PRIVACY POLICY FOR PAY-PER-USE INTERNET HOTSPOT SERVICE

Last Updated: September 13, 2025

Effective Date: September 13, 2025

1. ABOUT THIS PRIVACY POLICY

This Privacy Policy explains how doofnet ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal information when you use our pay-per-use internet hotspot service (the "Service").

We are committed to protecting your privacy and handling your personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and other applicable privacy laws.

Our Contact Information:

• Company Name: doofnet
• Address: Islington, NSW, Australia
• Phone: 0493 322 336
• Email: doofnetaus@gmail.com

2. WHAT PERSONAL INFORMATION WE COLLECT

2.1 Information You Provide During Checkout

When you purchase access to our hotspot service, we collect:

• Full name (first and last name)
• Email address
• Phone number
• Payment information (credit/debit card details, processed securely through our payment gateway)

2.2 Information Automatically Collected

When you use our Service, we automatically collect:

• Device information (MAC address, device type, operating system)
• Usage data (bandwidth consumption, session duration, time of access)
• Location data (general location of hotspot access)
• Network data (IP address assigned during session, connection timestamps)

2.3 Information We Do Not Collect

We do not collect or monitor:

• Content of your communications (emails, messages, web browsing history)
• Websites you visit while using our Service
• Files you download or upload
• Personal conversations or communications content

3. HOW WE COLLECT YOUR INFORMATION

3.1 Direct Collection

We collect personal information directly from you when you:

• Purchase internet access through our payment portal
• Contact us for customer support
• Make inquiries about our Service

3.2 Automatic Collection

We automatically collect technical information when you:

• Connect to our hotspot network
• Use our internet access service
• Complete transactions through our payment system

3.3 Third Party Collection

We may receive information from:

• Payment processors (transaction confirmation and fraud prevention)
• Service providers who assist with our operations
• Network infrastructure providers who support our hotspot service

4. WHY WE COLLECT AND USE YOUR PERSONAL INFORMATION

4.1 Primary Purposes

We collect and use your personal information to:

• Provide internet access services and process payments
• Verify your identity and prevent fraudulent transactions
• Manage billing and receipts for your purchases
• Ensure network security and prevent misuse of our Service
• Comply with legal obligations under applicable laws

4.2 Secondary Purposes

We may also use your information to:

• Improve our services and network performance
• Conduct customer satisfaction research (with your consent)
• Send important service notifications (technical issues, policy changes)
• Resolve customer support inquiries and complaints

4.3 Legal Basis for Processing

We process your personal information based on:

• Contractual necessity to provide our Service
• Legal compliance with Australian laws
• Legitimate business interests in operating our network securely
• Your consent where explicitly provided

5. HOW WE DISCLOSE YOUR PERSONAL INFORMATION

5.1 Service Providers

We may disclose your information to trusted third parties who assist us, including:

• Payment processors (for secure transaction processing)
• IT service providers (for system maintenance and support)
• Network infrastructure providers (for hotspot operations)
• Professional advisors (legal, accounting, and business consultants)

5.2 Legal Requirements

We may disclose your information when required by law, including:

• Law enforcement agencies (pursuant to valid warrants or court orders)
• Regulatory authorities (ACMA, OAIC, or other government agencies)
• Legal proceedings (court orders, subpoenas, or dispute resolution)
• Emergency situations (to protect safety and prevent harm)

5.3 Business Transfers

In the event of a merger, acquisition, or sale of our business, your personal information may be transferred to the new entity, subject to the same privacy protections.

5.4 What We Don't Disclose

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. OVERSEAS DISCLOSURE

6.1 Payment Processing

Your payment information may be processed by payment service providers located overseas, including in the United States and other countries where major payment processors operate.

