Privacy Policy

Last updated: 15 April 2026

1. Introduction

PointsPilot ("we," "us," or "our") operates the PointsPilot website and application at pointspilotapp.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

We are committed to protecting your privacy in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

2. Information we collect

Information you provide

  • Account information — email address, name, and password when you create an account.
  • Profile information — home airport, loyalty program memberships, and points balances that you voluntarily enter to use our optimization features.
  • Communications — messages you send through our chat feature or customer support.

Information collected automatically

  • Usage data — pages visited, features used, search queries, and interaction patterns.
  • Device information — browser type, operating system, device type, and screen resolution.
  • Log data — IP address, access times, and referring URLs.
  • Cookies and similar technologies — we use cookies to maintain your session, remember preferences, and analyse usage. See Section 7 for details.

3. How we use your information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Generate personalized points optimization recommendations
  • Power our AI assistant (Captain Byron) with context about your loyalty program balances and preferences
  • Send you service-related notifications and alerts
  • Respond to your enquiries and support requests
  • Analyse usage patterns to improve user experience
  • Detect, prevent, and address technical issues

4. How we share your information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service providers — we use third-party services for hosting (Vercel), authentication (Clerk), payment processing (Stripe), and AI features (OpenAI/Anthropic). These providers only access data necessary to perform their services.
  • Affiliate partners — if you click an affiliate link, the affiliate network and advertiser may receive information about your click. We do not share your account data or points balances with affiliate partners.
  • Legal requirements — we may disclose information if required by law, regulation, or legal process.

5. Data security

We implement appropriate technical and organisational measures to protect your information, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Secure authentication via Clerk
  • Payment processing handled entirely by Stripe — we never store your credit card details
  • Regular security reviews of our infrastructure

No method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. Cookies

We use the following types of cookies:

  • Essential cookies — required for authentication and core functionality. Cannot be disabled.
  • Analytics cookies — help us understand how visitors interact with our site. You can opt out via your browser settings.
  • Preference cookies — remember your settings and preferences.

8. Your rights

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and data
  • Opt out of marketing communications at any time
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached

9. Third-party links

Our service may contain links to third-party websites, including airline loyalty programs, credit card providers, and affiliate partners. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

10. Children's privacy

Our service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

  • Email: privacy@pointspilotapp.com