Last updated: 6 May 2026
SiteComply (“we”, “us”, “our”) operates the SiteComply platform at sitecomply.au. We provide WHS document compilation tools for the Australian construction industry. For privacy enquiries contact privacy@sitecomply.au.
We collect personal information that is reasonably necessary to provide the service:
Account information
Name, email address, and authentication credentials collected at sign-up via our identity provider (Clerk). For team/organisation accounts: organisation name and role.
Document and sign-off data
WHS documents you compile on the platform, including job descriptions, site addresses, hazard and control information, and competent-person sign-off records (name, role, optional licence number, IP address, timestamp).
Worker and subcontractor records
Names, contact details, trade licence numbers, and insurance expiry dates for subcontractors and workers you add to the platform.
Usage and technical data
IP addresses, browser type, access times, and pages visited — collected automatically for security, fraud prevention, and service improvement.
We use personal information to:
We do not use your information for direct marketing without your explicit consent. We do not sell personal information to third parties.
All personal data and document data collected by SiteComply is stored in Australia. Our infrastructure uses AWS Sydney region (ap-southeast-2) via Supabase, ensuring your data does not leave Australia in ordinary operation.
Transactional emails are sent via Resend, which may process email metadata on servers outside Australia solely for the purpose of email delivery. No document content is transmitted to Resend.
Authentication is provided by Clerk, which may store authentication tokens on infrastructure outside Australia. Authentication data is limited to login credentials and session tokens — no WHS document content is held by Clerk.
We disclose personal information to third parties only as necessary to provide the service or as required by law:
We do not disclose personal information to government agencies except where required by law (e.g., a valid legal request or court order).
WHS compliance documents, audit logs, and sign-off records are retained for 7 years from the date of creation, in line with Australian WHS records retention requirements and the model WHS Regulations. This retention period is set per document and cannot be shortened by account deletion during the retention window.
Account information and subcontractor/worker records are retained for the life of the account plus 12 months after account closure, after which they are permanently deleted unless a longer retention period is required by law.
You may request a full export of your data at any time. Contact privacy@sitecomply.au.
When you use SiteComply under an organisation account, your documents, sign-off records, and activity data are accessible to administrators of that organisation. If you are an individual user invited into an organisation by a principal contractor or employer, that organisation's administrator can view documents you compile and sign while operating under their account.
Organisation data is logically separated per organisation. One organisation cannot access another organisation's data.
We implement reasonable technical and organisational security measures including encrypted data storage (AES-256 at rest), TLS in transit, role-based access control, and audit logging of all document operations. Despite these measures, no system can guarantee absolute security. In the event of a data breach affecting your personal information, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme.
The platform uses session cookies required for authentication. We do not use advertising cookies or third-party tracking pixels. Anonymous analytics may be collected to measure feature usage — this data is aggregated and does not identify individual users.
Under the Australian Privacy Act 1988 you have the right to:
To exercise any of these rights, contact privacy@sitecomply.au. We will respond within 30 days. If you are unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
We may update this policy from time to time. Material changes will be notified by email to registered account holders at least 14 days before taking effect. The “Last updated” date at the top of this page reflects the most recent revision.
Privacy Officer, SiteComply — privacy@sitecomply.au