivewithus.com.au (the "Website") and our application, including the Google Calendar Integration described in Section 12.

      This Privacy Policy applies to the Website and its integrated features. Our driving lesson booking services are subject to Terms and Conditions available at https://drivewithus.com.au/terms-and-conditions/

      We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in that Act. Our use of Google API data also complies with the Google API Services User Data Policy, including the Limited Use requirements.

1. 1. Information We Collect

      1. Personal Information You Provide

         When you use our booking system or create a student profile, we may collect the following personal information:

         • Name (first and last name)
         • Email address
         • Phone number
         • Date of birth
         • Driving licence number
         • Driving licence state and type (e.g., learners, provisional, full)
         • Driving experience level
         • Referral source (how you heard about us)
         • SMS notification preference (opt-in)

         When purchasing gift vouchers, we also collect:

         • Recipient name and email address
         • A personal message (optional)

      2. Audio Recording Consent

         During the booking process, we collect your consent regarding in-car audio recording during driving lessons. The collection and use of audio recordings is governed by our Terms and Conditions at https://drivewithus.com.au/terms-and-conditions/

      3. Payment Information

         Payments are processed securely by third-party providers — Stripe and PayPal — via WooCommerce. We do not store your credit card numbers, bank account details, or other financial payment information on our systems. Please refer to the privacy policies of Stripe and PayPal for information on how they handle your payment data.

      4. Technical and Usage Data

         When you visit the Website, we may automatically collect:

         • IP address
         • Browser type and version
         • Device type and operating system
         • Pages visited and time spent on pages
         • Referring website or source
         • Date and time of access

         This data is collected through Google Analytics and is used in an anonymised and aggregated form. We do not use this data to personally identify you.

      5. Cookies

         Our Website uses cookies — small text files stored on your device — for the following purposes:

         • Essential cookies — Website functionality, user sessions, and shopping cart (WordPress, WooCommerce)
         • Analytics cookies — Website usage statistics and improvement (Google Analytics)

         You can manage or disable cookies through your browser settings. Please note that disabling essential cookies may affect the functionality of the Website, including the booking system and shopping cart.

      6. Google Calendar Data (Drivers and Site Administrators Only)

         When an authorised driver or site administrator connects their Google account to our application, we request access to the following Google Calendar data via OAuth 2.0:

         • calendar.events — read and write access to calendar events
         • calendar.readonly — read-only access to calendar information

         Specifically, we may access:

         • Calendar event details — including event titles, descriptions, start and end times, and attendees
         • Calendar metadata — including calendar names and identifiers

         We do not access any other Google account data, including Gmail, Google Drive, Contacts, or any other Google services.

1. 1. How We Use Your Information

      We use your personal information for the following purposes:

      • Providing our services — to manage your student profile, process bookings, and operate the Website
      • Transactional communications — to send you booking confirmations, reminders, voucher details, and other service-related notifications via email
      • SMS notifications — to send you booking reminders and service notifications via SMS (Twilio), only where you have opted in. These are transactional messages only — we do not send marketing SMS
      • Payment processing — to process payments for bookings and gift vouchers through our third-party payment providers
      • Website analytics — to understand how visitors use the Website and to improve its performance and content (via Google Analytics)
      • Legal compliance — to comply with applicable laws, regulations, and legal obligations

      We do not use your personal information for email marketing or SMS marketing purposes. All communications are transactional and directly related to the services you have requested.

      For details on how we use Google Calendar data, see Section 12.

1. 1. Disclosure of Your Information

      We do not sell, rent, or trade your personal information to third parties.

      We may share your personal information with the following categories of third-party service providers, solely for the purposes described in this Policy:

      • Stripe / PayPal (via WooCommerce) — payment processing. Data shared: payment transaction details (we do not share your profile data)
      • Google Analytics — website analytics. Data shared: anonymised usage data (IP addresses are anonymised)
      • Twilio — SMS notifications. Data shared: phone number and message content for transactional SMS only
      • Alex Kebbell — website hosting and data storage. All Website data is stored on their servers

      We may also disclose your information where required by law, regulation, or court order, or to protect our legal rights.

      We do not share, sell, rent, or disclose your Google Calendar data to any third party. Your Google data is used exclusively within our application for the purposes described in Section 12.

1. 1. Data Storage and Security

      1. Storage

         Your personal information is stored securely on servers located in Australia. Your student profile and booking data are stored in a secure database and are not shared with any third parties beyond those listed in Section 4.

      2. Security Measures

         We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, and disclosure, including:

         • Secure Socket Layer (SSL) encryption for all data transmitted through the Website
         • OTP-based authentication (no stored passwords) with time-limited verification codes
         • Session tokens with 24-hour expiry
         • Encryption of OAuth tokens at rest
         • Secure HTTPS connections for all API communications
         • Access controls limiting who can view personal information and limiting token access to authorised application processes only
         • Regular security updates and maintenance

         While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee the absolute security of your data.

