We collect only what the door requires.

1 · What we collect

• Your email address, to relay the APG attestation.
• The payment method and reference / transaction id you provide.
• Standard server logs (IP, timestamp, user-agent) for security and abuse prevention.

2 · What we do not collect

• No advertising trackers, no third-party analytics, no social pixels.
• No card numbers — payment is settled outside the site, on the rails you choose.
• No biometric, location, or device-fingerprint data beyond standard logs.

3 · How we use it

Your email and payment reference are used solely to verify settlement and dispatch the APG key. They are not sold, rented, or shared with marketing partners.

4 · Retention

Records are kept for the period required by Australian tax and consumer law (typically 5 years), then destroyed.

5 · Your rights

You may request access, correction, or deletion of your data by writing to grant.womersley211@gmail.com. Deletion requests are honoured unless retention is legally required.

6 · Controller

Grant Brodie Womersley · 13 Centre Way, Belair SA 5052, Australia.