QuickReply
TermsSign in

Privacy Policy

Last updated: 30 March 2026

1. Who We Are

QuickReply Pty Ltd (“QuickReply”, “we”, “us”, “our”) operates the QuickReply platform at quickreply.com.au. We are an Australian company providing AI-powered lead capture and communication tools for trade businesses.

We are committed to protecting the privacy of all individuals whose personal information we handle, in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

If you have questions about this policy, contact us at hello@quickreply.com.au.

2. What Personal Information We Collect

We collect personal information from two groups of people:

2.1 Tradie accounts (our customers)

  • Name and email address (for account creation and login)
  • Business name, ABN, trade category, and business address
  • Mobile phone number (for lead SMS alerts)
  • Profile photo / business logo
  • Payment information (handled by Stripe — we do not store card numbers)
  • Usage data: which features you use, pages you visit, actions you take in the dashboard
  • IP address and browser/device information for security purposes

2.2 End customers (people who submit quote requests)

  • Name, email address, and phone number
  • Property address
  • Job description and details submitted on the quote form
  • Photos uploaded with the submission
  • Budget, timeline, and other job-specific information
  • IP address (for fraud prevention and rate limiting)

End customer data is collected on behalf of the tradie business who owns the form. That tradie business is the data controller for information collected through their form.

3. Why We Collect It

We collect personal information for the following purposes:

  • To provide the service: Processing quote requests, sending lead notifications, and enabling tradespeople to manage and respond to enquiries
  • AI analysis: Generating job summaries, price estimates, and response suggestions using anonymised job details (customer names and contact info are not sent to the AI)
  • Communication: Sending email and SMS notifications about new leads, account updates, and service information
  • Billing: Processing subscription payments through Stripe
  • Security: Detecting fraud, preventing abuse, and securing accounts
  • Improving the service: Understanding how features are used to improve the product
  • Legal compliance: Meeting our obligations under Australian law

4. How We Store and Protect Your Data

  • All data is stored in Supabase, a secure cloud database platform, with servers in Sydney, Australia
  • Data is encrypted at rest (AES-256) and in transit (TLS 1.2+)
  • Database access is controlled by Row-Level Security (RLS): each tradie can only access their own business data
  • Photos are stored in Supabase Storage with time-limited signed URLs for access
  • We use industry-standard security headers, including HSTS, X-Frame-Options, and Content Security Policy
  • Passwords are hashed by Supabase Auth using bcrypt — we never store plaintext passwords

5. Who Has Access to Your Data

  • Tradie (account holder): Can see all leads submitted through their form, including all customer details and photos
  • End customers: Cannot access any data beyond their own submission confirmation page
  • QuickReply staff: Limited access for support and maintenance purposes only, subject to confidentiality obligations
  • Third-party service providers: Only as described below (Section 6)

We do not sell personal information to any third party.

6. Third-Party Services We Use

To operate the platform, we share limited data with the following trusted service providers:

Anthropic (Claude AI)

anthropic.com — United States

We send job descriptions, photos, and job-specific details to generate AI summaries, quote estimates, and response suggestions. We do not send customer names, contact details, or payment information to Anthropic. Data is not used by Anthropic to train their models under our enterprise agreement.

Stripe

stripe.com — United States / Australia

Processes subscription payments. Stripe receives the tradie's name, email, and payment details. We store only the Stripe customer ID and subscription ID — no card numbers are held by QuickReply.

Twilio

twilio.com — United States

Sends SMS notifications to tradies (new lead alerts) and end customers (missed-call auto-SMS). Twilio receives the recipient's phone number and message content.

Resend

resend.com — United States

Sends transactional emails (lead notifications, account emails). Resend receives the recipient's email address and email content.

Vercel

vercel.com — United States

Hosts the QuickReply web application. Vercel processes request metadata (IP addresses, headers) for routing and security purposes.

7. Data Retention

  • Active accounts: Data is retained for as long as the account is active
  • After account deletion: All personal data is deleted within 30 days, except where retention is required by law
  • Lead submissions: Retained until the account is deleted or a deletion request is made
  • SMS logs: Retained for 90 days for deduplication and compliance purposes
  • Billing records: Retained for 7 years as required by Australian tax law

8. Your Rights

Under the Australian Privacy Act, you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Delete your account and associated data (see Settings → Danger Zone, or email us)
  • Object to certain uses of your information
  • Complain about a privacy breach to the Office of the Australian Information Commissioner (OAIC)

To exercise any of these rights, email hello@quickreply.com.au. We will respond within 30 days.

9. Cookies and Analytics

We use the following types of cookies and local storage:

  • Essential cookies: Required for authentication and session management (Supabase auth tokens). These cannot be disabled.
  • Preference storage: We store your cookie consent choice and UI preferences in localStorage.
  • Analytics: We may use anonymised analytics to understand how the product is used. No personal information is included in analytics data.

We do not use advertising cookies or third-party tracking pixels.

10. SMS Communications

If you receive an SMS from QuickReply (either as a lead notification or a missed-call auto-SMS), you may opt out at any time by replying STOP to any message. We will cease all non-essential SMS communications to your number.

For urgent account or security-related SMS messages, we may still contact you regardless of SMS opt-out.

11. Cross-Border Data Transfers

Some of our third-party service providers (Anthropic, Stripe, Twilio, Resend, Vercel) are based in the United States. By using QuickReply, you consent to the transfer of your data to these providers under the protections described in this policy. We only use providers who maintain industry-standard data protection practices.

12. Changes to This Policy

We may update this policy from time to time. When we do, we'll update the “Last updated” date at the top. For significant changes, we'll notify active account holders by email. Continued use of the platform after changes constitutes acceptance of the updated policy.

13. Contact Us

For any privacy-related questions, requests, or complaints:

QuickReply Pty Ltd

Melbourne, Victoria, Australia

Email: hello@quickreply.com.au

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).