Last updated: April 2026
Our privacy promise
Your data is yours. We process as much as possible on your device, we never sell your personal information, and we only collect what we genuinely need. We comply with the Australian Privacy Act 1988 and all 13 Australian Privacy Principles (APPs).
Vista Innovation Pty Ltd · ABN 66 677 984 388 operates the WeekRun website and app (the Services) in Australia.
If you have questions about this policy or your personal information, contact us using the details under Contact Us below.
We only collect information that is reasonably necessary to provide our services. We follow the principle of data minimisation — if we don't need it, we don't collect it.
Information you provide: Name, email address, country, and postcode when you create an account. Energy bill amounts and billing periods when you use the Energy Scanner. Grocery preferences when you use the Grocery X-Ray.
Information processed locally: Your energy bill data and grocery comparisons are processed on your device (client-side) wherever possible. This data is NOT sent to our servers unless you explicitly choose to save it.
Information we DO NOT collect: Bank account details, credit card numbers (payments processed by Stripe), passwords (we use secure authentication providers), photos of your bills (OCR processing happens on-device), precise GPS location.
We use your information ONLY for the purposes you'd reasonably expect:
To provide our services: Comparing energy plans for your usage, generating grocery price comparisons, creating your weekly Life Lens report, showing free activities near your area.
To improve the app: Anonymised, aggregated usage analytics (e.g., which features are most popular). We NEVER sell individual user data to third parties.
To communicate with you: Service updates, security alerts, and weekly insights (which you can disable at any time).
We will NEVER use your data for purposes you haven't consented to. We will NEVER sell your personal information to advertisers, data brokers, or any third party.
Local-first architecture: Wherever possible, your data stays on your device. Energy bill calculations, grocery comparisons, and Life Lens insights are computed client-side.
When data is stored on our servers: Account information (name, email, country) is stored in encrypted databases hosted in Australia (Sydney region). All data is encrypted at rest (AES-256) and in transit (TLS 1.3).
Security measures: All connections use HTTPS with HSTS. Content Security Policy headers prevent XSS attacks. Rate limiting prevents brute force attacks. Input validation on all user-submitted data. Regular security audits and penetration testing. No sensitive data in URL parameters or logs.
Data breach protocol: In the unlikely event of a data breach, we will notify affected users within 72 hours and report to the OAIC as required under the Notifiable Data Breaches scheme.
WeekRun uses automated technology in the following ways:
Grocery price comparisons: Automated comparison of product prices across retailers. This helps you find cheaper options but does not make purchasing decisions for you.
Energy plan matching: Automated matching of your usage profile against available energy plans. You always choose whether to switch — we never switch on your behalf without explicit consent.
CARE nudges and Life Lens insights: AI-generated observations about your spending patterns, activity levels, and wellbeing indicators. These are informational prompts, not decisions. They do not restrict your access to any service.
No automated decisions that significantly affect your rights: We do not use automated technology to approve/deny accounts, determine pricing based on personal characteristics, or make any binding decisions about your finances.
You can request a human review of any automated output by contacting our support team.
Under the Australian Privacy Act, you have the right to:
Access your data (APP 12): Request a copy of all personal information we hold about you. We will respond within 30 days.
Correct your data (APP 13): Request correction of any inaccurate personal information. We will action corrections within 30 days.
Delete your data: Request deletion of your account and all associated data. We will delete your data within 14 days of your request.
Export your data: Download all your data in a standard format (JSON/CSV).
Opt out of communications: Unsubscribe from any non-essential communications at any time via your account settings or any email footer.
Complain: If you believe we have breached the Privacy Act, you can lodge a complaint with us at privacy@weekrun.com.au or with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
Active accounts: We retain your data for as long as your account is active.
Inactive accounts: If your account is inactive for 24 months, we will notify you and delete your data within 30 days unless you reactivate.
Deleted accounts: When you delete your account, all personal data is permanently removed within 14 days. Anonymised, aggregated data (which cannot identify you) may be retained for service improvement.
Legal obligations: We may retain certain data where required by Australian law (e.g., financial records for ATO compliance).
WeekRun is designed for adults (18+) managing household finances. We do not knowingly collect personal information from children under 18.
The Family plan features (family time tracking, screen-free ideas) are designed to be managed by an adult parent or guardian.
If we discover we have collected data from a person under 18 without parental consent, we will delete it immediately.
Privacy Officer: privacy@weekrun.com.au
Entity: Vista Innovation Pty Ltd (WeekRun)
ABN: 66 677 984 388
Registered office: L2, 11 York Street, Sydney 2000 NSW
OAIC: www.oaic.gov.au