Privacy Policy

Last updated: 31 March 2026

PayCheckR (operated by Go Figure Payroll) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

1. Information We Collect

Account information

• Name and email address (when you create an account)
• Authentication credentials (securely managed)
• Display name and contact preferences

Employment and pay information

• Job title, employer name, employment type (casual/full-time/part-time)
• Award or enterprise agreement details
• Pay period dates, shift hours, and gross pay amounts
• Detection results and pay comparison history

Payslip data

• Payslip documents (PDF, PNG, JPG) you upload for analysis
• Data extracted from payslips via our AI scanning service, including gross/net pay, hours worked, tax withheld, superannuation, employer name, employee name, and other payslip fields
• Uploaded payslip files are stored securely with encryption and are only accessible to you and authorised administrators

Payment information

• If you subscribe to PayCheckR Pro, payment is processed by Stripe. We do not store your credit card number, CVV, or full card details on our servers
• We store your Stripe customer ID and subscription status to manage your account tier
• Stripe may collect billing address and card details in accordance with their own Privacy Policy

Automatically collected information

• IP address and approximate geolocation (city/state level)
• Browser type, device type, and operating system
• Pages visited and timestamps
• Referrer URL

2. How We Use Your Information

Your information is used to:

• Provide the PayCheckR service - comparing your pay against applicable Modern Awards, Enterprise Agreements, or the National Employment Standards
• Extract data from uploaded payslips using our AI-powered scanning service to auto-fill pay check fields
• Process subscription payments via Stripe
• Send transactional emails (password resets, email verification) via Resend SMTP
• Improve the accuracy and functionality of the platform
• Analyse anonymised, aggregated usage data to improve the service

We do not sell your personal information. We do not use your payslip data for advertising or marketing purposes.

3. Third-Party Services

We use trusted third-party service providers to operate PayCheckR, including providers for:

• Authentication and data storage - secure cloud infrastructure for account management and data storage
• Website hosting - content delivery and server infrastructure
• Payment processing - subscription payments are handled by Stripe. We do not store your full card details. See Stripe's Privacy Policy
• Document analysis - payslip scanning is performed by an AI service provider that does not retain your data after processing
• Email delivery - transactional emails (password resets, verification)
• Security - bot protection on public forms

All third-party providers are required to maintain appropriate confidentiality and security safeguards. We only share the minimum data necessary for each provider to perform their function.

4. Payslip Scanning

When you upload a payslip for auto-fill, the document is:

• Uploaded to secure cloud storage (encrypted at rest)
• Sent to an AI-powered text extraction service to read the payslip contents
• The service extracts structured data (pay amounts, dates, employer details) and returns it to our server
• The AI service provider does not retain or use your payslip data for training purposes under their API terms
• Extracted data is stored in your account securely

You can delete your uploaded payslips at any time from the Payslips page in your dashboard.

5. Storage and Security

We take reasonable steps to protect your information from misuse, loss, unauthorised access, modification, or disclosure:

• Data is stored on secure cloud infrastructure with encryption at rest and in transit
• Authentication uses industry-standard secure token management
• Admin access is restricted to authorised personnel with role-based access controls
• All API endpoints verify authentication before returning sensitive data
• HTTPS is enforced on all connections with HSTS headers
• Payslip files require authenticated access tokens - they cannot be accessed without authorisation

6. Cookies and Tracking

PayCheckR uses minimal cookies and tracking:

• Authentication tokens - stored in browser storage for session management (essential)
• Session storage - used for guest mode and temporary form data (not persistent)
• Visitor analytics - we collect page views and approximate location data server-side for usage analytics. This data is anonymised and aggregated

We do not use Google Analytics, Facebook Pixel, or any third-party advertising trackers.

7. Disclosure of Information

We do not disclose your personal information to third parties except:

• To the third-party service providers listed in Section 3, solely for operating the service
• Where required by law, court order, or government authority
• To protect the rights, safety, or property of PayCheckR, our users, or the public

8. Your Rights

Under Australian Privacy law, you have the right to:

• Access your personal information held by us
• Correct inaccurate or outdated information
• Delete your account and associated data (via Settings or by contacting us)
• Download your detection history and payslip data
• Withdraw consent for optional data processing at any time

9. Data Retention

We retain personal information only for as long as necessary to provide the service or as required by law. Specifically:

• Account data is retained while your account is active
• Detection results are retained for your reference until you delete them
• Payslip files are retained until you delete them from your dashboard
• Payment records may be retained as required for tax and accounting purposes
• Upon account deletion, we remove your data within 30 days, except where legal obligations require longer retention

10. Children's Privacy

PayCheckR is not intended for use by individuals under 15 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated "Last updated" date. We encourage you to review this page periodically. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy, how your information is handled, or wish to make a complaint, you can contact us at: