Whoopa

Privacy Policy

Whoopa is committed to protecting your privacy. This policy explains how we collect, use, store, and disclose your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Last updated: June 2026

1. Who we are

Whoopa ("we", "us", "our") operates the online booking platform available at whoopa.au, my.whoopa.au and app.whoopa.au. We are the data controller for personal information collected through our services.

For privacy enquiries, contact us at contacts@whoopa.au.

2. What information we collect

We collect two categories of personal information:

Business account holders

  • Full name, email address, and phone number
  • Business name, ABN, address, and website
  • Billing and payment information (processed by Stripe — we do not store card details)
  • Profile photos uploaded to your account
  • Usage data such as bookings created, services configured, and login history

Clients (end-users booking through a Whoopa form)

  • Name, email address, and phone number
  • Appointment history and booking preferences
  • Any notes or information entered at the time of booking

3. How we collect it

We collect information directly from you when you register an account, configure your booking form, make or receive a booking, contact our support team, or use our platform. We may also collect limited technical data automatically (IP address, browser type, device information) through standard server logs and analytics.

4. Why we collect it

We use your personal information to:

  • Provide, operate, and improve the Whoopa platform
  • Send booking confirmations, reminders, and cancellation notifications via email and SMS
  • Process subscription payments and SMS credit purchases
  • Respond to support requests and account enquiries
  • Comply with our legal obligations
  • Detect and prevent fraud or misuse of our services

We do not use your personal information for direct marketing without your consent.

5. Who we share information with

We share personal information only where necessary:

  • Stripe — for payment processing. Stripe's privacy policy applies to card data.
  • Mobile Message — to deliver SMS notifications on behalf of business accounts.
  • Email delivery providers — to send transactional emails.
  • Google — where you choose to connect your Google Calendar (see section 6).
  • Hosting and infrastructure providers — our platform is hosted on secure Australian or international cloud infrastructure.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Google Calendar integration

If you choose to connect your Google Calendar, Whoopa requests permission to view and manage the events on the calendar you select. We use the https://www.googleapis.com/auth/calendar.events scope solely to write your Whoopa bookings into that calendar and to keep them up to date — that is, to create, update, and remove calendar events that correspond to bookings made through Whoopa. We do not read, collect, or use any other events on your calendar.

To operate this feature we store the access and refresh tokens Google issues, the identifier of the calendar you connected, and the identifiers of the events we create. You can disconnect at any time from your Whoopa account settings; doing so revokes Whoopa's access with Google and deletes the stored connection.

Whoopa's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google Calendar data for advertising, do not sell it, and do not transfer or use it for any purpose other than providing and improving the calendar-sync feature described above.

7. How we store and protect it

Your data is stored on secure servers protected by industry-standard encryption (TLS in transit, encrypted at rest). Access to personal data is restricted to authorised personnel only. We retain account data for as long as your account is active and for a reasonable period thereafter for legal and operational purposes.

8. Your rights

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Complain about a breach of your privacy

To exercise these rights, email us at contacts@whoopa.au. We will respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

9. Cookies and tracking

We use essential cookies to maintain your login session. We may use analytics tools to understand how the platform is used in aggregate. We do not use advertising or tracking cookies.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified by email or by a prominent notice on our website. Continued use of Whoopa after changes take effect constitutes acceptance of the updated policy.