Crowdz ("we", "us", "our") operates the Crowdz crowd-level reporting application. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
When you create an account, we collect your email address, chosen username, and account type (individual or business). Business accounts may also provide a business name and ABN.
When you submit a crowd-level report, we collect the location name, your crowd-level rating (1-5), a timestamp, and your username (or "Anonymous" if you choose anonymous reporting). If you report anonymously, your username is replaced with "Anonymous" in the public report and is not visible to other users. A hashed device fingerprint is still processed server-side for rate limiting and abuse prevention, but is not published or linked to the displayed report.
If you accept or redeem a business discount, we record the interaction type (viewed, accepted, scanned) using a non-identifying reference that is not linked back to your identity in data shared with businesses.
We collect a hashed device fingerprint (screen size, timezone, platform) for rate limiting and fraud prevention. This fingerprint is used to detect abuse patterns across both signed-in and anonymous reports. It is not used to identify you personally and is not shared with other users or businesses.
Crowd data shown on the public map, including heatmaps, is always aggregated. We do not display individual user locations to other users on public maps or heatmaps. All crowd levels shown represent the combined reports of multiple users at a named location. A minimum of 3 reports is required before any live crowd estimate is displayed. For security and abuse prevention, authorised admins may view recent exact location pings in a restricted internal admin-only map.
To smooth short-term fluctuations and provide a best-guess "Estimated" crowd level for locations with no recent live reports, Crowdz also maintains a rolling aggregated hourly summary for each named location (for example: "Highpoint Shopping Centre, Monday 2pm slot: total of all reported crowd levels, number of reports"). This summary contains no usernames, no avatars, no reporter keys, no device fingerprints, no IP addresses, no GPS coordinates, and no individual report rows — only per-location, per-hour totals. Individual reports cannot be reconstructed from it.
Crowdz provides an anonymous reporting mode that you can enable at any time. When anonymous mode is active:
Anonymous users can view all crowd data and discounts, but must disable anonymous mode to redeem discounts. This prevents fraud while preserving your right to browse privately.
In addition to anonymous mode, Crowdz provides a Location Services toggle in your account settings. When you turn off Location Services:
Turning off Location Services does not affect any previously submitted reports or your account data. If anonymous mode is also enabled, neither your identity nor your location will be transmitted during background activity.
You may delete your account at any time from your account settings. When you delete your account:
We do not sell, rent, or trade your personal information to third parties. We may share data only in these circumstances:
Under the APPs, you have the right to:
We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access. These measures include:
Crowdz uses browser local storage to remember your preferences (such as anonymous mode, saved locations, and accepted discounts). We do not use third-party tracking cookies. Session cookies are used solely for authentication.
Crowdz is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
When you use Crowdz with location services enabled, we may collect approximate GPS coordinates to verify that reports come from users near the reported location. This data is used only for report verification and fraud prevention. It is held in server memory only, not written to disk, and discarded after use (within 30 minutes). When anonymous mode is enabled, GPS may still be used momentarily for fraud verification but is not stored with the report and is not linked to your identity in any published data. The approximate location of anonymous users is processed in the same way — it is used solely to confirm proximity to the reported location and is immediately discarded; it is never stored, attributed, or shared. Access to recent live location pings is limited to authorised admins through a restricted internal tool for safety, moderation, and anti-abuse operations.
Standard server logs may record IP addresses, request timestamps, and browser user-agent strings for operational and security purposes. These logs are rotated regularly and are not linked to your user account.
The Crowdz map is powered by Leaflet.js, an open-source JavaScript mapping library. Map tiles (the background imagery you see) are served by CARTO using data from OpenStreetMap contributors. When the map loads tiles, your browser makes standard HTTPS requests to CARTO's tile servers; these requests include tile coordinates and your IP address, as is standard for any web map. No personal account data or crowd report data is included in tile requests. Crowdz does not share any user data with Leaflet, CARTO, or OpenStreetMap beyond what is inherent in a normal tile load. You can review CARTO's privacy policy at carto.com/privacy and OpenStreetMap's at wiki.osmfoundation.org/wiki/Privacy_Policy.
To prevent automated abuse of sign-up, login, password reset, and other sensitive forms, Crowdz uses Cloudflare Turnstile on the web. When you submit one of these forms, your browser loads a script from challenges.cloudflare.com which performs a lightweight, mostly invisible check to confirm you are a real person rather than a bot. Cloudflare may receive technical signals such as your IP address, browser user-agent, basic device characteristics, and a challenge token. Crowdz does not send your account details, password, email, or crowd report data to Cloudflare. The Cloudflare check returns a single yes/no result to the Crowdz backend, which is then discarded. You can review Cloudflare's privacy practices at cloudflare.com/privacypolicy.
In future versions of the Crowdz mobile app distributed through Google Play, the equivalent check will be performed using Google Play Integrity API, which verifies that the app is a genuine, untampered build running on a real Android device. Play Integrity is provided by Google and may receive a Google Play services device token; it does not receive your account data. You can review Google's relevant terms at policies.google.com/privacy.
Verification codes, password reset links, and the welcome email series are delivered through a third-party SMTP email provider configured by Crowdz. The provider receives your email address and the message contents in order to deliver the email, which is normal for any email service. Email metadata (such as opens, where measurable via a tracking pixel) is used only to evaluate whether onboarding emails are reaching real inboxes and is not sold or shared.
The Crowdz backend is hosted on a third-party cloud platform (currently Render). Standard server logs (IP address, request path, timestamp, user-agent) are generated as part of normal operation and are retained for a short period for security, debugging, and abuse-prevention purposes. Account data, crowd reports, and progress are stored in a managed PostgreSQL database operated by the same hosting provider. Data is not sold or shared with third parties beyond the limited technical providers listed in this policy.
If you install the Crowdz Android app from Google Play, the app communicates with the Crowdz backend over HTTPS using the same APIs described in this policy. Account information, achievements, and progress are stored on the Crowdz backend and not solely on your device, so they are preserved across app updates and reinstalls. App updates distributed through Google Play do not erase or reset your account.
We may update this Privacy Policy from time to time. Material changes will be communicated via the app or email. The "Last updated" date at the top of this page indicates when the policy was last revised.
If you have questions about this Privacy Policy, wish to exercise your rights, or want to make a complaint, you can reach us through the "Report an issue" feature in the app, or by contacting us via the email address associated with your account.
You may also contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au if you are not satisfied with our response.