REDSIX – Privacy Policy

Bravo 6 Pty Ltd (ACN 614 911 536) trading as REDSIX
Registered office: PO Box 165, Banora Point NSW 2486, Australia
Contact: privacy@redsix.com.au
Effective date: 21 October 2025

This Privacy Policy explains how REDSIX collects, uses, discloses and protects personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It also aligns with requirements for Google Play and Apple App Store apps, including account deletion and child‑safety standards. Additional jurisdiction‑specific disclosures may apply where required.

1. About these Terms

These Terms of Use (Terms) govern your access to and use of the REDSIX mobile applications (iOS and Android), websites (including https://redsix.com.au), online store, and any related services (together, the Service). By creating an account, installing or using the Service, you agree to be bound by these Terms and our Privacy Policy.

We may update these Terms from time to time. Where changes are material, we will provide reasonable notice (for example, in‑app notification or email). Your continued use after the effective date constitutes acceptance of the updated Terms.

2. The information we collect

We may collect the following categories of information:

• Identity & contact: name, email, phone, age range, country/region.
• Account & profile: username, avatar, settings, check‑in preferences, trusted contacts.
• Wellbeing inputs (sensitive information): self‑reported mood, notes, optional wellness reflections or goals, and signals you choose to send to your trusted network.
• User‑generated content: posts, comments, messages (if enabled), support tickets.
• Usage & device: app actions, crash logs, diagnostics, device model/OS, language, IP address, coarse location (country/city), and in‑app events.
• Transaction & fulfilment: order details, delivery address, and payment tokens from PCI‑compliant processors (we do not store full card numbers).
• Cookies & similar tech on our websites for analytics and preferences (see Section 9).

We generally collect information from you directly (including via in‑app forms, settings, or the store), automatically through the Service, and from service providers (e.g., analytics, payment processors, email/SMS providers) where permitted.

3. Legal bases under Australian law

We collect, use and disclose personal information where reasonably necessary for our functions and activities (APP 3/6), with your consent for sensitive information (e.g., wellbeing inputs), and as otherwise permitted or required by law. Where practicable, you may interact with us anonymously or using a pseudonym; some features may not be available in that case (APP 2).

4. How we use information

• provide, operate, maintain and secure the Service;
• enable wellbeing features (check‑ins, signals, reminders) and your trusted network;
• safety & moderation, including prevention of child endangerment and CSAE/CSAM;
• communicate with you (service messages, updates) and provide support;
• personalise content and improve the Service (analytics, crash diagnostics);
• process orders and deliver merchandise;
• comply with legal obligations and enforce our Terms;
• with your consent, send optional marketing (you can opt out at any time).

5. Sharing & disclosure

We may disclose personal information to:

• service providers (hosting, cloud, analytics, crash reporting, communications, payments, fulfilment) under contractual confidentiality and security obligations;
• authorities and regulators where legally required or to prevent or respond to serious harm, including the ACCCE and eSafety Commissioner for CSAE/CSAM matters;
• professional advisers, insurers, and auditors;
• an acquiring entity in a business transfer (subject to confidentiality and applicable law).

We do not sell personal information. We do not share wellbeing inputs with advertisers.

6. International disclosures

Our service providers may process personal information outside Australia (including in the US, EU/UK, Canada, India, and other locations). Where we disclose information overseas, we take reasonable steps to ensure recipients protect it in a manner consistent with the APPs (APP 8), such as by using contractual safeguards and assessing provider security.

7. Children & child safety

Our Service is intended for adults (18+). Users aged 13–17 may use the Service with parental/guardian consent and supervision. We do not knowingly collect information from children under 13. We maintain published CSAE & Child Safety Standards and provide in‑app reporting. We promptly act on and report confirmed CSAM to appropriate authorities.

8. Security

We implement technical and organisational measures to protect personal information against unauthorised access, alteration, disclosure or loss. These include encryption in transit, access controls, logging/monitoring, and vulnerability management. No method of transmission or storage is completely secure.

9. Cookies & analytics (web)

We use cookies and similar technologies for essential site functions, to remember preferences, and for analytics. You can control cookies via your browser settings. Some features may not function without certain cookies.

10. Direct marketing

We may send you updates about REDSIX and our programs where permitted. You can opt‑out in any message or by contacting us. We comply with the Spam Act 2003 (Cth) for electronic marketing.

11. Data retention & deletion

We retain personal information for as long as needed to provide the Service and comply with legal obligations. You can request deletion of your account and associated personal information in‑app (Settings → Account → Delete account) or via https://redsix.com.au/delete. Certain records (e.g., transaction data, legal holds, safety reports) may be retained as required by law or to establish, exercise, or defend legal claims.

12. Access & correction

You may request access to, or correction of, your personal information. We will respond within a reasonable period. If we refuse access or correction, we will provide written reasons and how to complain (APP 12/13).

13. Notifiable Data Breaches

Where an eligible data breach occurs under the Notifiable Data Breaches (NDB) scheme, we will assess and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required, including the steps you can take in response.

14. App‑store specific disclosures

• Account deletion: in‑app and web deletion options available; we will surface a data‑deletion badge and disclosures in Google Play Data Safety and Apple App Privacy.
• Data categories (summary) used for App Store/Play disclosures (subject to your settings and device permissions):
  • Contact info (email/phone) – account management/support;
  • Identifiers & device – security, fraud prevention, diagnostics;
  • Usage data & diagnostics – analytics, crash reporting;
  • User content – your posts/check‑ins/messages (if enabled) to operate features;
  • Location (approximate) – feature availability, analytics;
  • Sensitive data (wellbeing inputs you choose to provide) – to deliver wellbeing features.

  These data may be linked to you for account functionality and are not used for third‑party advertising.

15. Complaints

If you have a privacy query or complaint, contact privacy@redsix.com.au. We will acknowledge and respond within a reasonable timeframe. If you are not satisfied, you may contact the OAIC: www.oaic.gov.au | 1300 363 992 | GPO Box 5218 Sydney NSW 2001.

16. Contact

Privacy Officer, Bravo 6 Pty Ltd (REDSIX)
Email: privacy@redsix.com.au
Postal: PO Box 165, Banora Point NSW 2486, Australia

17. Changes to this policy

We may update this policy. When changes are material, we will notify you (e.g., in‑app or email). The latest version will always be available at https://redsix.com.au/privacy‑policy.