Privacy Policy

01, SummaryThe short version.

If you only read one section, read this one.

• You can use RipCo without an account.
• We do not sell your data. We have not sold data and have no plans to do so.
• We collect the minimum needed to make the app work, usage telemetry and (if you opt in) your saved beaches.
• Your location is asked once for the "nearest beach" feature and stays on your device. We never receive a precise location server-side.
• Camera footage shown in the app comes from public partner cameras (SLSNSW, councils, surf clubs). RipCo does not record or retain it.
• You can request deletion of any data we hold about you at any time, and we will action it within 14 days.

02, IdentityWho we are.

RipCo is operated by RipCo Pty Ltd, an Australian proprietary limited company.

• ACN: 678 901 234 (placeholder, replace with the registered ACN before publishing)
• Registered office: Level 4, 88 Pittwater Road, Manly NSW 2095
• Privacy contact: privacy@ripco.app
• Privacy officer: Leah Kovac, Head of Partnerships

03, CollectionWhat we collect.

Information you give us

• Email address, only if you choose to create an optional account to sync saved beaches across devices.
• Saved beach selections, stored locally and (if signed in) on our servers in Sydney.
• Notification preferences, stored locally and synced if signed in.
• Support correspondence, when you email hello@ripco.app. We retain support emails for 24 months.

Information collected automatically

• Anonymous usage telemetry, page views, feature usage, error reports. Aggregated. Cannot be linked to an individual.
• Device type, iPhone model and iOS version, used to fix layout bugs.
• Approximate region, city-level only, derived from IP address. Used to default the map view to your nearest coast. Your IP address is not retained beyond 7 days.

Information we do not collect

• Your name (we never ask).
• Your phone number.
• Your precise GPS coordinates server-side.
• Photos, videos, or recordings you take or hold on your device.
• Contacts, calendar entries, or microphone input.

04, PurposeWhy we collect it.

Each piece of data we collect serves one of these purposes, and only these:

05, StorageHow we store it.

All RipCo servers are hosted in AWS Sydney (ap-southeast-2). Personal data does not leave Australia. The technical specifics:

• All data in transit is encrypted with TLS 1.3. We do not accept connections below TLS 1.2.
• All data at rest is encrypted with AES-256.
• Account passwords are hashed with argon2id. We cannot read your password, even if compelled by law to try.
• Database backups are encrypted, retained for 30 days, then permanently deleted.
• We follow the Australian Government Information Security Manual (ISM) guidelines for a small commercial provider. We hold no security clearance, but we follow the public guidance.

06, SharingWho we share it with.

We share aggregate, anonymous usage data with our research partners (Surf Life Saving NSW, UNSW Beach Safety Lab) so that beach-safety research can use real signal about which information saves lives. Aggregate means counts and trends, no individual user is identifiable.

We use the following processors who have access to limited data on our behalf:

• Amazon Web Services (Sydney), hosting; encrypted at rest.
• Plausible Analytics (EU), privacy-first, cookieless, no individual tracking. Aggregate only.
• Postmark (US), transactional email. Used only if you've created an account, only for security and account-recovery emails.
• Sentry (self-hosted, Sydney), error reporting. PII is scrubbed before reaching the database.

Beyond the above, we share data only when:

• You explicitly ask us to (e.g. "share this beach via Messages", handled by your phone, not us).
• We are legally required to (a valid Australian court order or warrant). We will challenge any request that appears overbroad and disclose only what is strictly required. Where law permits, we will tell you.
• A genuine emergency exists involving risk of death or serious harm.

07, CookiesCookies & analytics.

The RipCo iOS app does not use cookies, it's a native app, not a web view.

The RipCo website uses one strictly-necessary cookie (ripco_session) to keep you signed in if you choose to. We do not use any third-party advertising cookies, retargeting pixels, or social-media trackers. We use Plausible Analytics for aggregate visit metrics, Plausible does not set cookies and does not collect personal data.

You can verify this for yourself at any time by opening your browser's developer tools and looking at the Application → Cookies tab. The list will be very short.

08, Your rightsYour rights.

Under the Australian Privacy Act 1988 you have the right to:

• Access any personal information we hold about you. Email privacy@ripco.app; we will respond within 30 days, free of charge.
• Correct any information that is inaccurate. Most fields are editable in-app immediately.
• Delete all personal information we hold. We will action this within 14 days and confirm by email. Some anonymous aggregates cannot be reversed by design.
• Export your data in a portable format (JSON). Available from Settings → Data & Privacy in the app.
• Object to processing on the basis of legitimate interest. Most users will never need this.
• Complain to us first, and if unresolved, to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

09, ChildrenChildren & minors.

RipCo is suitable for all ages, beach safety information is, if anything, more important for younger users. However, we do not knowingly collect personal information from children under 14 without verifiable parental consent. The optional sign-in is not available to anyone under 14.

If you are a parent or guardian and you believe we have collected information from your child, contact us at privacy@ripco.app and we will delete it.

10, InternationalInternational users.

RipCo is designed for Australian beaches and Australian users. The app will work outside Australia, but the live data (beaches, conditions, alerts) will not. If you use RipCo from outside Australia, your data is still routed to and stored in our Sydney data centre.

Visitors from the European Union, United Kingdom, and other GDPR-aligned jurisdictions: we honour the rights granted under your local law as if they were granted under the Australian Privacy Act. If there is any conflict, the higher standard applies.

11, ChangesChanges to this policy.

If we change this policy in any material way, we will:

• Update the version number and effective date at the top of this page.
• Email all signed-in users at least 14 days before the change takes effect.
• Show a one-time in-app notice the next time you open RipCo.
• Keep the previous version archived at /legal/privacy/2025 for reference.

Minor edits, typo fixes, clarifying language that does not change a substantive practice, will be made silently with a note in the changelog at the bottom of this page.

12, ContactGet in touch.

This is a small company; if you write to us, you will get a real human reply.

• Privacy questions: privacy@ripco.app
• General: hello@ripco.app
• Postal: RipCo Privacy Officer · Level 4, 88 Pittwater Road · Manly NSW 2095

If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner: oaic.gov.au · 1300 363 992.

Changelog · v2.1 (1 Jan 2026), Added §10 international rights · v2.0 (Q3 2025), Rewrite for plain English · v1.0 (Q1 2025), Initial policy.