Data Protection
Your privacy is important to us. Learn how we collect, use, and protect your information.
This Privacy Policy explains how MyMAClub collects, uses, stores and discloses personal information for Australian hospitality businesses using our web dashboard and apps.
We may collect business registration details, owner and manager contact details, ABN information, venue settings, staff records, payroll and roster information, visa and work-rights information, payslip and leave data, customer loyalty details, phone numbers, email addresses, order history, rewards activity, product images, operational logs, device identifiers, printer and terminal settings, support messages and app usage data.
Subscription billing is processed by Stripe or another approved provider. MyMAClub does not store raw card numbers. The platform may store transaction references, payment statuses, accounting mappings, BAS/GST summaries, expenses, purchases and export records.
When AI or voice features are used, relevant prompts, context, audio streams or transcripts may be processed through MyMAClub relays and approved AI providers such as Google Gemini or OpenAI. Raw voice audio is intended to be processed for immediate service delivery and not retained as a permanent recording by MyMAClub unless a future feature clearly states otherwise.
We use information to provide the platform, authenticate users and devices, process subscriptions, manage venues, route orders, support loyalty, calculate operational reports, assist payroll and compliance workflows, provide support, improve reliability, protect against fraud and meet legal obligations.
We may disclose information to service providers that help deliver MyMAClub, including hosting, database, payment, accounting, AI, SMS/email, analytics, support, EFTPOS and security providers. Accounting, payment and AI integrations are only used where enabled or required to provide the requested service.
Although MyMAClub aims to use secure infrastructure appropriate for Australian businesses, some providers may process or store information outside Australia. We take reasonable steps to use reputable providers and appropriate safeguards.
If loyalty, rewards or marketing messages are sent through MyMAClub, venues must ensure they have consent where required, identify the sender and provide a functional unsubscribe option for commercial electronic messages.
We use reasonable technical and organisational safeguards, including encrypted transport, password hashing, access controls and token isolation. Some records must be retained for legal, tax, payroll, accounting, audit, security or dispute purposes, even if an account is closed.
You may request access to or correction of personal information we hold. Deletion requests are assessed against operational, legal, payroll, tax, accounting and security retention obligations.
If a data breach involving personal information is likely to result in serious harm and the Privacy Act applies, we will take steps required under the Notifiable Data Breaches scheme, including notifying affected individuals and the OAIC where required.
Privacy questions and requests can be sent to support@myma.club.