1. 1. Your Rights

      Under the Australian Privacy Principles, you have the right to:

      • Access your personal information that we hold
      • Request correction of any inaccurate, incomplete, or outdated information
      • Request deletion of your personal information (subject to any legal obligations we may have to retain it)
      • Opt out of SMS notifications at any time through your student dashboard or by contacting us
      • Withdraw consent for audio recording (subject to the Booking Terms and Conditions)
      • Disconnect the Google Calendar Integration and have your OAuth tokens deleted (see Section 12)

      How to Make a Request

      To exercise any of these rights, please contact us using the details in Section 11. We will respond to your request within 30 days.

      We will not charge you for making a request or for providing access to your information, unless the request is manifestly unfounded or excessive.

1. 1. Children's Privacy

      Our Website and services are intended for individuals aged 16 years and older. We do not knowingly collect personal information from children under 16. If we become aware that we have inadvertently collected personal information from a child under 16, we will take steps to delete that information as soon as possible.

      If you believe a child under 16 has provided us with personal information, please contact us using the details in Section 11.

1. 1. Data Retention

      We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, or as required by law. Specifically:

      • Student profiles and booking history — retained as required for legal and regulatory compliance
      • Email and SMS logs — retained for service delivery records
      • Payment records — retained as required by Australian tax and financial reporting laws
      • Analytics data — retained in anonymised form as configured in Google Analytics
      • OAuth tokens — retained only while the Google Calendar Integration remains connected; immediately deleted upon disconnection
      • Booking event data created via the Integration — retained as part of your booking records
      • External calendar event data (read for availability purposes) — not permanently stored; used only in real time

      You may request deletion of your personal information at any time (see Section 6), subject to our legal retention obligations.

1. 1. Changes to This Privacy Policy

      We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Any changes will be posted on this page with an updated "Last Updated" date.

      We encourage you to review this Privacy Policy periodically. Your continued use of the Website or the Google Calendar Integration after any changes constitutes your acceptance of the updated Policy.

1. 1. Google API Services User Data Policy Compliance

      Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

      • We only use Google data for the purposes described in this Policy
      • We do not transfer Google data to third parties except as necessary to provide the service
      • We do not use Google data for serving advertisements
      • We do not allow humans to read Google data unless we have your affirmative consent, it is necessary for security purposes, or it is required by law

1. 1. Contact Us and Complaints

      If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or would like to make a complaint about how we have handled your personal information, please contact us:

      Business Name: DRIVE WITH US
      Address: Manningham SA 5086 Australia
      Email: admin@drivewithus.com.au
      Phone: 0437 294 109

      We will investigate all complaints and respond within 30 days.

      Office of the Australian Information Commissioner (OAIC)

      If you are not satisfied with our response to your complaint, you may lodge a complaint with the Office of the Australian Information Commissioner:

      Website: www.oaic.gov.au
      Phone: 1300 363 992
      Email: enquiries@oaic.gov.au
      Address: GPO Box 5218, Sydney NSW 2001

1. Google Calendar Integration (Drivers and Site Administrators Only)

   This section applies exclusively to authorised drivers and site administrators of DRIVE WITH US who connect their Google account to the DRIVE WITH US application.

   1. How We Use Your Google Calendar Data

      We use Google Calendar data solely for the following purposes:

      • Creating booking events — when a driving lesson is booked, we create a corresponding event on the connected Google Calendar
      • Updating booking events — when a booking is rescheduled or modified, we update the corresponding calendar event
      • Removing booking events — when a booking is cancelled, we remove the corresponding calendar event
      • Reading external events — we read existing calendar events to determine availability and prevent scheduling conflicts

      We do not use your Google Calendar data for advertising, marketing, promotional purposes, selling or sharing with third parties, or any purpose unrelated to driving lesson scheduling and availability management.

   2. OAuth Token Storage

      When you authorise the Integration, we receive OAuth tokens (access token and refresh token) from Google. These tokens are:

      • Encrypted before being stored in our application database
      • Used solely to maintain the connection to your Google Calendar
      • Never shared with any third party

   3. Revoking Access

      You can revoke our access to your Google Calendar data at any time by:

      • Disconnecting within our application — use the calendar settings in the application admin panel to disconnect your Google Calendar. This will delete your stored OAuth tokens.
      • Revoking via Google — visit your Google Account Permissions page (myaccount.google.com/permissions), find DRIVE WITH US, and click "Remove Access".

      After revocation, we will no longer be able to access your Google Calendar. Any future booking events will not be synced until you reconnect.