(Legal)

Privacy Policy

Version 1.3 Last updated Effective

1. Introduction

GUESTI PTY LTD (ABN: 60 685 887 094) ("Guestii", "we", "us", "our") operates:

  • Guestii, a front-of-house event operations platform
  • Guest Line, a promoter, venue and attendee platform

We are committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Scope

This policy applies to:

  • Guests (event attendees)
  • Promoters and hosts
  • Venue operators and staff
  • Contractors and event workers
  • Users of Guestii and Guest Line apps and web platforms

3. What we collect

3.1 Identity and contact data

  • Name
  • Email address
  • Phone number
  • Date of birth (where required)
  • Social profiles (if linked)

3.2 Event and attendance data

  • Events requested or attended
  • Entry timestamps (check-in data)
  • Approval or rejection status
  • Plus-one relationships
  • Promoter attribution

3.3 QR and access control data

  • QR code scans and validation logs
  • Time-based entry eligibility (for example, before 10pm)
  • Access levels (for example, VIP, staff, guestlist tiers)

3.4 Payment and transaction data

(Processed via Square)

We may collect:

  • Transaction amount
  • Payment timestamps
  • Payment status
  • Limited payment metadata (for example, masked identifiers)

We do not store full card details or sensitive payment credentials.

3.5 Venue spend data (where enabled)

Where venues use supported integrations such as Square, we may collect:

  • Total spend per guest
  • Item-level purchase data
  • Visit frequency and behavioural trends

3.6 Promoter and commission data

  • Campaign participation
  • Commission earned
  • Payout details such as bank account information

3.7 Staff and contractor data (if applicable)

  • Role and permissions
  • Attendance records
  • Accreditation or licensing data (if submitted)
  • Incident reports

3.8 Device and usage data

  • Device type
  • IP address
  • Session activity

3.9 Communications

  • Event notifications
  • Platform messages
  • Support interactions

4. How we collect data

We collect information when you:

  • Create or use an account
  • Submit or receive a guestlist request
  • Are added to an event
  • Interact with promoter or venue profiles
  • Attend an event and are scanned
  • Make a payment

We also collect limited data automatically through platform usage.

5. How we use data

Platform functionality

  • Manage guestlists and entry
  • Generate and validate QR entry passes
  • Attribute guests to promoters
  • Facilitate payments

Operations and analytics

  • Provide venues with attendance insights
  • Analyse guest behaviour such as attendance frequency and spend patterns
  • Improve platform performance and event operations

Promoter ecosystem (Guest Line)

  • Track campaign performance
  • Calculate commissions

Security and integrity

  • Prevent fraud such as QR misuse
  • Maintain audit logs
  • Enforce access control rules

Re-invitation and event marketing

When you request access to an event through the platform (for example, the slide-to-request flow on Guest Line), you acknowledge and reasonably expect that the relevant venue or organiser may use those details to send you invitations and updates about future events through the Guestii platform. You can opt out at any time using the unsubscribe option in those messages or by contacting us.

A venue or organiser may also use the data you submit outside the Guestii platform (for example, in their own email or SMS marketing). In that case, the venue or organiser is responsible for obtaining and maintaining the necessary consents and for complying with the Privacy Act, the Spam Act and any other applicable laws.

6. Data segregation

Guestii enforces strict data separation:

  • Data is not shared between different venues, organisers or groups
  • Each venue or group can only access its own data
  • Promoters and users only see data relevant to their own events and relationships

Guestii does not operate a shared cross-venue data pool.

7. Data ownership

Where Guestii processes guest or event data on behalf of a venue or organiser (an "Organiser"), the Organiser is the data controller and Guestii acts as a data processor.

  • The Organiser owns the event and attendee data submitted in connection with their events.
  • Guestii holds a limited licence to use that data only to operate, secure and improve the platform and to deliver the services the Organiser has contracted for.
  • You retain rights to your personal data under the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

Guestii does not sell, rent or trade personal data to third parties.

8. Local device storage (Guest Line)

To improve user experience, Guest Line may store limited data locally on your device, including:

  • Previously entered guest details
  • Request form inputs
  • Session-related preferences

This enables faster repeat interactions such as submitting requests.

Local data:

  • Is stored only on your device
  • Can be cleared via app or browser settings, or by uninstalling
  • Is not shared unless submitted to the platform

9. Data sharing

We only share data where strictly necessary to operate the platform.

Within venues and organisers

We share relevant data with the specific venue or organiser responsible for the event, including:

  • Guestlists
  • Attendance records
  • Spend data (where enabled)

This sharing is limited to the specific venue, event or group the data relates to.

No cross-business data sharing

Guestii does not share personal data between different businesses.

  • Data from one venue, organiser or group is not accessible to another
  • There is no cross-venue or cross-group data pooling
  • Promoters and venues only access data relevant to their own events

No sale of personal data

Guestii does not sell, rent or trade personal data to third parties.

We do not operate a data marketplace, advertising network or third-party data sharing programme.

Payment processing

Payments are processed via:

  • Square

Payment providers handle payment data in accordance with their own privacy policies.

Service providers

We may share limited data with trusted service providers such as hosting and infrastructure providers, solely to operate the platform.

These providers are required to protect your data.

Legal requirements

We may disclose data where required by law or to protect the integrity and security of the platform.

10. Data security

We implement appropriate technical and organisational safeguards:

  • All data is encrypted in transit and at rest
  • Role-based access controls are enforced
  • Secure authentication methods are used
  • Audit logs monitor platform activity

However, no system is completely secure.

11. International data transfers

Data may be processed in Australia and overseas, such as via cloud infrastructure providers.

We take reasonable steps to ensure compliance with Australian privacy standards.

12. Data retention

We retain data:

  • As long as required to provide services
  • For operational and analytical purposes
  • To meet legal obligations

All guest data held by Guestii is encrypted at rest. Where an organiser offboards from the platform, their associated guest data is deleted from the active Guestii database within 30 days of offboarding, subject to any retention required by law (for example, financial records).

Venues and organisers may retain their own copies of data they have lawfully exported or collected.

13. Your rights

You may:

  • Request access to your personal data
  • Request corrections
  • Request deletion where applicable
  • Opt out of re-invitation messages and other communications
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

Contact: lewis@guestii.app

14. Cookies and tracking

We use cookies and similar technologies to:

  • Maintain sessions
  • Improve performance
  • Analyse usage

You can control cookies via your browser settings.

15. Third party services

Guestii integrates with third-party services such as payment providers. Their privacy policies apply to their systems.

16. Age restrictions

Guestii is intended for users aged 18 and over. We do not knowingly collect data from minors.

17. Updates

We may update this Privacy Policy from time to time.

18. Contact

GUESTI PTY LTD

ABN: 60 685 887 094

Email: lewis@guestii.app