Privacy Policy

Effective date: March 11, 2026
Last updated: March 11, 2026 

HowsWork is a workplace platform for tracking and responding to psychosocial safety concerns. We collect only what we need, we protect what we collect, and we never sell your data.

This policy covers both employees using HowsWork through their employer, and employers (administrators) managing the platform.

1. Who we are

HowsWork Pty Ltd (ACN 682 840 884) is the data controller for this service.
Questions? Contact us at: legal@howswork.app

2. What we collect

From employees

When you submit an anonymous check-in or concern, we may collect:

  • Your sentiment rating and any psychosocial hazard tags you select
  • A written description of your concern, if you choose to provide one
  • Whether you've attributed a check-in to a team (optional)

About your identity: Your employer provides us with your work email address or phone number solely to deliver a rotating check-in PIN. Once the PIN is issued, your contact details are not linked to your check-in responses. We never connect your name or contact information to what you submit.

From administrators

When you set up and manage a HowsWork account, we collect:

  • Your name and work email address
  • Organisation details (name, size, timezone)
  • Billing information (handled securely via our payment provider)
  • Usage data such as which features you access and when

3. How we use your data

We use employee data to:

  • Aggregate anonymous check-in results for employer reporting
  • Flag patterns or threshold breaches that may require an employer's attention
  • Improve the accuracy and relevance of the platform

We use administrator data to:

  • Operate and deliver the HowsWork service
  • Send you account notifications and product updates
  • Provide customer support
  • Meet our legal and regulatory obligations

4. Anonymity

Employee check-ins are anonymous by design. The PIN-based identifier is a rotating code, it cannot be reverse-engineered to identify you. Employers see only aggregated data unless you explicitly choose to submit a named concern.

We take this seriously. Anonymity is the foundation of honest reporting.

5. Who we share data with

We do not sell your data. We may share data with:

  • Infrastructure providers (e.g. Supabase for database hosting, Resend for email, Twilio for SMS), only to the extent needed to operate the service
  • Your employer, aggregated and anonymous employee data only, unless you submit a named concern
  • Law enforcement or regulators, if required by law
  • AI processing providers (e.g. OpenAI), used to generate privacy-preserving summaries of concern text

All third-party providers are bound by data processing agreements and are required to protect your data.

6. Where your data is stored

HowsWork stores data in Australia (Asia Pacific – Sydney region). If you are accessing the platform from outside Australia, please be aware that your data will be transferred to and stored in Australia.

7. How long we keep your data

  • Employee check-in data: retained for the duration of your employer's active subscription, then deleted within 90 days of account closure
  • Administrator account data: retained for the duration of the subscription
  • You can request deletion of your data at any time (see Section 9)

8. Security

We use industry-standard security measures including:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Row-level security on our database
  • Access controls limiting who within HowsWork can view data

No system is perfectly secure. If we become aware of a breach affecting your data, we will notify you in accordance with Australian Privacy Act requirements.

9. Your rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data
  • Complain about how we've handled your data

To exercise any of these rights, email legal@howswork.app. We will respond within 30 days.

If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

10. Cookies

HowsWork uses cookies and similar technologies to keep you logged in, remember your preferences, and understand how the platform is being used. We do not use cookies for advertising.

11. Changes to this policy

If we make material changes to this policy, we'll notify administrators by email at least 14 days before the changes take effect. The current version will always be available here at https://articles.howswork.app/privacy.

12. Contact

HowsWork Pty Ltd
ACN 682 840 884
legal@howswork.app
howswork.app