Privacy Policy

Last updated: October 19, 2025

Introduction

Welcome to MapBuddi (“we,” “our,” or “us”). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Information We Collect

Personal Information

We collect personal information that you voluntarily provide to us when you:

  • Create an account
  • Make a purchase
  • Contact us for support
  • Subscribe to our newsletter
  • Participate in surveys or promotions

This may include your name, email address, phone number, and any other information you choose to provide. We do not store payment information on our servers - all payment processing is handled securely by Stripe and other third-party payment processors.

Payment and Compliance Information

For payment processing and compliance purposes, we collect limited information including:

  • Transaction details (amount, date, seller information)
  • Payment method information (processed by Stripe, not stored by us)
  • Seller identification for tax compliance purposes
  • Business registration details (ABN, business name) for sellers
  • Contact information for dispute resolution

This information is collected to facilitate payments, comply with Australian tax laws, and resolve any disputes that may arise.

Location Information

As a location-based service, we collect and process location data including:

  • Points of interest (POIs) you create or purchase
  • Location lists and their associated geographic data
  • General location preferences for content personalization

Social Media Information

If you choose to verify your social media accounts through our OAuth verification system, we collect:

  • Basic profile information (username, display name)
  • Public follower/subscriber counts
  • Account verification status
  • Profile URLs and avatars

We only collect information necessary for verification purposes and do not access private content.

Automatically Collected Information

We automatically collect certain information when you visit our website, including:

  • IP address and general location
  • Browser type and version
  • Pages visited and time spent
  • Referring website
  • Device information

How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our services
  • Process transactions and send related information
  • Send administrative information and updates
  • Respond to comments, questions, and customer service requests
  • Improve our website and services
  • Personalize your experience
  • Send marketing communications (with your consent)
  • Detect and prevent fraud and abuse
  • Comply with legal obligations

How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our website and services
  • Business Transfers: In connection with any merger, sale of assets, or acquisition
  • Legal Requirements: When required by law or to protect our rights and safety
  • Public Information: Location lists and reviews you publish are publicly visible
  • Verified Social Accounts: Your verified social media links are displayed on your public profile

Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access and receive a copy of your personal information
  • Rectify inaccurate personal information
  • Request deletion of your personal information
  • Object to processing of your personal information
  • Request restriction of processing
  • Data portability
  • Withdraw consent at any time

To exercise these rights, please contact us using the information provided below.

Cookies and Tracking

We use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand where our visitors are coming from. You can control cookies through your browser settings.

Google Drive Integration

What Data We Access

When you connect your Google account to MapBuddi, we request access to the following Google API scopes:

  • drive.file scope (https://www.googleapis.com/auth/drive.file) - Limited access to only create and manage files that MapBuddi creates in your Google Drive
  • userinfo.email - Your email address for account association
  • userinfo.profile - Your basic profile information

Important: We use the most restrictive “drive.file” scope, which means we can only access files that our application creates. We cannot see, access, or modify any other files in your Google Drive.

Why We Access Your Google Drive

We access your Google Drive solely to:

  • Create KML (Keyhole Markup Language) files containing your purchased location lists
  • Organize these files in a “MapBuddi” folder in your Google Drive
  • Allow you to import these KML files into Google My Maps for navigation
  • Verify that synced files exist and delete them when you request removal

Data Storage and Retention

In Your Google Drive:

  • KML files remain in your Google Drive indefinitely until you manually delete them
  • Files are stored in a folder called “MapBuddi” in your Drive
  • You have full control to move, rename, or delete these files at any time

In Our Database:

  • Google access tokens are stored securely and encrypted in our database
  • We store file IDs of created KML files to enable deletion functionality
  • Sync status information (whether a list has been synced, last sync date)
  • Connection metadata (token expiry dates, refresh tokens)
  • This data is retained as long as your account is active or until you disconnect Google integration

Who Can See Your Files

Privacy guarantee: Only you can see the KML files created in your Google Drive. These files are:

  • Private to your Google account by default
  • Not shared with MapBuddi staff or other users
  • Not publicly accessible unless you explicitly share them via Google Drive
  • Subject to your Google Drive sharing settings and controls

Data Sharing and Usage

We make the following commitments regarding your Google data:

  • We do not sell your Google data - Your Google Drive data and access tokens will never be sold to third parties
  • We do not share your Google data - We never share your Google Drive files or access tokens with other users or third-party services
  • We do not use data for advertising - Your Google Drive data is never used for targeted advertising or marketing purposes
  • We do not aggregate or analyze your Drive content - We do not read, analyze, or create aggregated datasets from your KML files or Drive content
  • No data transfer to third parties - Your Google access tokens and Drive data remain within our secure systems and are not transferred to any third parties

Security Measures

We implement industry-standard security measures to protect your Google access credentials:

  • All Google access tokens are encrypted at rest in our database
  • API communications use HTTPS/TLS encryption
  • Access tokens are stored separately from user-facing data
  • We use OAuth 2.0 refresh tokens to minimize long-term token exposure
  • Tokens expire and are automatically refreshed using secure processes

Revoking Access and Data Deletion

You have complete control over your Google Drive integration:

  • Disconnect anytime: You can disconnect Google Drive integration from your MapBuddi account settings at any time
  • Revoke via Google: You can revoke MapBuddi's access to your Google account directly through your Google Account Permissions page
  • What happens when you disconnect:
    • We immediately delete your Google access and refresh tokens from our database
    • We can no longer create new files in your Drive or access existing ones
    • KML files remain in your Google Drive (you can manually delete them)
    • You can re-connect at any time to restore functionality
  • Account deletion: If you delete your MapBuddi account, all Google integration data is permanently deleted within 30 days
  • Manual file deletion: You can delete individual KML files through your MapBuddi interface or directly in Google Drive

Google API Services User Data Policy Compliance

MapBuddi's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only use your Google data for the specific purposes outlined above and do not use it for any other purpose.

Third-Party Services

Our website may contain links to third-party services, including:

  • Google Maps for location services and mapping
  • Google Drive for file storage and syncing
  • Stripe for payment processing
  • Social media platforms for account verification
  • Analytics services

These third-party services have their own privacy policies, and we are not responsible for their practices. When you use Google Drive integration, you are also subject to Google's Privacy Policy and Terms of Service.

Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: contact@mapbuddi.com

Company: Khop Media Pty Ltd

ABN: 77 673 029 117