6.2 Cloud Services

Some of our technical infrastructure uses cloud services that may store or process data overseas, including:

• Data centers in Australia, United States, and other regions
• Backup systems for data protection and recovery

6.3 Data Protection

When we disclose personal information overseas, we:

• Ensure recipients provide equivalent privacy protection
• Use contractual safeguards to protect your information
• Comply with APP 8 requirements for overseas disclosure

7. DATA RETENTION

7.1 Information Retention Periods

We retain personal information for the following periods:

• Payment records: 7 years (for taxation and accounting purposes)
• Customer inquiries: 2 years (for service improvement)
• Marketing consents: Until withdrawn or 7 years
• Network usage data: As required for business operations and legal compliance

7.2 Secure Destruction

When retention periods expire, we:

• Securely delete electronic records using industry-standard methods
• Destroy physical records through secure shredding services
• De-identify data where complete deletion is not practical

8. DATA SECURITY

8.1 Technical Safeguards

We protect your personal information using:

• Encryption of data in transit and at rest
• Secure payment gateways with PCI DSS compliance
• Network firewalls and intrusion detection systems
• Access controls limiting staff access to necessary information only

8.2 Physical Security

Our systems are protected by:

• Secure data centers with restricted access
• Environmental controls (temperature, humidity, power backup)
• Surveillance systems and security personnel
• Equipment disposal procedures for retired hardware

8.3 Staff Training

We ensure data protection through:

• Privacy training for all staff with access to personal information
• Confidentiality agreements binding all employees and contractors
• Regular security updates and awareness programs
• Incident response procedures for potential data breaches

9. YOUR PRIVACY RIGHTS

9.1 Access Rights

You have the right to:

• Request access to personal information we hold about you
• Receive a copy of your information in a readable format
• Understand how your information is being used

9.2 Correction Rights

You may:

• Request correction of inaccurate or outdated information
• Update your details by contacting our customer service
• Verify changes have been properly implemented

9.3 Complaint Rights

If you have privacy concerns, you can:

• Contact us directly using the details below
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)
• Seek review of our privacy practices

9.4 Limitations

Some rights may be limited where:

• Legal obligations require us to retain information
• Law enforcement investigations are ongoing
• Disclosure would harm others' privacy or safety

10. MAKING A PRIVACY COMPLAINT

10.1 Internal Complaints Process

To make a privacy complaint about our handling of your personal information:

1. Contact us using the details in Section 1
2. Provide details of your concern and desired resolution
3. Allow 30 days for us to investigate and respond
4. Receive our response with findings and any corrective action

10.2 External Complaints

If you're not satisfied with our response, you may:

• Contact the OAIC at enquiries@oaic.gov.au or 1300 363 992
• File a complaint online at www.oaic.gov.au
• Seek legal advice about your options

11. CHILDREN'S PRIVACY

11.1 Age Restrictions

Our Service is not available to persons under 16 years of age. We do not knowingly:

• Collect information from children under 16
• Provide services to underage users
• Retain data of users found to be under 16

11.2 Parental Responsibility

If you believe a person under 16 has used our Service:

• Contact us immediately so we can investigate
• Provide evidence of the person's age if available
• Request deletion of any information collected

12. UPDATES TO THIS PRIVACY POLICY

12.1 Policy Changes

We may update this Privacy Policy to:

• Reflect changes in our information practices
• Comply with new legal requirements
• Improve clarity and transparency

12.2 Notification of Changes

When we make material changes:

• Update the "Last Updated" date at the top of this policy
• Notify users through reasonable means (email or service notification)
• Post the updated policy on our website and service portals

12.3 Continued Use

Your continued use of our Service after policy updates constitutes acceptance of the revised Privacy Policy.

13. CONTACT US

13.1 Privacy Inquiries

For questions about this Privacy Policy or our privacy practices, contact us at:

doofnet

• Address: Islington, NSW, Australia
• Phone: 0493 322 336
• Email: doofnetaus@gmail.com

13.2 Business Hours

We aim to respond to privacy inquiries within:

• Phone inquiries: During business hours (9 AM - 5 PM AEST, Monday-Friday)
• Email inquiries: Within 2 business days

14. DEFINITIONS

Personal Information: Information or an opinion about an identified individual, or an individual who is reasonably identifiable.

Sensitive Information: Personal information about health, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, criminal records, or biometric information.

APP Entity: An organization bound by the Australian Privacy Principles under the Privacy Act 1988.

This Privacy Policy should be read in conjunction with our Terms of Use. By using our Service, you acknowledge that you have read and understood this Privacy Policy.

doofnet
September 13, 2025