Privacy Policy
Last updated: 15 March 2026
This Privacy Policy is issued by Pavithra Kodmad (ABN 74 535 243 805), trading as Nodko ("we", "us", or "our"). We operate the Nodko mobile application and the getnodko.app website (together, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
We are committed to protecting your privacy in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. Information We Collect
Account Information
- Email address and display name — provided when you create an account via email/password, Google, or Apple Sign In.
- If you use Guest mode, no account information is collected. Guest data is stored locally on your device only.
House & Task Data
- House details you enter: name, address, and postcode.
- Maintenance tasks: title, description, due dates, vendor name, cost, ABN, and GST information.
- Service provider contacts you add.
Documents & Receipts
- Images of receipts and documents you upload or capture via camera.
- Text extracted from those images using OCR (optical character recognition).
Email Receipt Forwarding
You may forward receipts to your unique @receipts.getnodko.app address. These emails are processed server-side using Anthropic's Claude API (a US-based AI provider) to extract receipt data. The email content is sent to Anthropic for processing and is not retained by Anthropic after processing. We store the extracted data and the original email content to provide the Service. We do not read or use forwarded emails for any purpose other than receipt processing.
Device Permissions
We request the following permissions only when needed — you can decline or revoke them at any time in your device settings:
- Camera — to photograph receipts and documents.
- Photo Library — to select existing receipt images.
- Notifications — to send maintenance reminders.
We do not access your location, contacts, microphone, or Bluetooth.
Usage Analytics
We use Mixpanel (a US-based analytics provider) to collect de-identified usage analytics (e.g. screens visited, features used). You can opt out of analytics at any time in the app settings. No personal data is shared with Mixpanel when you opt out.
2. How We Use Your Information
- To provide, maintain, and improve the Service.
- To process receipts and documents you submit.
- To send maintenance reminders and notifications you've enabled.
- To manage your subscription and billing (via Apple App Store and RevenueCat).
- To understand how the Service is used and improve user experience (via opt-out analytics).
- To respond to support requests.
3. Third-Party Services
We share data with the following third-party services only as necessary to operate the Service:
| Service | Purpose | Data Shared | Location |
|---|---|---|---|
| Supabase | Cloud database & authentication | All account and app data | Australia |
| Anthropic | AI processing of forwarded email receipts | Email content for OCR/extraction | United States |
| RevenueCat | Subscription management | Anonymous user ID, purchase data | United States |
| Mixpanel | Analytics (opt-out) | De-identified usage events | United States |
| OAuth, Calendar sync, Places | Email (OAuth); calendar events (if enabled); address lookup | United States | |
| Apple | Sign In with Apple, App Store billing | User identifier, purchase data | United States |
We do not sell your personal information to any third party.
4. Cross-Border Data Disclosure
Your primary data is stored in Australia (via Supabase). However, some of your personal information may be disclosed to overseas recipients in the United States as outlined in the table above. Before disclosing personal information overseas, we take reasonable steps to ensure that the overseas recipient handles your information in accordance with the Australian Privacy Principles.
5. Data Storage, Security & Retention
Your data is stored on Supabase servers located in Australia. We use industry-standard encryption in transit (TLS) and at rest to protect your information. Access to production data is restricted to authorised personnel only.
We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account, your data is permanently removed from our active systems. Residual copies in encrypted backups are purged within 30 days of deletion.
If we become aware of a data breach that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme.
6. Your Rights
Under the Australian Privacy Principles, you have the right to:
- Access your personal data — available via the data export feature in the app, or by contacting us.
- Correct inaccurate personal information — you can edit your details in the app, or contact us to request a correction.
- Delete your account and all associated data — available in the app under account settings.
- Opt out of analytics — available in the app settings.
- Withdraw consent for any device permissions at any time via your device settings.
Account deletion is permanent. When you delete your account, all your data — including houses, tasks, receipts, and documents — is permanently removed from our active servers.
We will respond to access and correction requests within 30 days.
7. Cookies
The Nodko mobile app does not use cookies. The getnodko.app website may use essential cookies for site functionality and analytics cookies (via Vercel Analytics). No advertising or tracking cookies are used.
8. Children's Privacy
The Service is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will also notify you via email or in-app notification. Your continued use of the Service after changes constitutes acceptance of the updated policy.
10. Complaints
If you have a complaint about how we handle your personal information, please contact us at privacy@getnodko.app. We will respond within 30 days.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
- Website: www.oaic.gov.au
- Phone: 1300 363 992
11. Contact Us
If you have any questions about this Privacy Policy or your personal data, please contact us at: